Upcoming Events

Executive conference

Cloud Connect March 16-18

Comprehensive thought leadership for executives, IT professionals and developers. Topics include: the ROI, cost and economics of on-demand computing; Migration strategies to move from on-premise to cloud-based IT; Vertical cloud specialization, tailoring features and architectures to specific applications, industries, and customer ecosystems

More Events »

Vendor Newsfeed

More Vendor Newsfeed »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up
Security
F E A T U R E  
Tactical Security 101

  January 23, 2003
  By Greg Shipley


>> continued from previous page

Control Issues
TOC Issue TOC
Printer Print full article
Printer Print this page
Printer Download as PDF
E-Mail E-Mail this URL
Discuss Discuss this article
flame author Flame the author
 
  In this article
arrow
 Introduction
arrow
 Vulnerability Management
arrow
 Firewalls Get Hotter
arrow
 Control Issues
arrow
 Event Correlation
arrow
 HIP Hosts
arrow
 Technology Areas
arrow
 How We Got Here

As the number of deployed firewalls increases, so do operational headaches and administrative overhead. Check Point Software Technologies has dominated on this front because its platform offers one of the few truly scalable management frameworks. However, as NetScreen Technologies and other competitors get their management acts together, Check Point will have to fight for continued dominance. Regardless, organizations considering enterprise-level firewall implementations should scrutinize the management framework. Pilot error is still a big problem in firewall administration, and a clear interface can help reduce mistakes.

Rapid quarantining and containment is crucial for large-scale, multinational corporations that need to combat worm outbreaks. For example, in 2001 a number of the Fortune 500 took serious hits when Nimbda rapidly infected key Web and mail servers and wreaked havoc within organizations that had "mushy" centers.

In fact, in 2002 we even saw worms take down PBXs, evidence that some of the industry's leading voicemail systems have vulnerable Sun Solaris and Microsoft Windows operating systems running under the hood. Smart organizations were able to contain outbreaks, however, with detection and quarantine processes. Although many of these manual quarantine efforts used simple router ACLs (access-control lists), strategically placed firewalls with unified management frameworks could have made the process even more efficient. And for those that didn't have choke points in place, these deployments could have made the difference between safety and six- to seven-figure losses.

Rapid-response capabilities are a combination of technology and process: Organizations with response procedures, timely access to router and firewall reprogramming capabilities, and the ability to tune their Web caching engines saved hundreds of thousands of dollars in downtime and repair costs.

The enterprise firewall market is dominated by Cisco and Check Point, according to Gartner, with NetScreen slowly gaining ground. Check Point packs in more options than a Japanese cell phone, but

it will be interesting to see if Cisco and NetScreen start leveraging their integration plans to gain ground. NetScreen is looking to integrate its recently acquired OneSecure inline NIPS and normalization technology into its firewall line, and Cisco has begun putting firewall, VPN (virtual private networking) and IDS functionality into its core switching platforms.

Finally, organizations that are looking for more than just a strong front door may want to keep an eye on Intruvert Networks, TippingPoint Technologies, NetScreen and others that offer Layer 7 inspection and scrubbing features. While few will argue the security benefits of traditional Layer 7 application-proxy-based firewalls, the lack of clear development progress on many traditional proxy-based solutions, such as Secure Computing's SideWinder and Gauntlet (recently acquired from Network Associates) and Symantec's Raptor, has left many practitioners scratching their heads. Some of the "normalization" features found in OpenBSD have sparked interest, and products such as OneSecure's (now NetScreen's) IDP offer a curious blend of intrusion prevention and normalization features.We may see such "proxy killers" gain momentum in the coming months (for more on normalization, see www.aciri.org/vern/papers/norm-usenix-sec-01.pdf).

start top  Firewalls Get Hotter Event Correlation 

Best of the Web

Data deduplication: Declawing the clones

Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.

Quick Read

Compression, Encryption, Deduplication, and Replication: Strange Bedfellows

One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.

Quick Read

WAN Optimization Whitelists and Blacklists

Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.

Quick Read

WAN Optimization as a Managed Service: It's Not About the Cost

This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.

Quick Read

  Sponsored Links

Premium Content

Data Centers Gone Wild
February 22, 2010
NWC


Salary

Video

View All Videos

Most Popular

Stories Blogs

More Stories »

Whitepapers

More »

BlogRoll