Review: Arkoon Network Security StormShield v6.x

By on
Review: Arkoon Network Security StormShield v6.x

StormShield is designed to enhance endpoint security through user control, system level security, data protection and network connectivity.

 

The components include device control, data encryption, application control, host-based intrusion prevention system (HIPS), firewall, wireless security, anti-virus/spyware, network device control and network access control (NAC). The SkyRecon-built security modules are fully integrated into a single client to ensure continuous zero-day protection and data leakage prevention without relying solely on signatures, reputation or rule updates. 

The installation consisted of loading the automated install package onto our test Windows 2003 server. The process took us through the software load of the server, the database setup and the console setup. The install loaded a copy of MS SQL Server 2005 Express. There was support for pointing the application to an existing MS SQL environment. The deployment and configuration process was straightforward. We were up and running in about a half hour. There were options for deploying slave servers for a fully redundant and fault-tolerant environment. We tested in a single server environment. 

StormShield uses a layered combination of enforceable policies, behavior- and signature-based protections. The rule protection works much like a firewall and allows the configuration of network and application device resource rules. There are templates available to use or users can create their own. The signature-based protections deliver intrusion detection system (IDS) and anti-virus-like capabilities. These are not highly configurable other than adjusting how the management console reacts to various level threats. The behavior-based protections looks much like host-based intrusion prevention. That is, they learn the profile of how applications behave and a profile is built off that behavior. 

The console is launched through the server application. The user interface looks similar to a Windows tool with treed navigation and information panes on the right. Admins do need to rely on the documentation to configure as there is some complexity in navigating the menus. 

The application control and host-based intrusion protection were done well. The encryption protection was granular and is available by user, whole disk, specific files or folders or for removable media. Control of devices, ports and network resources were all available. There were a handful of high-level reports available for server and workstation reporting. Also, there were a good amount of graphs available summarizing top five-style overviews for server and agent statistics. The logs were exportable to multiple formats. One can configure end-user alerting for various policy violations, but we didn't see any automated event alerting for the IT and security teams. 

The documentation is not as solid as we would have liked. Meanwhile, support is available eight-hours-a-day/five-days-a-week, and renewals run at 40 percent of the base price. Assistance 24/7 is available for an additional fee. 

This solution has all the pieces and is well integrated. It is at the top of the pricing scale for the solutions we evaluated. 

Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

New Windows 10 users, are you upgrading from...
Windows 8
Windows 7
Windows XP
Another operating system
Windows Vista
How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?