Nortel Contivity 4600 has one of the best management interfaces we've seen in a VPN gateway. Not only does it include a reduced graphics notebook mode, it has an informative guided-configuration mode. However, the 4600 is more than just a pretty interface: The device supports IPsec, L2TP and PPTP. This is a big advantage for Microsoft Windows 2000 and XP users, who will find built-in support for the latter two protocols. In fact, the 4600 supports a large range of OSs, from Apple Macintosh to IBM AIX.
The Contivity 4600 also is the only large-scale VPN to offer a multiple hierarchical inherited model for configuring users and groups. This flexibility lets you create broad configurations while still forming specialized overrides for smaller groups. Another useful feature is bandwidth management.
Solid hardware options round out the Contivity profile. Redundant disks and power supplies increase uptime, and the box can be configured to plug directly into WAN ports, such as T1, HSSI and modems. Dual boxes can be configured with VRRP and OSPF to support automatic stateless failover.
Nortel Networks, (800) 466-7835. www.nortelnetworks.com
Read the Article
Categories: VPN Concentrator | Security Information Management |
DDoS Mitigation Tool | IDS System | High-Availability Firewall | Desktop Firewall | Distributed Firewall
|
VPN Concentrator
|
|
WINNER: Nortel Contivity 4600 VPN Switch with Contivity VPN Client 4.0
See Product of the Year, Above
Finalists:
• Avaya VSU-7500 and VPNremote Client 4.0, Avaya, (866) 462-8292, (908) 953-6000. www.avaya.com
• Cisco VPN 3030 Concentrator with Cisco VPN Client 3.5, Cisco Systems, (800) 553-6387, (408) 526-7208. www.cisco.com
|
Security Information Management
|
|
WINNER: NetForensics 2.3
The security information aggregation and correlation product family is a new space in the security scene. So new, in fact, that the vendors can't even agree on what it's called. NetForensics grabs our first Well-Connected Award in what we're dubbing SIM (Security Information Management). NetForensics offers enterprise security operators a tiered system for collecting, storing and reporting on all of the logs generated by their various security devices, including firewalls, IDSes, routers, system event logs and VPN devices, and the company takes the award for providing a strong back-end system, solid reporting and a robust communications architecture. However, it will need to continually improve if it wants going to stay ahead of Gaurded.net and Intellitactics, which are both hot on netForensics' tail.
netForensics, (732) 393-6000. www.netForensics.com
Read the Article
Finalists:
• NeuSecure 1.5, GuardedNet, (404) 442-9909. www.guarded.net
• Network Security Manager 3.3, Intellitactics, (888) 495-4355, (519) 743-0144. www.itactics.com
|
DDoS Mitigation Tool
|
|
WINNER: FireProof 2.2
RadWare Fireproof 2.2 barely edged out contenders Mazu TrafficMaster Enforcer and Foundry ServerIron 400 this year, thanks to better network interface support than either TrafficMaster or ServerIron and better DDoS mitigation than TrafficMaster. Beating ServerIron in price didn't hurt either.
Radware, (888) 234-5763, (201) 512-9771. www.radware.com
Read the Article
Finalists:
• ServerIron 400, Foundry Networks, (888) TURBOLAN,
(408) 586-1897. www.foundrynetworks.com
• TrafficMaster Enforcer for DDoS 1.0, now known as Enforcer 300, Mazu Networks, (866) 354-MAZU, (617) 354-9292. www.mazunetworks.com
|
IDS System
|
|
WINNER: Dragon 4.2
Enterasys' Dragon captures its second Well-Connected win in one of the hottest product areas this year: Intrusion Detection. Dragon did claw its way to the top, but just barely. Products from Cisco and the popular open-source IDS solution, Snort, were right behind, and with a long overdue revamp of ISS RealSecure pending, the folks at Enterasys will need to work hard to keep Dragon sharp. However, in the end, last year's IDS testing marathon proved Dragon one of the most well-rounded, robust IDS solutions on the market. The depth of its signature set and the robustness of its sensor engine keeps admins well armed for fighting the seemingly endless number of attacks being flung at their networks.
Enterasys Networks, (603) 332-9400. www.enterasys.com/ids
Read the Article
Finalists:
• Cisco Intrusion Detection System (IDS) 2.5, Cisco Systems, (800) 553-6387, (408) 526-7208. www.cisco.com
• Snort 1.7, version 1.8.6 now available, Snort, (410) 290-1616. www.snort.org
|
High-Availability Firewall
|
|
WINNER: Cisco PIX 535 Firewall
While the firewall space may seem like its been commoditized, the high end of the industry is still restricted to a few elite players. Cisco barely nudges past pure-play Netscreen for the best high-availability firewall award by providing a cost-effective and robust firewall solution. The Cisco PIX 535 offers relentless reliability when configured as a high-availability solution, and its default filtering and inspection technology surpasses that of industry rival Checkpoint. Cisco has its work cut out for it, however, as other firewall solutions continue to offer better large-scale management solutions. But for one-off HA deployments, it's hard to beat the stability of the PIX.
Cisco Systems, (800) 553-6387, (408) 526-7208.
www.cisco.com
Read the Article
Finalists:
• FireWall-1 NG, Check Point Software Technologies, (800) 429-4391, (650) 628-2000. www.checkpoint.com
• NetScreen-1000, NetScreen Technologies, (800) 638-8296, (408) 730-6000. www.netscreen.com
|
Desktop Firewall
|
|
WINNER: CyberArmor Suite 2.1
CyberArmor Suite is our Well Connected desktop firewall pick for the second year in a row, and the award is well deserved. InfoExpress raised the bar on centrally managed firewalls, and the competition is trying very hard to catch up.
Improvements include a better policy creation program that offers multiple levels of complexity, from simple checkboxes to manually editing policies. This means flexibility in use for both the neophyte to the experienced admin. InfoExpress also still offers the best multi-policy support on individual clients. Perhaps best of all, while you can prevent the user from making configuration changes, you can also do a one-time override without giving out the setup program. This is handy for emergency situations, in case the firewall is interfering with work and the user doesn't have an Internet connection.
InfoExpress, (650) 623-0260. www.infoexpress.com
Read the Article
Finalists:
• Sygate Secure Enterprise 2.1, Sygate Technologies, (877) 923-7436, (510) 742-2600. www.sygate.com
• Zone Labs Integrity, Zone Labs, (877) 876-4960, (415) 341-8200. www.zonelabs.com
|
Distributed Firewall
|
|
WINNER: Global Management System 2.0 (SGMS)
SonicWall's Global Management System (SGMS) 2.0 offers a wide range of features, such as tiered management, multiple customer support and the scheduled policy updates necessary to manage large numbers of firewalls. Creating mesh VPNs between a large number of devices is a usually daunting task, but SGMS accomplishes it in just a few clicks. Add in highly a configurable management system and management roles and detailed transaction reporting and auditing, and SGSM is a clear winner and sets the mark for future products.
SonicWall, (888) 557-6642, (408) 745-9600. www.sonicwall.com
Read the Article
Finalists:
• Lucent Security Management Server (LSMS) 6.0, Lucent Technologies, (888) 4-LUCENT, (908) 582-8500. www.lucent.com
• NetScreen-Global Pro 3.0, NetScreen Technologies, (800) 638-8296, (408) 730-6000. www.netscreen.com
REPORTS
ANALYTICS
Follow 
