Firewalls

Firewall and network security technology are no longer an optional piece of campus network technology. The good news is the growing sophistication of the threat is having a direct impact on the creativity and scope of the technology coming out of the labs. Here’s a sample of recent network protection technologies that range from spot solutions to integrated solutions to internal solutions to architectural solutions.

Check Point Technologies InterSpect
With its recent security offering, Check Point Software Technologies takes an inside-out approach. Check Point’s InterSpect is what the company is calling the first complete “internal” security solution, meaning that
it provides security for safeguarding networks from damaging attacks
that are introduced inside the
network.

Organizations may defend against cyber attacks, only to have the network become infected again as soon as one of its “road warriors” returns to the office and reconnects their laptop. An example of an attack that propagated among users of the network after being introduced by an internal source includes the Blaster worm that caused an excess of $500 million in damages.

The InterSpect system is a security appliance designed to be deployed inside enterprise networks.
InterSpect blocks the spread of worms and attacks inside the network through Check Point Stateful Inspection and Application Intelligence. The technologies segment the internal network into organizational security zones to contain a potential attack and minimize unrestricted employee access. In doing so it quarantines suspicious computers and isolates attacks.

Contact: Opsec, Redwood City, CA; (800) 429-4391; www.opsec.com.

Internet Security Systems Proventia
ISS takes yet another approach—security integration via the enterprise architecture. ISS’s Proventia Unified Protection Architecture (UPA) is a network security architecture that unifies all protection technologies into a single engine that enables protection across all Proventia gateway, network, server, and desktop products.

The UPA is designed to integrate the following security technologies: firewall, VPN, antivirus, intrusion detection, content filtering, anti-SPAM, and application protection. The UPA also unifies common management functions like command and control, discovery, visualization, correlation, deployment, reporting, and workflow analysis. Stand-alone security devices all have their own separate management console, requiring multiple resources to manage all of these functions.

The Proventia UPA is supported by synchronous deep traffic inspection that performs packet inspection functions all at once, rather than sequentially, to open, analyze/detect, block/allow, reassemble, route, and log packets. This single process removes the redundancy of stand-alone network security products, which conduct similar
packet examination functions separately.

The UPA Architecture provides multi-layered network security from a single protection engine. Proventia protects at the gateway, network, server, and desktop and is managed centrally by SiteProtector. Therefore, enterprises only have one product to acquire, certify, test, install, manage, and update across their entire network infrastructure, greatly simplifying security.

Contact: ISS, Atlanta, GA; (800) 776-2362; www.iss.net.

Lucent Technologies
Virtual Private Network
Data security and virtual private network (VPN) technology is no longer a “nice-to-have.” It's a requirement. Yet the daily news reports tell the story: denial-of-service attacks, hacker intrusions, crippling viruses, database penetrations, alteration of financial records, Web site tampering, and certification advisories.

Lucent, the former Bell Labs, offers a broad portfolio of security technology, including Security Consulting Services to help plan, design, implement, and support the security services. Other features include the VPN Firewall Brick family; Lucent Security Management Server, and PISec Client. Besides the technology, Lucent offers the experience and skills it takes to integrate security technology into your existing infrastructure, maximize ROI, and create world-class security solutions.

Contact: Lucent Technologies, Murray Hill, NJ; (908) 508-8080; www.lucent.com/security.

Sygate Security Portal
Sygate Technologies makes enterprise-level security tools. Its latest technology, the Sygate Security Portal, is software that extends an organization’s security polices to external or remote workgroups and devices controlled by third- party suppliers and contractors.

The company’s flagship product is Sygate Secure Enterprise, which protects enterprise networks by preventing unsafe end user behavior and eliminating unauthorized devices. With SSP, organizations can extend security to non-corporate-owned equipment by verifying the security integrity of a device, creating an encrypted virtual desktop environment, and then erasing the data from the system upon termination of the session.

The Security Portal creates a downloadable plug-in, called Sygate Virtual Security Agent (SVSA), that works with existing Web applications to determine whether the device is corporate-owned and or non-corporate owned. SVSA then ensures that non-corporate owned devices accessing the systems are compliant with corporate security policy, eliminating the potential for them to be exploited as a back door for hackers, trojans or worms.

Contact: Sygate, Fremont, CA; (866) 308-8899; www.sygate.com.

Symantec Firewall/VPN Appliance
Another all-in-one security approach comes from Symantec, whose Firewall/VPN Appliance provides secure Internet connectivity between locations. In widespread and often remote campus architectures, the Firewall/VPN Appliance can create a high-speed local network that enables secure access and interaction via the Internet.

The appliance offers offices or departments with up to 40 employees a turnkey solution for securing outbound and inbound Web, e-mail, FTP traffic, and more. For larger, dispersed organizations, it offers a solution for extending firewall protection and gateway-to-gateway VPN access to satellite offices and branch locations and a remote client-to-gateway VPN for traveling users.

A built-in 10/100Mbps Auto-Sense switch simplifies system set up, and provides a plug-and-play LAN for office PCs and printers with no additional devices required to connect networking-enabled systems. To ensure continuous connectivity, the security appliance features an automatic backup that enables dial-up connections using an external modem in the event of broadband ISP service disruption. In addition, IP address sharing, IPSec passthrough, and VPN tunneling enable it to be adapted to changing requirements.

Symantec says its Firewall/VPN appliance allows organizations to bypass many capital outlays such as the need to lease expensive dedicated lines and the necessity of maintaining remote access servers and large modem pools.

Contact: Symantec, Cupertino, CA; (408) 517-8000; www.symantec.com.

Teros Secure Application Gateway
Teros identifies itself as a company that secures Web infrastructures from application-level attacks. That means that its defense is not focused on the attack signature but instead on aberrations in correct application behavior. Its Secure Application Gateways are security appliances that are deployed directly in the data path of Web traffic to block attacks that are not detected by network-based firewalls and intrusion detection systems.

Teros Gateways analyze all bi-directional traffic,including SSL-encrypted communications, to secure application environments. In addition, Teros Gateways protect personal data and prevent identity theft by blocking private information such as credit card, social security, and account numbers before they can leak out of a Web application.

The company’s latest offering is Safe Object, a new module for Secure Application Gateway that prevents sensitive data from leaving a Web application.

Contact: Teros; (408) 850-0800; www.teros.com.

WatchGuard Technologies Firebox X
The watchword in firewalls is integrated security. WatchGuard’s Firebox X is designed for organizations that require the same level of network protection as large enterprises but do not have the budgets for multipoint, differentiated security services. The company has a history of addressing the security needs of small and medium-sized enterprises and distributed organizations. It might be a fit for campuses that are growing rapidly and having difficulty keeping up with the expanding variety and sophistication of threats with limited budget, time, and resources.

In contrast to integrated solutions combining older complex technologies that may have been acquired via acquisition or licensing, the Firebox X was built from the ground up to be multifunctional. It has an extensible architecture that allows the new capabilities to be added quickly and easily as the need arises.

Firebox X features WatchGuard’s Intelligent Layered Security (ILS), which incorporates intrusion prevention that inspects and blocks traffic at the application layer. Each appliance features six Ethernet ports, enabling the Firebox X to serve as a perimeter security device and an interdepartmental firewall with an optional three-port upgrade. By segmenting users and devices on the network and enforcing different security policies, organizations can protect against attacks originating from both internal and external sources. The hard drive bay on each appliance provides additional storage that can be leveraged for future functionality such as anti-virus quarantining or on-board logging.

Contact: Watchguard, Seattle, WA: (800) 734-9905; www.watchguard.com.

Featured