Features

ArcSight's flagship product, the ArcSight Enterprise Security Manager, is a security event management (SEM) tool capable of analyzing large mounts of network data in real time. The IDS model fell down because the flood of unfiltered alerts overwhelmed the resources of security teams, but SEM provides correlation, filtering and analysis to, in theory, allow the few real threats to be picked out of the blizzard of less important alerts and false positives.

Sourcefire calls its 3D System a "network defense system," avoiding the now loaded terms IDS and IPS. But while some of its components are strictly IDS or IPS, the package as a whole deserves a much broader description.

Fortinet's FortiGate 5020 is built using a powerful chassis containing dual, hot-swappable power supplies as standard, building in redundancy. The chassis can also house two 5001 blades, each of which comes with four copper Gigabit Ethernet ports and four small, form-factor pluggable (SFP) ports.

Symantec's Gateway Security 5440 fits in the middle of its 5400 series range. It comes with six Gigabit Ethernet interfaces, although you can also buy the 5441, with four fiber and two copper interfaces instead.

Microsoft's Internet Security & Acceleration (ISA) Server 2004, is the company's application for turning a Windows 2000 or 2003 server into an enterprise firewall. Installation was painless on our test Windows 2003 server.

The Nokia-Check Point partnership has been a successful one, combining Nokia's excellent hardware implementation with Check Point's proven security technology, as we can see with the IP380. Aimed at the small enterprise or branch office, the IP380 comes with a cryptographic accelerator, capable of 130Mbps of 3DES VPN traffic and four Fast Ethernet ports. With two spare slots in the 1U chassis, you can upgrade network capability at a later date.

Nortel's whole approach to security is different to the other manufacturers on test, as this bundle incorporates two products: the 6600 Accelerator and the Director 5024 firewall.

Better known for its smaller appliances, SonicWall has pushed into the enterprise market with its Pro 5060f. Running SonicOS Enhanced 3.1, the 1U appliance houses a 2.4GHz Intel Xeon processor, 512MB of RAM and six Gigabit Ethernet interfaces. The 'f' in our model signifies that two of these ports are multimode fiber, but you can buy a 5060 with six copper ports.

CyberGuard's TSP3600 is a beast of a firewall. A case 5U high houses a RAID array for data protection, 13 Gigabit Ethernet ports and one Fast Ethernet (up to a maximum of 30 ports) – more than enough ports to cope with very large networks.