Most infosec leaders agree that traditional security methods, on their own, are no longer enough to combat advanced new threats. But what new techniques and strategies are they using? What lessons have they learnt from breaches?
iTnews will provide some answers to these questions in our Spotlight on Cyber Security, coinciding with the Australian Information Security Association’s national conference on 10-12 October.
We looked at version 3.0 of this product in the virtual private network Group Test last year, and it is good to see it being evaluated as a firewall this time around. Astaro might not be a familiar name to most people, but it deserves to be if it continues to produce products such as this.
In the Gateway Security product, Symantec has come up with a range of gateway appliances, each of which combines firewall, anti-virus, virtual private network (VPN), content filtering and intrusion detection in one rack-mounted system that is 1U high.
At the heavy duty end of the market, SSH Secure Shell for Windows Server offers enough security for even the most paranoid network administrator. Already recognized as one of the most popular applications for creating secure sessions in Unix, it is now available for Windows, replacing such protocols as Telnet or FTP with a hardened connectivity solution for those businesses that require more than usual security for data transfer.
Policy enforcement is only as good as your management system allows, so a serious vulnerability could go unnoticed without prior knowledge of the problem.
Security Expressions allows deployment using no-agent technology to ensure that, once installed on either Windows NT or 2000 systems, the administrator can add machines within a group, that are required to adhere to the policies that pertain to that group.
The basis of any policy management tool is the ability to manage its users and to recognize potential problem areas. Some do this without agents and others prefer to manage policy enforcement with agents residing on both workstations and servers. This is the case for Symantec Enterprise Security Manager, which uses the agents as its means of communication between its networked machines, enabling timely updates and compliance reports.
Symantec Enterprise Security Manager has already established itself in the policy management solutions market. This particular solution ensures that policies are intrinsically complied with throughout the organization, as well as maintaining system security through recognizing changes that could affect the security of the network.
Using control information files (CIF) the product can be managed from a central console, but in a large organization you may require more than one. Agents provide the means for the information to be collected across a distributed network to ensure updates are accomplished at regular intervals. Changes can be identified and the appropriate action taken, while logs and reports may be generated for further analysis.
Possibly one of the most addictive aspects of the internet is instant messaging. Even if you prevent your employees from installing MSN Messenger, AIM or Yahoo, there are countless web sites that offer proprietary messaging systems that can be overlooked by some security applications.
Cobion's OrangeBox Web is a very similar product to DynaComm i:filter. Designed to integrate with a proxy server (for example, Microsoft ISA on Windows 2000/XP), it is also happy to sit on a number of popular Linux and Unix platforms. It can also be used as a proxy server in its own right if you have a small or medium-sized intranet network.
DynaComm's i:series offers a range of security solutions: DynaComm i:filter is designed to monitor and protect you from internet traffic. Covering HTTP, HTTPS, FTP and NNTP traffic, it uses a database of URLs and a rules-based strategy to enforce your internet policy.
Another policy enforcement product, but with some added features that really give it some teeth, is iomart's NetIntelligence. As well as monitoring URL requests, it also looks at the network as a whole (hardware, software and all files) and can instantly detect whether any unauthorized changes have been made, or whether any prohibited content is suddenly present.
SurfControl has long been a name in internet security, with its CyberPatrol product one of the best known applications for home use, and its Web Filter application is an excellent business tool for micro-managing users' access to the internet.
SmoothWall Corporate Server is an extremely effective way of turning a PC into a dedicated hardware firewall sitting on its own hardened operating system. The company has now released a bolt-on to the Corporate Server to provide even more protection - Smooth Guardian, a multi-layered content filtering package.
Symantec Web Security is a product specifically designed to monitor the content of HTTP, HTTPS and FTP traffic. It takes the form of a proxy server that sits behind your firewall; with most firewalls it will operate transparently, but you have the bonus of integration with Check Point's FireWall-1.