Review: Intrusion-Protection Systems
Source: Curtis Franklin Jr. and Jordan Wiens - Posted by Joe Shakespeare   
Intrusion Detection Detecting network intrusions is no longer enough. Smart organizations aim to prevent them. No wonder: The lag between vulnerability announcement, patch release and exploit is shrinking like a cheap trade-show T-shirt. The Blaster attack came only 25 days after the patch was released, and Sasser was even faster--18 days. In March, the Witty worm struck a buffer-overflow vulnerability one day after the flaw was discovered.

Network IPSs (intrusion-prevention systems) can help keep your systems safe by identifying and blocking suspicious traffic. Fully 80 percent of respondents to Network Computing's 2004 Reader Poll have a NIP in place or plan to implement one within a year. We invited vendors to send their systems to our University of Florida partner labs during the height of the 2004 hurricane season for what turned out to be a storm-wracked test--literally.

Ultimately, we tested nine devices: Check Point Software Technologies' InterSpect 610, Fortinet's FortiGate-3600 Antivirus Firewall, Internet Security Systems' Proventia G1000-400, Juniper Networks' NetScreen-IDP 1000, Lucid Security's ipAngel X3 AVS-400, Radware's Defense- Pro AS-III/SME, SecurityMetrics' Security Appliance Model 60, TippingPoint Technologies' UnityOne-1200 and V-Secure Technologies' V-Secure V-1000.

Determina, Mazu Networks, NetContinuum and Privacyware decided that their products did not fit our requirements. EEye Digital Security and Kavado fell victim to scheduling problems resulting from the nasty weather. ForeScout Technologies sent product, but after further discussion, it concluded (with our concurrence) that its technology and our testing regimen were not well-matched. Symantec declined to participate, citing a lack of resources, and McAfee said its sensor unit would be outdated by the time this article was published.

Read this full article at Curtis Franklin Jr. and Jordan Wiens

Only registered users can write comments.
Please login or register.

Powered by AkoComment!