Security

From intrusion detection to spam, security solutions were high on our list in 2004

1 2 3 Page 3
Page 3 of 3

Snort 2.10 with ACID           
Snort.org
Very Good, 7.3         
Cost: Free
Bottom Line: Snort is a free, flexible, effective rules-based IDS that is difficult to set up and
not particularly user-friendly. Multisystem management isn't supported, and reporting and management fall short of commercial offerings. On the plus side, you can use existing rules, which are regularly updated by an active open source community, or configure your own.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

StillSecure Border Guard 4.3
StillSecure/Latis Networks  
Excellent, 8.6
Cost: Device, starts at $7,500; maintenance, $1,500 per year (subscription option available)         
Bottom Line: Border Guard brings ease-of-use, multinode management, and intrusion prevention capabilities to Snort. Installation and setup are fast and easy, the GUI is top-notch, and reporting is excellent, removing all the difficulty of navigating Snort and displaying attacks and payloads.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

NETWORK SECURITY
Barbedwire DPI 100
Barbedwire Technologies
Very Good, (8.4)      
Cost: As tested, including firewall, IPS, VPN, anti-virus, anti-spam, and content filtering, $1,495     
Bottom Line: The DPI 100 bundles everything necessary for Internet security in a 1U box, including firewall, VPN, anti-spam, anti-virus, and content filtering, and it offers additional services via software upgrade. Performance is good, but configuration of some modules is complex and not well-documented.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

BigFix Patch Manager 4.0  
BigFix
Very Good, 8.4         
Cost: As many as 1,000 agents, $21.50 per agent for Windows, $58 per agent for non-Windows; quantity discounts available
Bottom Line: Scalable and easy to install, BigFix Patch Manager effectively keeps desktops and servers updated and free of security holes. It provides a near real-time view of as many as 75,000 systems and can keep them in compliance with fast, automated patch rollouts.    
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Check Point Integrity 5.0
Check Point Software Technologies         
Very Good, 8.1
Cost: Commercial, $2,500 for 25 users to $48,000 for 1,000 users; GSA, $2,232 for 25 users to $41,667 for 1,000 users   
Bottom Line: Integrity requires a dedicated server, so you can't share the platform with another application. The default client deployment is clunky, although most companies will use SMS or ZenWorks to deploy the software. Either way, Integrity makes heavy use of Zone Lab's highly regarded firewall technology customized for different platforms, and its superior management interface.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

e-Security v4.2
e-Security      
Excellent, 9.2
Cost: Starts at $40,000       
Bottom Line: e-Security's management suite sorts through the vast quantities of data from the various security products on your network, picks out what's truly important, and compares it with other events using a correlation engine to uncover attacks or vulnerabilities. It presents the data in a clear graphical form that makes it easy to stay on top of security management.    
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Network Engines Steel-Belted RADIUS Enterprise Edition Appliance Version 2.0
Network Engines
Excellent, 8.7
Cost: $7,500
Bottom Line: This RADIUS server is a scalable, versatile addition to an ISV or corporate network that will simplify life for both the IT and accounting departments. It incorporates Version 4.5 of Funk Software's Steel-Belted RADIUS Enterprise Edition software. The SBR provides impressive, highly customizable control over wired and WLAN user authentication, access, and accounting information.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Guidance EnCase Enterprise Edition       
Guidance Software
Very Good, 7.7         
Cost: As tested, $1,600 per seat
Bottom Line: EnCase's law-enforcement roots and its capability of integrating with enterprise intrusion detection systems make this one of the more flexible and easily integrated enterprise forensic solutions. Although it's very complex, this type of software is a must-have for companies faced with compliance issues.           
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

McAfee Active VirusScan Suite and McAfee Desktop Firewall 8.0      
McAfee
Very Good, 8.0         
Cost: Desktop Firewall, $21.25 to $7.65 per node including one year of support; Active VirusScan Suite, $47.65 to $15.72 per node; government pricing is 25 percent less
Bottom Line: McAfee provides an effective anti-virus and firewall combination for enterprise desktops. The management interface is easy to use but experienced a few glitches. Updates can be slow, and policy enforcement is handled by forcing updates rather than quarantine. Additional features are planned that will make this a very well-rounded suite of products in the future.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  

nCircle IP360 Vulnerability Management System
nCircle           
Excellent, 8.7
Cost: One VnE1000 Manager, one Device Profiler, and 250 IP licenses, $36,250    
Bottom Line: Although pricey, the IP360 is a thorough, well-designed network vulnerability scanning solution that would benefit any large network. Dispersed scanners allow continuous scanning without consuming a lot of bandwidth, and application detection accuracy is solid.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Network Associates InfiniStream Security Forensics 1.5
Network Associates
Very Good, 8.2         
Cost: i1600 (including optional Reconstruction/Replay software, and five consoles), $90,000; Security Forensics Console software alone, $7,500          
Bottom Line: InfiniStream Security Forensics provides a straightforward way to mine network data and even reconstruct network sessions during investigations of security breaches or network misuse. The ability to ID sources of security issues makes this appliance an invaluable tool.
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Oblix ShareID 2.0     
Oblix
Very Good, 8.4         
Cost: Identity-provider site, $5,000 per server     
Bottom Line: ShareID's administration aspects are straightforward, if not elegant, and the ability to deploy prebuilt source-site servers is key. If you aren't looking forward to administering user accounts for every business partner, then you should be looking at ShareID.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

PGP Universal          
PGP
Very Good, 8.3         
Cost: Subscription pricing for 500 seats, $20,000          
Bottom Line: PGP Universal provides straightforward, easy-to-manage client-to-client or gateway-to-gateway encryption. The client handles message encryption and decryption automatically in the background and allows users to manage their own keys. More affordable than competitors, all PGP lacks is a fuller-featured Web-mail portal and more granular mail policy enforcement.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

PostX Enterprise Platform 5.0
PostX
Very Good, 8.5         
Cost: High-availability systems, starts at $35,000           
Bottom Line: PostX Enterprise Platform provides maximum flexibility with support for encryption at the client or gateway and online and offline decryption. It also features first-rate Web-mail services and excellent mail-handling and routing capabilities. On the downside, the flexible routing engine does increase complexity for policy administrators.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Seclarity SiNic 1.0   
Seclarity
Very Good, 7.7         
Cost: Console management software, $10,000; $150 per 10/100 SiNic
Bottom Line: SiNic combines hardware authentication and encryption processing on every workstation with a central management console that integrates with Active Directory. The result is a private, encrypted network subject to incredibly powerful security policy enforcement. SiNic is limited by 100Mbps hardware and Microsoft-only platform support.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Senforce Enterprise Mobile Security Manager 2.5
Senforce       
Very Good, 7.8
Cost: Starts at $89.95 per seat      
Bottom Line: Senforce EMSM is a great tool for enforcing security policies on client computers. Its capability of pushing a specific policy to a client based on its network affiliation is a great way to keep mobile users in check without being too heavy-handed. Its reporting engine helps you prove compliance, and its support for wireless adapters and access points makes EMSM a great choice for users on the move.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Sigaba Secure Email 5.0
Sigaba          
Very Good, 8.0         
Cost: One-year license, $46,500   
Bottom Line: Sigaba Secure Email encrypts e-mail from gateway to gateway, and from client to client via desktop plug-ins and Web-based authentication and decryption. More expensive than its competitors, it lacks a full-function Web-mail portal and requires users to be online to initially decrypt messages (although decrypted mail can be stored locally in the client).
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Sygate Secure Enterprise 4.0        
Sygate Technologies
Very Good, 8.1
Cost: $20 to $80 per seat; GSA, $34 to $48 per seat (GSA configurations differ from commercial configurations; both ranges depend on modules selected)        
Bottom Line: Sygate Secure Enterprise excels at quarantining noncompliant nodes and making sure clients and other systems meet security and operational requirements. This product includes a client firewall but can also enforce granular and flexible policies governing a wide array of third-party products. The management interface is confusing in places.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Symantec DeepSight Threat Management System 5.0
Symantec
Excellent, 9.0
Cost: DeepSight Alert Services annual subscription, $5,000; annual subscription for DeepSight Threat Management System, $15,000
Bottom Line: DeepSight is a boon to large enterprises that need a lot of warning to prepare for attacks on vulnerabilities. The service provides detailed intelligence about activities that could be attacks and confirmed vulnerabilities. Information is presented clearly, identifying threat levels and threat trends.    
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

TeleCommunication Systems SwiftLink 1400
TeleCommunication Systems
Very Good, 8.2         
Cost: Base price, $16,600 (fully configured but without laptop, phone, and rolling case); as tested, $25,240 including Dell Latitude D600 laptop, secure Iridium phone, and rolling case
Bottom Line: The SwiftLink 1400 can encrypt communications through nearly any connection method, including wired Ethernet, Wi-Fi LAN, and cell phones. It's not easy to use, and consumer-grade components increase reliability doubts. But it does effectively provide secure communications from anywhere.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Trend Micro OfficeScan Corporate Edition 6.5    
Trend Micro
Very Good, 7.2
Cost: Commercial, $21.25 per user for 100 users; government (federal, state, local), $15.94 per user for 100 users  
Bottom Line: OfficeScan has some excellent features, including its own deployment engine and vulnerability scanner, but it is not without problems. Deploying software to clients didn't always work without tweaks to individual settings that aren't documented, and the anti-virus module didn't always detect our test virus. Capabilities are limited compared with competitors.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Tumbleweed Secure Messenger 6.0        
Tumbleweed Communications
Very Good, 8.5         
Cost: 100 managed users, $20,000
Bottom Line: Secure Messenger combines nearly universal reach and extensive mail-routing capabilities. It lacks the ability to encrypt at the desktop, but supports a range of delivery methods, online and offline decryption, granular mail policies, and content filtering based on weighted word analysis. Powerful mail handling capabilities raise the level of complexity for admins.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

VPNs
Aventail EX-750 7.2
Aventail
Very Good, 8.4         
Cost: 25 concurrent users, $6,995
Bottom Line: For small-to-midsize enterprises, the EX-750 is a flexible, easy-to-install, and easy-to-manage appliance for secure remote access. It comes with all of the necessary plumbing for browser-based access to resources inside the enterprise and its end-point control is first rate.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

F5 Networks FirePass 1000
F5 Networks 
Excellent, 9.0
Cost: 25-concurrent-user license, starts at $9,990
Bottom Line: The FirePass 1000 provides remote access to virtually any enterprise network application. It's easy to use and boasts excellent security, offering granular administration of users and groups, compatibility with a wide array of clients and browsers, and easy setup and configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Rainbow NetSwift iGate Pro SSL VPN Appliance          
Rainbow Technologies
Good, 6.7      
Cost: 70-concurrent-user license, starts at $22,995        
Bottom Line: iGate's proxy engines handle both HTTP and non-HTTP traffic, but the SSL VPN currently lacks an IPSec-style tunnel capability and other enterprise-level features. Furthermore, iGate uses a Java applet to modify the host's file to handle SSL VPN redirection.

Related:

Copyright © 2004 IDG Communications, Inc.

1 2 3 Page 3
Page 3 of 3