 |
||||
 | |
| ||
|
||||
| ||||
|
|
||||
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.
Storage
WAN Services
Web/e-commerce
Wireless/Mobile
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings
/
Other content security angles
|
|||
 | |||
|
Content filters and antivirus products are only two categories among a widening range of security devices that offer protection beyond firewalls.
We took at look at several other innovative products you might want to incorporate into a comprehensive security strategy: One offers a new approach to denial of service (DoS), another a token authentication product that eliminates the need for multiple certificates, and a service that offers network auditing.
Riverhead's Guard is a distributed DoS product that off-loads distributed DOS attacks destined to a server, changing the route for the server under attack to deflect all traffic to the Guard. The Guard filters out the DoS packets, allowing cleansed traffic to pass onto the destination server.
The Guard we examined (priced at around $70,000) is targeted for very high-end corporate networks or service providers and ISPs. But the vendor is developing an enterprise version of the product (Riverhead Guard for the Enterprise), which will sell for around $30,000.
The Rainbow NetSwitch iGate appliance, which sits between the LAN and local Web servers, provides token authentication for users accessing Web resources. A unique aspect of the iGate is that it forces Secure Sockets Layer processing for all local Web resources (via HTTPS on Port 443) on a single certificate to authenticate and encrypt traffic, eliminating the need to use a separate certificate on each local Web server.
Qualys's QualysGuard service performs scheduled network security audits on a daily, weekly or monthly basis. We subscribed to the service to see how it worked. We liked that it did not let us select our own passwords, using random passwords that can be regenerated at any time instead.
Data obtained during the network audit is encrypted through the password. We found the number of false-positive alerts we received annoying, but thought it better to err on the side of caution in this case. The only downside was that if an account were to be compromised, a large amount of sensitive data could be exposed.
Apply for your free subscription to Network World. Click here. Or get Network World delivered in PDF each week.
Request a reprint or permission to use this article.
 |
 |
 |
|||||
|
|
|
|
|
|||