Blended Threats Demand Integrated Defenses
The trend in the technology of firewalls, naturally enough, follows innovations
in the threat. So when the hacker community began hitting the Internet with
what are being called “blended” threats—an amalgam of virus,
worm, Trojan Horse, and other malicious code—security developers followed
suit. The result has been the emergence of security in a box—integrated
solutions that combine multiple layers of defense and response mechanisms.
The latest firewall offering from Symantec Corp., a developer of the Internet
security technologies, is a good example of this strategy. The company’s
Gateway Security 5400 Series is a line of firewall appliances that offers protection
against various types of threats, including blended threats such as Blaster,
Slammer, and Sobig. Through the path of integration, the solution reduces network
security costs and provides gateway-level protection
by integrating full-inspection firewall, intrusion prevention, intrusion detection,
antivirus, content filtering, virtual private networking (VPN), and anti-SPAM
technology in a single device.
The Symantec Gateway 5400 Series also centralizes policy configuration management
via Advanced Manager, a plug-in for Symantec Enterprise Security Architecture.
The Advanced Manager provides secure and centralized Web-based management of
hundreds or even thousands of appliances. Although centralized logging, alerting,
and reporting is available, these appliances can also be managed individually
with the included secure, Web-based Symantec Gateway Management Interface.
The company offers three models of the 5400 Series, varying in performance
and scalability. With the addition of high availability, load balancing, and
state sharing, clusters of appliances can be configured to support the needs
of sites ranging from small office environments to campus-size networks. “It’s
an ideal solution for campus networks because of its central manageability and
the option that it affords to administrators to use only the security features
needed at any one location,” according to Symantec spokesman David Forstrom.
A number of high-availability options are also available which include a hot
standby—where a second system follows the transactions of the primary
system and takes over when the primary fails; or active high availability—where
a cluster of systems operate and share the load. The appliances are also flexible
enough to operate within current network environments as part of an overall
multi-tier, multi-platform security plan.
Symantec offers its Gateway security customers “Security Response”
services, a team of intrusion experts, security engineers, virus hunters, threat
analysts, and global technical support teams that work in tandem to provide
extensive coverage for enterprise businesses. Symantec Security Response also
leverages sophisticated threat and early warning systems to help guard against
blended Internet threats.
The Gateway Security Appliance 5400 Series is offered in three models (5420,
5440, and 5460) in order to accommodate varying performance needs. The flexible
licensing enables customers to get the license size and security functions that
best meet their corporate needs, the company says. Customers also receive up
to one year of telephone support, advanced replacement, upgrade insurance, and
content updates included with the licenses.