11th Annual Well-Connected Awards: Security
The key to keeping intruders out is to know exactly who's in. This year's awards go to products that have improved the basic methods for authenticating and managing users'
May 4, 2005
Network Intrusion Prevention
Winner: NetScreen-IDP 1000. Juniper Networks, (888) 586-4737, (408) 745-2000. www.juniper.net
If you understand the intricacies of an attack, love to delve into every detail of malicious payloads or plan to write custom signatures to deal with specific situations, NetScreen-IDP 1000 is your kind of IPS (intrusion-prevention system). In our tests, we hit the appliances with a combination of known threats and randomized bad packets that would have fallen outside normal signature patterns. NetScreen-IDP 1000's solid, professional interface lets security experts understand the context for attacks. What's more, the IPS has truly superb facilities for custom signatures. This device is expensive for intrusion prevention, but in professional hands, the IDP 1000 provides a rich toolset and strong management capabilities.
Finalists:
• FortiGate-3600 Antivirus Firewall. Fortinet, (866) 868-3678, (408) 235-7700. www.fortinet.com
• Proventia G1000-400 Intrusion Prevention Appliance. Internet Security Systems, (800) 776-2362, (404) 236-2600.
Network Forensics Tool
Winner: EnCase Forensics Edition 4.19. Guidance Software, (626) 229-9191. www.guidancesoftware.com
EnCase Forensics Edition is the most useful application for discovery and analysis of any incident. Doing it all carries a cost--EnCase is expensive-- but there's a lot to love about this product. A dedicated sales engineer assists in every installation and helped to configure the software for our tests. The EnCase client servlets, installed on all client machines, represent a huge administrative task but make investigation and remediation fast and easy. As we verified the known state of network devices, laid the groundwork for forensic investigation and searched for specific files, we discovered that the early work paid off when the results--and the speed at which we obtained them--truly mattered.
Finalists:
• Forensic Toolkit 1.50. AccessData, (800) 574- 5199 (801) 377-5410. www.accessdata.com
• ProDiscover 3.2. Technology Pathways, (888) 894-5500, (619) 435-0906. www.prodiscover.com
Threat Vulnerability Management
Winner: Foundstone Enterprise 4.0 (now known as McAfee Foundstone Enterprise 4.0). McAfee, (800) 338-8754.
Foundstone Enterprise is an all-around strong offering with complete reporting capabilities and polished ticketing and management. This suite consists of Foundstone's FoundScan Engine scanning technology, Foundstone Database data repository and Executive Dashboard Module. We especially liked the vulnerability-editing capabilities and remediation steps in our scenario, which required inspecting infrastructure components, servers and hosts while maintaining a low-impact profile for network users. Sound technology, solid reporting and a process for remediating discovered vulnerabilities make Foundstone Enterprise a powerful tool for managing threats.
Finalists:
• QualysGuard. Qualys, (800) 745-4355, (650) 801-6100. www.qualys.com
• Lightning 2.5. Tenable Network Security, (877) 448-0489 (401) 872-0555. www.tenablenetworksecurity.com
Antispam Tool
Winner: Spam Firewall 300. Barracuda Networks, (888) 268-4772, (408) 342-5400. www.barracudanetworks.com
Barracuda Networks' Spam Firewall comes close to being the ideal enterprise-class spam filter--an effective product that requires no management and costs absolutely nothing. In a massive comparison of 27 products, this firewall finished at the top of the pack. Barracuda Networks keeps costs low by using off-the-shelf hardware and a number of open-source applications, including SpamAssassin, running on a hardened Linux kernel. The Web admin interface is as close as you'll ever come to "set and forget." You don't even need an IT department to manage Spam Firewall.
Finalists:
• SurfControl RiskFilter. SurfControl, (800) 368-3366, (831) 440-2500. www.surfcontrol.com
• modusGate 3.0. Vircom, (888) 4VIRCOM, (514) 845-1666. www.vircom.com
Identity and Access Management Suite
Winner: HP OpenView Select Access 6.0. Hewlett-Packard Co., (877) 686-9637, (650) 857-5518. www.hp.com
Select Access offers a competitive feature set and first-rate interface for managing user identities across large networks. With most products, it can take days to configure and implement tasks that Select Access made quick and easy in our testing. This package provides a complete, detailed view of the network. Although the image can be difficult to read, it provided an accurate view of our Real-World Labs® test infrastructure. Select Access' self-populating and self-discovery features make it easy to establish the configuration, though the sheer amount of information available requires administrators to exercise restraint.
Finalists:
• iChain 2.3. Novell, (888) 321-4272, (781) 464-8000. www.novell.com
• ClearTrust 5.5.2. RSA Security, (781) 515-5000.
Authentication Server
Winner: NavisRadius Authentication, Authorization and Accounting Server 4.3.9. Lucent Technologies, (888) 4LUCENT, (908) 582-8500.
NavisRadius is a winner because of its balanced approach to enterprise AAA requirements. This server includes a JDBC API to interface with SQL databases, such as the bundled Sybase database. A form-based PolicyAssistant allows elaborate control over the server configuration. Thanks to its Java roots, the database manager ports quite well onto multiple platforms. The management console's user interface works well without the time lags characteristic of Java-based APIs. NavisRadius includes authentication "proxies" for Windows Active Directory/NT domains; Unix/etc/passwd; Kerberos; Novell Directory; external databases; LDAP servers; and various hard-token authentication systems. Our tests proved that NavisRadius' facilities for integration with other authentication and directory components was amplified by debugging tools that made finding the inevitable "meshing" problems fast and straightforward. In all, NavisRadius is a strong, flexible authentication server with well-developed, easy-to-use features.
Finalists:
• Steel-Belted Radius 4.71. Funk Software, (800) 828-4146, (617) 497-6339. www.funk.com
• SafeWord PremierAccess. Secure Computing Corp., (800) 379-4944, (408) 979-6100.
Policy Management System
Winner: VigilEnt Policy Center 4.0. NetIQ Corp., (888) 323-6768, (408) 856-3000. www.netiq.com
Policy Management Systems typically require days to configure and implement tasks. With VPC's Select Access, the process was quick and easy. VPC was the most mature, full-featured policy-management application we tested this year. It shines in creating and managing policy documents and quizzes, and overcomes less advanced archiving and rich-content features. We found the included policy templates a good way to start generating the required policies, with samples based on ISO 17799. The policies and accounts that use them are stored in a powerful repository that facilitates using the policies as much as it does generating them.
Finalists:
• Policy Operations Center 5.1. Bindview, (800) 813-5869, (713) 561-4000.
• DynamicPolicy 2.5.9. Zequel Technologies, (305) 358-9595. www.zequel.com
Multifunction Appliance
Winner: NetScreen ISG 2000. Juniper Networks, (888) 586-4737, (408) 745-2000. www.juniper.net
NetScreen ISG 2000 is a powerful multifunction appliance that combines firewall, VPN and intrusion-prevention functionality. Without a good centralized interface, firewall rule sets become unwieldy at a global level. NSM (NetScreen Security Manager) avoided this trap by letting us configure devices, create firewall objects such as hosts and IP address ranges, and define rule sets that we could apply to firewalls or groups of firewalls. The interface contains the familiar navigation tree and a primary pane for configuration and reviewing returned information. NSM has tools for monitoring firewall utilization and system health, as well as reporting tools for creating data summaries. The appliance can flag and classify specific log events, and it lets you add comments to individual firewall rules and log entries.
Finalists:
• NetVanta 1224R. Adtran, (800) 9ADTRAN, (256) 963-8000. www.adtran.com
• Nitix. Net Integration Technologies, (866) 384-8324, (905) 946-1777. www.nitix.com
XML Firewall
Winner: XS40 XML Security Gateway 3.1. DataPower, (617) 864-0455.
DataPower Technology's XS40 continues to be a performance and security leader not only for XML-based messages, but also over its own domain. In testing this firewall, we were impressed by the XS40's extremely granular role-based access, which could secure every aspect of its security policies. Its broad XML firewall and security-gateway capabilities were remarkable as well. Securing XML through WS-Security 1.0 was equally impressive, with SAML support unparalleled in the industry. The XS40 secures XML over HTTP, SOAP 1.1 and 1.2. It integrates with a variety of identity-management systems as well as multiple enterprise messaging infrastructure solutions.
Finalists:
• XML Security Gateway 2400 Series. Reactivity, (866) 889-3485, (650) 551-7800.
• XML Guardian Gateway 5.0. Sarvega, (866) 727-8342, (630) 627-3131.
Curtis Franklin Jr. is a senior technology editor for Network Computing. He has been writing about the computer and network industries since 1985.
NavisRadius Authentication, Authorization and Accounting Server 4.3.9. Lucent Technologies, (800) 4-LUCENT, (908) 582-8500.
Product of the Year --NavisRadius Click to Enlarge |
Security starts with identifying those who want to use your network. NavisRadius does a superb job of this foundation function, and adds enough bells and whistles to put it at the heart of the most demanding network login applications. Lucent NavisRadius is the very model of a flexible authentication server. In two separate rounds of testing this past year, NavisRadius demonstrated its ability to serve as a platform for complex authentication applications. The development and debugging tools impressed our testers with their feature depth and ease of use. Designed for the needs of ISPs and large enterprises, NavisRadius supports knowledgeable staff with its well-thought-out capabilities, tools and interface. It requires integration and customization work, but Lucent provides tools that simplify the development process with features that speed the writing and debugging process. NavisRadius' low cost of entry and excellent configuration tools make it a solid option for most companies.
You May Also Like