Product Roundup: Network Security Solutions Keep Pace

There are as many ways to manage network security as there are types of Internet interlopers. So we've surveyed a range of the latest products, from quantum mechanics-based encryption to dedicated, secure "vaults."

Intrusion Detection
The IntruShield intrusion detection system (IDS) from IntruVert Networks Inc. enables highly accurate network attack detection and prevention at up to 2 Gbps. The system features comprehensive, real-time intelligent detection of known, first-strike, and denial-of-service attacks, using a combination of signature, anomaly, and denial-of-service detection techniques.

When deployed in-line, the IntruShield sensor appliances are capable of handling deep-packet inspections, from several hundred Mbps up to 2 Gbps.

The IntruShield Security Management system is a centralized, easy-to-use, graphical Web-based management system that provides flexible environment configuration, security policy management, forensic analysis, and response management while reducing overall administrative costs.

The IntruShield IDS was winner of the Network World Blue Ribbon Award, and received perfect scores in both the Neohapsis and NSS tests, a first in the intrusion detection market.

Contact: IntruVert Networks Inc., San Jose, Calif.; (408) 434-8300; www.intruvert.com.

Active Intrusion Response
If your school's IT department needs a product that not only detects intruders but attempts to defeat them right away, then devices called Intrusion Prevention Systems (IPSes) may be for you. An IPS actually sits in-line on the network, monitoring all inbound and outbound traffic. Without affecting network performance, the IPS screens all traffic and drops malicious packets on-the-fly, thwarting attacks before they reach their targets.

Top Layer Networks Inc.'s Attack Mitigator IPS is a family of ASIC-based intrusion prevention solutions with precision blocking and control against the most prevalent types of cyber attacks. Hybrid attacks such as HTTP Worms, denial-of-service attacks, protocol and traffic anomalies, IP spoofing, and flood attacks are accurately detected, and stopped in real time.

A network security administrator has control over how the device will respond to detected attacks. Precise but flexible actions against blocking malicious and suspicious traffic include monitoring, alerting, limiting, and blocking.

Attack Mitigator IPS offers 100 megabit through multi-gigabit solutions for maximum performance.

Contact: Top Layer Networks Inc., Westboro, Mass.; (508) 870-1300; www.toplayer.com.

A Quantum Leap
Navajo, from MagiQ Technologies Inc., takes a different approach to encryption by securing communications with Quantum Key Distribution (QKD).

By encoding the encryption key photon by photon and having more than one piece of information on each photon, quantum mechanics guarantees that the act of an eavesdropper intercepting a photon, even just to observe or read, irretrievably changes that photon. As a result, any action by the eavesdropper, from copying to cloning a photon, or even reading more than one piece of information, automatically destroys the other piece of information.

This physics-based approach to encryption relies upon Heisenberg's Uncertainty Principle: An eavesdropper listening in on the key distribution channel will necessarily leave traces, and the more information the eavesdropper obtains, the greater the detectable disturbances. Consequently, the communicating parties can use part of their encryption key to determine the presence of an eavesdropper and only use the key if appropriate.

The use of continuous symmetrical quantum key regeneration and truly random numbers makes the data encryption absolutely secure.

Contact: MagiQ Technologies Inc., New York, N.Y.; (646) 638-1001; www.magiqtech.com.

Vault-Like Security
While most security solutions focus on solving discrete security problems by building walls of various kinds around the network perimeter, Cyber-Ark Software Ltd. has taken a fundamentally different approach: caching the most valuable assets within a securely protected "vault."

Cyber-Ark offers two highly integrated information security solutions for network environments within the enterprise: the Network Vault and the Inter-Business Vault.

Both offer the protection of multiple layers of integrated security, including VPN, firewall, authentication, access-control, and file encryption. Both are based on a client/server model, are deployed on dedicated, standard-computing platforms, and afford a wide variety of standard user interfaces.

The Vault is designed to complement, rather than replace, current investments made in perimeter-based products and in many cases it can eliminate the need to integrate disparate security, collaboration, and extranet products.

The Network Vault secures the enterprise's most critical and sensitive information (IT, HR, financial, and legal) in a safe haven, where it is completely immune from loss, corruption, and exposure, while being securely shared.

The Inter-Business Vault expands this concept by not only providing a safe haven, regardless of overall network security, but also adding the capability for information to be stored and shared securely over the Internet.

It enables customers, business partners, shareholders, and remote offices to transparently distribute, collect, transfer, and share files as if they were on the same network.

Contact: Cyber-Ark Software Ltd., Dedham, Mass.; (888) 808-9005; www.cyber-ark.com.

Five-in-One Solution
Symantec Gateway Security takes a comprehensive approach to gateway protection with a solution that combines five essential network security functions in a single appliance. The fully integrated rack-mountable unit protects against multi-faceted security threats with a combination of state-of-the-art firewall, anti-virus, Web content filtering, intrusion detection, and virtual private networking technologies.

Smart set-up wizards facilitate configuring the appliance out of the box in minutes to secure all information entering or leaving the network via the Internet gateway. As a true plug-and-protect solution, the appliance controls and monitors Web and e-mail threats, including worms, viruses, malicious code, intrusion attacks, and "blended" threats like Nimda and Code Red.

Through its common management console, administrators can configure and modify all security functions locally or remotely. Updates such as the latest virus definitions and intrusion attack signatures can be automatically deployed without administrative intervention via Symantec's LiveUpdate feature.

Symantec Gateway Security is a flexible solution for securing the gateway between the Internet and corporate networks or between network segments. For organizations that have already deployed a firewall, the appliance offers full compatibility with leading brands to provide a second level of protection against blended threats that firewalls alone cannot provide.

High availability and load balancing options are available to ensure optimum performance in high-volume networks.

Contact: Symantec Corp., Cupertino, Calif.; (408) 517-8000; www.symantec.com.

Featured