group

This is a network-based IDS, supplied as an appliance. There are four versions of the NID-300 series - the difference being in the number and speed of the Ethernet interfaces. The top-of-the-range model has two 10/100Mbit and two gigabit network interfaces. One of these interfaces is always reserved for management, but the remainder can be used for monitoring. In this way, a single NID-300 can monitor load-balanced or failover WAN connections. By separating the management and monitoring interfaces, NID-300 can operate in stealth mode, as the monitoring interface does not respond to any network traffic or requests from any service on the monitored network.

RealSecure 7.0 is the result of the integration between RealSecure and the BlackICE NIDS sensor technology. It runs on a dedicated machine and acts as a NIPS sensor to monitor a network segment, looking for intrusions or suspicious activity. If an intrusion is suspected, it can respond by recording details of the event. It can notify the network administrator, reconfigure the firewall, or terminate the event.

Another USB token approach, this time from Feitian Technologies, a company based in Beijing, China. The ePass2000 product comes attractively packaged with the software, printed user's guide, a USB token (in this case the ePass2000 with 1024-bit key functionality), overview brochures and even a mouse mat. This may give an impression of an off-the-shelf consumer oriented product, but the ePass offering is actually quite comprehensive.

The Aladdin eToken is a small, lightweight, attractive USB device, about the size of a physical key, which can generate and store user credentials such as private keys, passwords and digital certificates within its own protected chip environment.

RSA is usually associated with token solutions, providing dynamic one-time password facilities plugged into back end authentication servers like RSA's ACE/ Server. But there are times when a token is not ideal: you have lease costs to consider, the server-side requirements are relatively high and inexperienced users can find one-time passwords tricky to handle.

The SafeWord PremierAccess product immediately impresses as a solution that has been well considered from the outset. Developed around the dynamic password concept, it may nevertheless support smartcards and other tokens, and even biometrics. These methodologies may be mixed and matched depending upon the needs of the enterprise.

Entercept falls into the category of an intrusion prevention system (IPS). In common with traditional host-based IDS, Entercept resides on the host itself, but it works at a much lower level than a normal HIDS system.

This solution provides a network-based IDS, real-time session monitoring and internet/email content blocking. eTrust Intrusion Detection can be installed in standalone mode, or it can be distributed on separate machines. The intrusion detection program installs as a service under Windows NT/2000. As usual, the monitoring interface is a NIC in promiscuous mode, and therefore the presence of the IDS is concealed from the attacker.

ActivCard Gold provides the expected functionality for securing the desktop, remote network access and access to web services, via digital signatures stored upon a smartcard. Appropriate software utilities are provided to manage these functions. However, the ActivCard approach goes one stage further by adding biometrics technology to the mix.

Authenex Strong Authentication System (ASAS) is described as a network security application that provides strong (two-factor) authentication for remote, VPN and web access. This would appear to sum things up quite well and Authenex provides a variety of software tools to support this goal.

One of the biggest problems with internet security is that you can end up blocking sites which employees may have a perfectly valid reason for visiting - 'breast' blocking cancer sites, for example.

If you are looking for a little more than simple content filtering, it is worth taking a look at WebWasher. Aimed at the medium to large business, it provides extensive content filtering and a number of other valuable features.

In this Group Test we have looked at a number of solutions, all designed to manage your critical policy management and to ensure corporate policy is adhered to across even the largest networks.

This particular solution is for Windows 2000 users only; it sets, manages and backs up policies across your whole network without the need for agents. Designed specifically to replace the built-in utilities that are provided with Windows 2000 networks, it also allows the management of multiple domains in unison.

We've looked at PoliVec Builder in the past, a policy development tool from the same stable. Part of the PoliVec suite, PoliVec Enforcer integrates seamlessly with its policy development tool counterpart to keep the enterprise secure.

Therefore, policy can be locked down to stop system changes and policy non-compliance from weakening the protected network infrastructure. Extensive reporting enables a precise picture of your network and real-time monitoring ensures that notification of problems can be dealt with in a timely fashion.

Policy enforcement is only as good as your management system allows, so a serious vulnerability could go unnoticed without prior knowledge of the problem.

Security Expressions allows deployment using no-agent technology to ensure that, once installed on either Windows NT or 2000 systems, the administrator can add machines within a group, that are required to adhere to the policies that pertain to that group.

There are now many policy management tools for the control of email usage, and that need arises from the growing requirements that increasing legislation has put on companies. Policy Patrol is one such solution, ensuring that certain criteria are being met, and reducing the risk to the enterprise by monitoring communications and filtering out according to a rule set.

There are pre-set policies that allow the new installation to be put in place quickly and effectively while new policies are written.

Recently acquired by NetIQ, VigilEnt Policy Center provides a policy management tool that ensures users are aware of their responsibilities while providing solid policy control across the company network.

This is a corporate-level security solution and requires a user database to allow you to import users so that user groups can be established. The policies can then be set for these groups, with users being required to answer questions to establish understanding and compliance. Logs are kept to view user input and also to define problem areas. This performance-related system means that users know how to use company data and they learn what is required of them, while the administrator can see statistics and reports. Users not complying can be identified and an email can be sent to them to remind them of its significance. This ensures that not only do your employees comply with your policies, but your company can prove compliance with the regulators and specifically with ISO 17799.

You can stipulate certain user rights to allow for policies to be reviewed prior to publication and distribution. But of course you may use pre-written policies, amend them or create your own, as required by your own particular corporate needs.

Each enterprise will look long and hard at how they implement their corporate security policy. While many administrators look to implement an enterprise-wide solution, some may look to deliver specific policy management features for areas that their particular enterprise rates as high risk.

This means that in order to deliver policy management across all electronic communication a specific policy solution will be required that specializes in this particular function.

Unlike the other products in this Group Test Web Inspector is neither system policy management or email policy management, but in fact an internet compliance tool that uses policy to set its users' boundaries. Suitable as a single installation for the smaller enterprise, this solution easily scales up to a distributed deployment over a large network.

Policy starts with access control, ensuring that users only have the rights assigned by the administrator in line with your corporate policy. Whether you choose to assign the same rights across the network or drill down your policy into user groups, sites, or individual users or workstations, is your choice. Policies can be created to suit your needs and ensure that only the web pages that your company deems necessary are viewed within work hours, allowing for the organization to permit safe surfing on non-business sites at stipulated times.

Possibly one of the most addictive aspects of the internet is instant messaging. Even if you prevent your employees from installing MSN Messenger, AIM or Yahoo, there are countless web sites that offer proprietary messaging systems that can be overlooked by some security applications.