Firewalls
Firewall and network security technology are no longer an optional piece of
campus network technology. The good news is the growing sophistication of the
threat is having a direct impact on the creativity and scope of the technology
coming out of the labs. Here’s a sample of recent network protection technologies
that range from spot solutions to integrated solutions to internal solutions
to architectural solutions.
Check Point Technologies InterSpect
With its recent security offering, Check Point Software Technologies takes an
inside-out approach. Check Point’s InterSpect is what the company is calling
the first complete “internal” security solution, meaning that
it provides security for safeguarding networks from damaging attacks
that are introduced inside the
network.
Organizations may defend against cyber attacks, only to have the network become
infected again as soon as one of its “road warriors” returns to
the office and reconnects their laptop. An example of an attack that propagated
among users of the network after being introduced by an internal source includes
the Blaster worm that caused an excess of $500 million in damages.
The InterSpect system is a security appliance designed to be deployed inside
enterprise networks.
InterSpect blocks the spread of worms and attacks inside the network through
Check Point Stateful Inspection and Application Intelligence. The technologies
segment the internal network into organizational security zones to contain a
potential attack and minimize unrestricted employee access. In doing so it quarantines
suspicious computers and isolates attacks.
Contact: Opsec, Redwood City, CA; (800) 429-4391; www.opsec.com.
Internet Security Systems Proventia
ISS takes yet another approach—security integration via the enterprise
architecture. ISS’s Proventia Unified Protection Architecture (UPA) is
a network security architecture that unifies all protection technologies into
a single engine that enables protection across all Proventia gateway, network,
server, and desktop products.
The UPA is designed to integrate the following security technologies: firewall,
VPN, antivirus, intrusion detection, content filtering, anti-SPAM, and application
protection. The UPA also unifies common management functions like command and
control, discovery, visualization, correlation, deployment, reporting, and workflow
analysis. Stand-alone security devices all have their own separate management
console, requiring multiple resources to manage all of these functions.
The Proventia UPA is supported by synchronous deep traffic inspection that
performs packet inspection functions all at once, rather than sequentially,
to open, analyze/detect, block/allow, reassemble, route, and log packets. This
single process removes the redundancy of stand-alone network security products,
which conduct similar
packet examination functions separately.
The UPA Architecture provides multi-layered network security from a single
protection engine. Proventia protects at the gateway, network, server, and desktop
and is managed centrally by SiteProtector. Therefore, enterprises only have
one product to acquire, certify, test, install, manage, and update across their
entire network infrastructure, greatly simplifying security.
Contact: ISS, Atlanta, GA; (800) 776-2362; www.iss.net.
Lucent Technologies
Virtual Private Network
Data security and virtual private network (VPN) technology is no longer a “nice-to-have.”
It's a requirement. Yet the daily news reports tell the story: denial-of-service
attacks, hacker intrusions, crippling viruses, database penetrations, alteration
of financial records, Web site tampering, and certification advisories.
Lucent, the former Bell Labs, offers a broad portfolio of security technology,
including Security Consulting Services to help plan, design, implement, and
support the security services. Other features include the VPN Firewall Brick
family; Lucent Security Management Server, and PISec Client. Besides the technology,
Lucent offers the experience and skills it takes to integrate security technology
into your existing infrastructure, maximize ROI, and create world-class security
solutions.
Contact: Lucent Technologies, Murray Hill, NJ; (908) 508-8080;
www.lucent.com/security.
Sygate Security Portal
Sygate Technologies makes enterprise-level security tools. Its latest technology,
the Sygate Security Portal, is software that extends an organization’s
security polices to external or remote workgroups and devices controlled by
third- party suppliers and contractors.
The company’s flagship product is Sygate Secure Enterprise, which protects
enterprise networks by preventing unsafe end user behavior and eliminating unauthorized
devices. With SSP, organizations can extend security to non-corporate-owned
equipment by verifying the security integrity of a device, creating an encrypted
virtual desktop environment, and then erasing the data from the system upon
termination of the session.
The Security Portal creates a downloadable plug-in, called Sygate Virtual Security
Agent (SVSA), that works with existing Web applications to determine whether
the device is corporate-owned and or non-corporate owned. SVSA then ensures
that non-corporate owned devices accessing the systems are compliant with corporate
security policy, eliminating the potential for them to be exploited as a back
door for hackers, trojans or worms.
Contact: Sygate, Fremont, CA; (866) 308-8899; www.sygate.com.
Symantec Firewall/VPN Appliance
Another all-in-one security approach comes from Symantec, whose Firewall/VPN
Appliance provides secure Internet connectivity between locations. In widespread
and often remote campus architectures, the Firewall/VPN Appliance can create
a high-speed local network that enables secure access and interaction via the
Internet.
The appliance offers offices or departments with up to 40 employees a turnkey
solution for securing outbound and inbound Web, e-mail, FTP traffic, and more.
For larger, dispersed organizations, it offers a solution for extending firewall
protection and gateway-to-gateway VPN access to satellite offices and branch
locations and a remote client-to-gateway VPN for traveling users.
A built-in 10/100Mbps Auto-Sense switch simplifies system set up, and provides
a plug-and-play LAN for office PCs and printers with no additional devices required
to connect networking-enabled systems. To ensure continuous connectivity, the
security appliance features an automatic backup that enables dial-up connections
using an external modem in the event of broadband ISP service disruption. In
addition, IP address sharing, IPSec passthrough, and VPN tunneling enable it
to be adapted to changing requirements.
Symantec says its Firewall/VPN appliance allows organizations to bypass many
capital outlays such as the need to lease expensive dedicated lines and the
necessity of maintaining remote access servers and large modem pools.
Contact: Symantec, Cupertino, CA; (408) 517-8000; www.symantec.com.
Teros Secure Application Gateway
Teros identifies itself as a company that secures Web infrastructures from application-level
attacks. That means that its defense is not focused on the attack signature
but instead on aberrations in correct application behavior. Its Secure Application
Gateways are security appliances that are deployed directly in the data path
of Web traffic to block attacks that are not detected by network-based firewalls
and intrusion detection systems.
Teros Gateways analyze all bi-directional traffic,including SSL-encrypted communications,
to secure application environments. In addition, Teros Gateways protect personal
data and prevent identity theft by blocking private information such as credit
card, social security, and account numbers before they can leak out of a Web
application.
The company’s latest offering is Safe Object, a new module for Secure
Application Gateway that prevents sensitive data from leaving a Web application.
Contact: Teros; (408) 850-0800; www.teros.com.
WatchGuard Technologies Firebox X
The watchword in firewalls is integrated security. WatchGuard’s Firebox
X is designed for organizations that require the same level of network protection
as large enterprises but do not have the budgets for multipoint, differentiated
security services. The company has a history of addressing the security needs
of small and medium-sized enterprises and distributed organizations. It might
be a fit for campuses that are growing rapidly and having difficulty keeping
up with the expanding variety and sophistication of threats with limited budget,
time, and resources.
In contrast to integrated solutions combining older complex technologies that
may have been acquired via acquisition or licensing, the Firebox X was built
from the ground up to be multifunctional. It has an extensible architecture
that allows the new capabilities to be added quickly and easily as the need
arises.
Firebox X features WatchGuard’s Intelligent Layered Security (ILS), which
incorporates intrusion prevention that inspects and blocks traffic at the application
layer. Each appliance features six Ethernet ports, enabling the Firebox X to
serve as a perimeter security device and an interdepartmental firewall with
an optional three-port upgrade. By segmenting users and devices on the network
and enforcing different security policies, organizations can protect against
attacks originating from both internal and external sources. The hard drive
bay on each appliance provides additional storage that can be leveraged for
future functionality such as anti-virus quarantining or on-board logging.
Contact: Watchguard, Seattle, WA: (800) 734-9905; www.watchguard.com.
