Network Computing

NEWS BLOGS FORUMS NEWSLETTERS RESEARCH EVENTS DIGITAL LIBRARY CAREERS

IMMERSE YOURSELF:

Corporate.Net
Comparative Review

Covering Your Vital Assets: Securing Your Web Sites

By Jeff Ballard The security demands on Web sites are intensifying daily. Right now, your Web server may be under attack. Thieves and vandals could be destroying your files and disassembling your Web server. If you think that it can't happen to you, remember that vandals attacked CIA, Department of Justice, MGM/ Universal and Nation of Islam Web sites last year. Once sites are hacked into, items such as pornographic pictures, offensive text and illegal software are placed on the server for the world to access.

To view the Report card.
And small sites have as much to worry about as larger ones, since smaller companies most likely cannot afford a team of security specialists to mo nitor their Web sites. Even larger companies find it difficult to dedicate someone to watch their servers all day. To combat this problem, recently developed software packages put the power of a security force on even the most modest Web servers.

We tested Haystack Labs' WebStalker Pro, Siemens Nixdorf Information Systems Ltd.'s Trusted Web and Trusted Information Systems' Gauntlet ForceField in Network Computing's University of Wisconsin-Madison lab to determine how well they guard Web servers.

These security products go beyond classic firewalls and TCP filtering by attempting to secure your server in more comprehensive ways. One product, Haystack Labs' WebStalker Pro, takes proactive security actions, such as watching and reporting on unauthorized activity. Meanwhile, users continue to perform their jobs as usual, unaware that they are being watched. Not only do these security products look at your Web data to solidi fy its security, they also attempt to prevent unauthorized access to your machine. While each develops its method of security independently, the result is still a secure one.

The products we tested ran on a single-processor Sun Microsystems SPARCstation 10 running Solaris 2.51 and Netscape Communications Corp.'s Netscape Enterprise 3.0 Web server. We installed each package on its own hard drive, with its own installation of Solaris, to ensure that none of the packages interfered with one another.

WebStalker Pro walked away with top honors because it offers the most intriguing and impressive feature--an offense. Trusted Web came in a close second with its noteworthy encryption and authentication capabilities. Gauntlet ForceField provides entry-level security and was deemed a best value.

Haystack Labs WebStalker Pro
Haystack Labs garnered the Editor's Choice award simply because o f its key, unique feature--offense. WebStalker Pro not only sets up a barrier around your machine's internals to keep out criminals, but also performs quite a few proactive maneuvers should any mysterious activity occur. For instance, you can log a user off your machine for simply changing into--or even looking at--any directory you desire. None of the other products we tested even came close to this level of proactive response to an unwanted intrusion. With WebStalker Pro, you get your own team of guards to protect the internals of your Web server from intruders.

It didn't take long for WebStalker Pro to impress us. Its ability to monitor activity on a Solaris server is unparalleled. Soon after installation, we performed an initial "security interview," during which we customized WebStalker Pro's reactions to common intrusions.

To download an Adobe Acrobat .pdf format version of Web Server Security Software Features charts, click here.

For the Side Bar on
Warning Signs For Proactive Systems

Internet Rx
By Chris Lewis
Internet File Systems: WebNFS and CIFS
By Todd Tannenbaum

Updated August 23, 1997

Ready to take that job and shove it?
Open | Close

Post Your Resume

Employers Area

News & Features

Blogs & Forums

Career Resources

Browse By:
State | City

SPONSOR

RECENT JOB POSTINGS

Featured Jobs:

Hebrew Senior Life seeking Network Analyst in Dedham, MA

True Circuits seeking Mixed-Signal IC Layout Engineer in Los Altos, CA

BP seeking Desktop Strategy and Planning Manager in Houston, TX

ITT seeking Senior Staff Engineer, Systems in Fort Wayne, IN

Agilent Technologies seeking Marketing Manager in Melbourne, AU

For more great jobs, career-related news, features and services, please visit our Career Center.

CAREER NEWS

10 Search Engines You Don't Know About

Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Yahoo Profits Fall 23%, Cuts 1,000 Jobs

Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

More articles from our career center


Today's Most Popular Stories • Rolling Review: SOA Appliances • Making The Move To Multicore • Rolling Review: Web 2.0 Tools Demand A Cautious Approach • Rolling Review: Windows Server 2008 Server Core
Today's News Analysis • Amazon EC2 Entices Innovative Uses With Persistent Storage • AIG Private Client Group Diagnoses SOA Glitches With BMC Solution • CA Emphasizes Holistic Enterprise IT Management • Apple Previews Its Next Mac OS 'Snow Leopard'
REPORTS Analyize In-Line NAC strategies and products.	ANALYTICS Plan and design your enterprise blade server deployments

InformationWeek U.S. IT Salary Survey 2008

Salaries for business technology professionals are falling. Here's what you need to know in order to make good hiring decisions and personal career choices. Download Today