Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Tipping the Scales

UnityOne's Network Defense System (NDS) performs intrusion detection, traffic blocking and alerting before traffic gets to the firewall. Tuning itself to the network, it identifies protected devices and services, and reduces the number of meaningless alerts common in other IDSs (intrusion-detection systems). Unfortunately, the product missed some key servers in my tests (see sidebar, "False-Positive Reduction.").

Good News
• High-speed IDS.
• Number of alerts reduced based on network architecture.
• Simple management.

Bad News

• Expensive.
• At the mercy of TippingPoint for troubleshooting.
• Network discovery may miss hosts.
• No way to develop or edit signatures.

Managing single installations of the NDS is easy through the Local Security Manager (LSM) Web-based GUI or through a CLI (command-line interface) using telnet or secure shell. You can manage multiple NDSs through the Security Management System (SMS), a hardened, Linux-based appliance accessed through a Java console. The NDS setup is based on segments or pairs of ports. I used three: one Fast Ethernet port for running attacks, and two fiber-based segments for traffic loading.

Ready, Set, Action