Open Menu Close Menu

Blended Threats Demand Integrated Defenses

The trend in the technology of firewalls, naturally enough, follows innovations in the threat. So when the hacker community began hitting the Internet with what are being called “blended” threats—an amalgam of virus, worm, Trojan Horse, and other malicious code—security developers followed suit. The result has been the emergence of security in a box—integrated solutions that combine multiple layers of defense and response mechanisms.

The latest firewall offering from Symantec Corp., a developer of the Internet security technologies, is a good example of this strategy. The company’s Gateway Security 5400 Series is a line of firewall appliances that offers protection against various types of threats, including blended threats such as Blaster, Slammer, and Sobig. Through the path of integration, the solution reduces network security costs and provides gateway-level protection
by integrating full-inspection firewall, intrusion prevention, intrusion detection, antivirus, content filtering, virtual private networking (VPN), and anti-SPAM technology in a single device.

The Symantec Gateway 5400 Series also centralizes policy configuration management via Advanced Manager, a plug-in for Symantec Enterprise Security Architecture. The Advanced Manager provides secure and centralized Web-based management of hundreds or even thousands of appliances. Although centralized logging, alerting, and reporting is available, these appliances can also be managed individually with the included secure, Web-based Symantec Gateway Management Interface.

The company offers three models of the 5400 Series, varying in performance and scalability. With the addition of high availability, load balancing, and state sharing, clusters of appliances can be configured to support the needs of sites ranging from small office environments to campus-size networks. “It’s an ideal solution for campus networks because of its central manageability and the option that it affords to administrators to use only the security features needed at any one location,” according to Symantec spokesman David Forstrom.

A number of high-availability options are also available which include a hot standby—where a second system follows the transactions of the primary system and takes over when the primary fails; or active high availability—where a cluster of systems operate and share the load. The appliances are also flexible enough to operate within current network environments as part of an overall multi-tier, multi-platform security plan.

Symantec offers its Gateway security customers “Security Response” services, a team of intrusion experts, security engineers, virus hunters, threat analysts, and global technical support teams that work in tandem to provide extensive coverage for enterprise businesses. Symantec Security Response also leverages sophisticated threat and early warning systems to help guard against blended Internet threats.

The Gateway Security Appliance 5400 Series is offered in three models (5420, 5440, and 5460) in order to accommodate varying performance needs. The flexible licensing enables customers to get the license size and security functions that best meet their corporate needs, the company says. Customers also receive up to one year of telephone support, advanced replacement, upgrade insurance, and content updates included with the licenses.

comments powered by Disqus