Despite the fact that VPNs and firewalls have been residing on the same box for over seven years, our testing of both of the site-to-site and remote access VPN capabilities showed an astonishing variation on the quality of VPN implementations.
Because every network requires a different way of measuring performance and most UTM products offer thousands of deployment options, it's hard to draw even general conclusions about how these products will behave in your network. However, we can say that most enterprises will want to proceed cautiously when adding UTM features, such as intrusion-prevention systems and antivirus scanning, to their perimeter firewall boxes, because of their unpredictable impact on total system performance.
The words "horror," "Hell," and "torture" have popped up in headlines more often than one might think. Since it's Halloween week, we thought it would be a good time to reflect on just how scary computers can be.
Server-side polymorphism is a challenging problem for anti-malware software vendors. Much of today's malware, such as the Storm worm, creates tens of thousands of variants each month, a development that has made many anti-virus software programs that use static signatures significantly less accurate.
A look at the all time greatest controversies in the history of the networking industry.
Most enterprises have some type of messaging security in the form of spam and virus filtering. When installing a new or replacement messaging-security system, key areas to pay attention to are performance, user experience, and management and operational costs. Performance is generally easy to manage. Aside from simply having enough hardware to do the job, there are three keys to keep performance up to par.
New companies have to be brash to enter the network security market, given that the industry has witnessed an explosion in creativity over the past five years and considering that big players such as Microsoft and IBM increasingly are throwing their weight around in security.
When the "Exchange Ranger" came for a visit at a client site, his advice set the ball rolling for a much-needed upgrade from Exchange Server 2000.
Widely tipped as the boom for security at the turn of the century, managed security services are now taking off, buoyed by a raft of new technologies and an increasingly complex security environment.
Some of the world's top network engineers are engaged in a research effort that could lead to the most radical redesign of the Internet's underlying routing architecture since it was developed in the 1980s.
Network-based intrusion-detection systems (IDS) are an integral component of a layered IT security strategy. As October is National Cyber Awareness Month, if your overall security system doesn't include network-based intrusion detection, now is an excellent time to consider implementing an IDS package.
Bad guys don't target just big, corporate networks. If you have a Wi-Fi network at home or in a small office, intruders may be after you, such as casual "war drivers" who troll city streets, looking for unprotected wireless networks.
With the advent of mashups, innovative developers all over the enterprise are seeking new ways to leverage the value of corporate information through the use of external Web applications, APIs, or services. Although the thought of this adventure has sent many corporate security specialists running behind their firewalls, mashups are here to stay. Indeed, they have strategic value for many enterprises, so you'd better figure out how to live with them.
Companies are trying to demonstrate that they're getting better at securing online transactions by adding multiple forms of authentication at sign-on, such as site keys. But experts say they could do 10 types of authentication at the start of the session and users would still be subject to attacks.
IT managers at small and midsize businesses like unified threat management appliances - firewalls that layer on antimalware protection, content filtering, antispam and intrusion prevention - because deploying a single, multi-function device reduces costs and simplifies configuration.
Mitigating network-borne threats has been an imperative to companies of all sizes and statures. As if malware and viral infestation weren't enough, today's corporations must contend with even bigger bugs, including regulatory compliance, information leaks, and intellectual property theft.
It's already had a major impact in the applications space and now software-as-a-service (SaaS) is fast becoming the area of investment for traditional security vendors. A year on from its acquisition of on-demand security provider, BlackSpider Technologies, SurfControl is lining up against the likes of Symantec, Postini and MessageLabs to secure pole position in the online content filtering landscape. SurfControl's executive vice-president and BlackSpider founder, John Cheney, was recently in town to tell local customers and partners about its online email and Web security services. He spoke with <i>ARN</i> about its value proposition, why on-demand is an opportunity for channel partners and how he sees the security market evolving.
In an era when more and more intruders are coming after corporate data for profit, not just for fun, a layered approach to security is more important than ever. The approach must be built on sound policies that are effectively communicated throughout the organization and backed up with spending on the right controls, but not too much spending in any one area.
Software agents -- long seen as a necessary evil by those securing and managing servers, desktops and other endpoint devices -- have proliferated to the point of polluting enterprise environments.
If malware were insects, botnets would be termites -- they burrow in behind the walls of your security perimeter, lie dormant for a period of time, then attack.
