Our picks of the latest in security
By Fahmida Y. Rashid & CRN Test Center staff
In this issue, the CRN Test Center highlights some of the more noteworthy security products to come through the lab so far this year. Vendors in the security space face double-duty pressure-not only to best their competitors but also to stay one step ahead of never-ending and more sophisticated security threats. Here are some products that manage to do both.
AirMagnet WiFi Analyzer
Formerly called Laptop Analyzer Pro, the WiFi Analyzer is a Windows-based WLAN analysis tool. Collected data includes time of first/last received packets, signal strength, number of alarms and associated access point. Some items, such as throughput, can be drilled down for details. All discovered devices are presented in a graphical view.
Features: Wi-Fi packet, interference analysis, 802.11a/b/g/n monitoring, troubleshooting tools, reporting, alarms and alerts for intrusions, penetration and hacking
Bottom Line: Offers a single, easy-to-use interface that can be used to both troubleshoot WLAN performance and locate security threats in a network.
CatBird Pocket V-Agent
The Pocket V-Agent is a USB stick with a VMware-based appliance. Once connected to the system, the PC becomes a security agent, monitoring for rogue devices, detecting and preventing intrusion attempts, and discovering vulnerabilities in virtual and physical networks. Monitoring and configuration are done via a Web portal. For the customer, what the Pocket V-Agent can do depends on the products selected through Catbird's SaaS solution.
Features: Easy deployment, audits on network security, periodic or continuous network protection, realtime data on vulnerabilities, IPS/IDS, policy compliance, realtime snapshots
Bottom Line: You can't argue against a security product for virtualized environments. Pocket V-Agent offers just that.
Core Impact Professional
Core Security's offering is a pure penetration tool that comes with a set of preprogrammed exploits that take advantage of known security flaws in products such as Adobe Flash and Windows. It can discover any vulnerabilities that need to be patched and fixed. It can also launch attacks through a specific device to discover the extent of damage possible.
Features: Ability to make custom exploits, free updates of newly developed exploits, automation scripts, simulating phishing attacks, testing Web applications, database testing
Bottom Line: Easy-to-use interface and automation scripts let administrators be proactive in securing the network.
eSoft InstaGate 404E
This small, UTM appliance rivals its heftier competitors. The device has integrated VPN and firewall. Features include intelligent spam scanning, spyware, malware and intrusion detection and content filtering. The Web-based management interface is a centralized location to manage updates, firewall policies, QoS policies and antivirus settings.
Features: Antispam, intrusion detection, firewall, PPTP, VPN, SSL Web-based management interface, intuitive management interface with easy install and setup
Bottom Line: A cost-efficient, all-in-one security threat management solution.
FaceTime Unified Security Gateway
FaceTime Communications' UTM product monitors realtime applications and can log transcripts of IM communications like Hotmail, Yahoo, etc. Robust Web filtering has options to block, allow access, or "coach" (recommending a user not visit) any administrator-defined Web site. Web management interface includes granular malware, P2P filtering.
Features: IM realtime filtering, content, P2P, malware filtering; Unified Security Gateway offers several in-the-box reports including IM transcript reports
Bottom Line: A formidable defense against any potential breaches in a business' compliance, legal and usage policies.
KeyFocus KFSensor
KFSensor is a software-based honeypot designed for the Windows platform. KFSensor runs simulated Windows services like HTTP, SMTP and IIS and scans for any intrusion attempts against the ports associated with those services. Administrators can also choose to have KFSensor scan native services.
Features: Simulated services can run as native services, logging can be done against an ODBC-compliant database, gives detailed info on intrusion attempts
Bottom Line: Honeypots can be complex to configure and administer, but KFSensor is a powerful, hassle-free Windows offering.
MX Logic Email Defense Service
This hosted mail-filtering solution uses multiple layers of spam-fighting techniques. MX Logic is constantly tweaking those layers and adding new ones. User-specific quarantines are accessible online. There's also the option to queue mail and users can log in and read and reply to messages even in an outage.
Features: Blacklists, whitelists, URL filtering, examines HTML and JavaScript tags, scans for worms and viruses, multilanguage filter, deep content analysis
Bottom Line: A perfect example of why SaaS is so popular. It's accurate, responsive and straightforward to manage.
Sophos WS1000
The device's management interface lets administrators see at-a-glance information on virus updates, Web traffic and bandwidth. The appliance uses behavioral genotype scanning, which allows zero day attacks and unknown threats to be caught. This is more robust than reputation scanning, which relies on pre-existing knowledge of the threat's code.
Features: Full content scanning, true file type scanning, in-the-box reporting, URL testing, analysis of a network's traffic patters in the dashboard panel
Bottom Line: Ideal sentry against established threats and zero day, unknown threats.
Untangle Gateway Platform Combining open-source
projects with commercial tools into one security solution, the platform consists of the server software running on a dedicated PC and the client for configuring and installing applications. Select applications from a "catalog" and the software automatically installs the packages with common settings. The fiddling is hidden.
Features: Antiphishing, Web filter, anti-spam, spyware and virus, protocol control, firewall, VPN, remote control, policy manager, intrusion prevention
Bottom Line: This comprehensive network security suite can be managed from a single interface. |