Geoff Marshall

Recent articles by Geoff Marshall

Review: EngageIP Traffic Manager

Review: EngageIP Traffic Manager

The LogiSense EngageIP Traffic Manager appliance combines the security benefits of firewall and web content filtering with other features that include web caching, routing and bandwidth management, with real-time bandwidth consumption reporting and quality-of- service (QoS) shaping.

Geoff Marshall Jun 1 2003 12:00AM Security
Review: eSafe Appliance

Review: eSafe Appliance

The Aladdin eSafe Appliance is a hardened, Linux-based device, which can be configured as an email inspection tool (SMTP relay) and, additionally, as a full content-filtering gateway for HTTP/FTP. To obtain the full content-filtering gateway functionality you need to use Check Point Firewall-1 configured with a HTTP/FTP security server as a content vectoring protocol (CVP) client.

Geoff Marshall Jun 1 2003 12:00AM Security
Review: FortiGate 3600

Review: FortiGate 3600

Fortinet offers a range of what it calls 'anti-virus firewalls' for all markets, from the home user to the large enterprise and carrier-class service provider.

Geoff Marshall Jun 1 2003 12:00AM Security
Review: Ingrian i215

Review: Ingrian i215

Ingrian offers a range of appliances that are designed to secure any application that uses secure socket layer (SSL) transactions, while at the same time speeding up the performance. The company has recently added other features, including authentication, authorization, GZIP compression and an interface to external intrusion detection systems.

Geoff Marshall Jun 1 2003 12:00AM Security
Review: NetPilot Plus

Review: NetPilot Plus

NetPilot was created to be a turnkey solution for businesses to solve all their internet connectivity requirements. It provides internet routing and the sharing of a single ISP account; proxy-based firewall and NAT; web server and web caching; servers for DNS, DHCP, FTP and email; access control and URL filtering. In addition it can act as a file and print server for Windows workstations.

Geoff Marshall Jun 1 2003 12:00AM Security
Review: McAfee WebShield e1000 Appliance

Review: McAfee WebShield e1000 Appliance

McAfee is well known for anti-virus software, and has built its complete anti-virus engine into an internet gateway product that examines HTTP, FTP, SMTP and POP3 traffic for viruses. It also performs content filtering and acts as an email anti-relay. Within the content filtering mechanism anti-spam functionality is included.

Geoff Marshall Jun 1 2003 12:00AM Security
Review: Minesweeper CF500

Review: Minesweeper CF500

Primarily a content-filtering platform, the Minesweeper CF 500 came with optional extras for intrusion detection and vulnerability assessment. Content filtering comprises URL blocking, anti-virus and anti-spam. Standard features include a firewall with an IPsec VPN and a DHCP server.

Geoff Marshall Jun 1 2003 12:00AM Security
Review: SonicWALL PRO 330

Review: SonicWALL PRO 330

SonicWALL is well known for its firewalls, but it is now starting to add optional functionality to the range. The model tested came with the extra-cost items of content filtering and anti-virus. Vulnerability assessment is another optional extra, but was not supplied on the review unit.

Geoff Marshall Jun 1 2003 12:00AM Security
Review: Symantec Gateway Security Appliance

Review: Symantec Gateway Security Appliance

The Symantec Gateway Security product combines firewall, content filtering and intrusion detection in one rack-mounted system that is 1U high. The content filtering includes anti-virus and anti-spam, plus the blocking of inappropriate content and non work-related surfing. The firewall has all the usual features you would expect from a modern firewall: stateful inspection, packet filtering, NAT, IPsec VPN and full inspection application proxies.

Geoff Marshall Jun 1 2003 12:00AM Security
Review: Toshiba Magnia with Astaro Security Linux

Review: Toshiba Magnia with Astaro Security Linux

Based on a Toshiba Magnia SG20 solution developer kit, this unit runs a special version of Linux created by Astaro. It includes a firewall, VPN, DHCP server, traffic management and content filter. The latter includes web blocking and anti-spam.
The firewall uses stateful packet inspection and includes proxies for HTTP, HTTPS, SMTP, POP3, DNS, IDENT and SOCKS. It has user authentication and offers protection from the most common forms of DoS attacks. Of course, it provides network address translation. In addition it detects port scanning.

Geoff Marshall Jun 1 2003 12:00AM Security
Review: Entercept

Review: Entercept

Entercept falls into the category of an intrusion prevention system (IPS). In common with traditional host-based IDS, Entercept resides on the host itself, but it works at a much lower level than a normal HIDS system.

Geoff Marshall Apr 1 2003 12:00AM Security
Review: eTrust Intrusion Detection

Review: eTrust Intrusion Detection

This solution provides a network-based IDS, real-time session monitoring and internet/email content blocking. eTrust Intrusion Detection can be installed in standalone mode, or it can be distributed on separate machines. The intrusion detection program installs as a service under Windows NT/2000. As usual, the monitoring interface is a NIC in promiscuous mode, and therefore the presence of the IDS is concealed from the attacker.

Geoff Marshall Apr 1 2003 12:00AM Security
Review: Intrusion SecureNet System

Review: Intrusion SecureNet System

This solution is supplied as software, desktop or rack-mounted. Each network sensor is a separate appliance, handing high-availability, high-security 10/100 or gigabit monitored segments.Running on a hardened OS, based on Red Hat Linux, in a small installation it can be managed using a web-based interface, software or optionally as an appliance.

Geoff Marshall Apr 1 2003 12:00AM Security
Review: NetScreen-IDP100

Review: NetScreen-IDP100

NetScreen uses multi-method detection (MMD) in its IDS appliance, which also includes intrusion prevention options. MMD integrates stateful signature analysis with the detection of protocol anomalies, traffic anomalies, IP spoofing, layer 2 and SYN-flood attacks. Plus, it includes detection of 'backdoor' exploits and a network honeypot. The NetScreen IDP-100 is rated at 200Mbits/sec throughput, offering a choice of eight Fast Ethernet or two separate gigabit monitoring ports.

Geoff Marshall Apr 1 2003 12:00AM Security
Review: NFR NID-300

Review: NFR NID-300

This is a network-based IDS, supplied as an appliance. There are four versions of the NID-300 series - the difference being in the number and speed of the Ethernet interfaces. The top-of-the-range model has two 10/100Mbit and two gigabit network interfaces. One of these interfaces is always reserved for management, but the remainder can be used for monitoring. In this way, a single NID-300 can monitor load-balanced or failover WAN connections. By separating the management and monitoring interfaces, NID-300 can operate in stealth mode, as the monitoring interface does not respond to any network traffic or requests from any service on the monitored network.

Geoff Marshall Apr 1 2003 12:00AM Security
Review: RealSecure Network Sensor

Review: RealSecure Network Sensor

RealSecure 7.0 is the result of the integration between RealSecure and the BlackICE NIDS sensor technology. It runs on a dedicated machine and acts as a NIPS sensor to monitor a network segment, looking for intrusions or suspicious activity. If an intrusion is suspected, it can respond by recording details of the event. It can notify the network administrator, reconfigure the firewall, or terminate the event.

Geoff Marshall Apr 1 2003 12:00AM Security
Review: Symantec ManHunt

Review: Symantec ManHunt

This software network-based IDS product requires a dedicated machine running Solaris 8 on either Sun SPARC or Intel hardware. The hardware specification depends on the amount of traffic to be monitored, and gigabit monitoring interfaces are supported. We were supplied with a pre-installed system running on a Dell PowerEdge rack-mounted server - however, customers would have to provide their own hardware; prices quoted are for software only.

Geoff Marshall Apr 1 2003 12:00AM Security
Review: Symantec Gateway Security Appliance

Review: Symantec Gateway Security Appliance

In the Gateway Security product, Symantec has come up with a range of gateway appliances, each of which combines firewall, anti-virus, virtual private network (VPN), content filtering and intrusion detection in one rack-mounted system that is 1U high.

Geoff Marshall Apr 1 2003 12:00AM Security
Review: Oblix NetPoint 6

Review: Oblix NetPoint 6

Oblix NetPoint is described as an identity management solution for the enterprise. What this means is that it is designed to manage the multiple identities and permissions in a modern e-business environment where you must provide access to a huge variety of different people - many of whom will be entering the network from outside the corporate firewall. In a modern large e-business enterprise it can be a daunting task to do this securely.
Oblix NetPoint simplifies the management of user identities and permissions across multiple applications and provides single sign-on. It makes it easy to add or remove users, to change permissions, and to enforce password rules.

Geoff Marshall Apr 1 2003 12:00AM Security
Review: CyberGuard KS1500 Premium Firewall/VPN Appliance

Review: CyberGuard KS1500 Premium Firewall/VPN Appliance

CyberGuard offers a range of firewall/VPN appliances with specifications ranging from three Ethernet interfaces and 125Mbits/ sec throughput to 21 Ethernet interfaces and 2Gbits/sec throughput. All have an integrated VPN, run the same firewall software, and have the same configuration GUI. We tested model KS1500, which can have up to 18 Ethernet interfaces, of which two are gigabit-over-copper as standard.
Performance is the strength of the KS1500, which is designed to cope with 1.5 Gbits/sec throughput and up to 1.2 million simultaneous connections. The firewall boasts a host of certification standards including Common Criteria Eval­ uation Assurance Level 4+ (EAL4+), ICSA, ITSEC E3, Checkmark, etc. The secure operating system was designed to meet TCSEC/NCSC criteria at the 'Orange-book' B2 level.

Geoff Marshall Feb 1 2003 12:00AM Security

Log In

  |  Forgot your password?