NETWORK WORLD NEWSLETTER: NEAL WEINBERG ON PRODUCT REVIEWS 08/31/04 Today's focus: Sourcefire RNA
Dear [EMAIL PROTECTED], In this issue: * Sourcefire's Real-time Network Awareness Sensor 2000 * Links related to Product Reviews * Featured reader resource _______________________________________________________________ This newsletter is sponsored by SBC Dialing for Dollars CRATE & BARREL'S VOIP MOVE NETS SAVINGS AND FLEXIBILITY An apples-to-apples comparison showed that a centralized, software-based, IP-based platform could provide significant cost savings and productivity benefits over a comparable, traditional PBX system. Download whitepaper now, click here http://www.fattail.com/redir/redirect.asp?CID=78738 _______________________________________________________________ IS SECURITY RIPE FOR OUTSOURCING? Security demands for online applications such as e-commerce and Web services are prompting more corporate customers to hand off security functions - such as intrusion detection and firewalls - to outside service providers. Find out if security should be outsourced in this Network World article: http://www.fattail.com/redir/redirect.asp?CID=78263 _______________________________________________________________ Today's focus: Sourcefire RNA By Neal Weinberg The Reviewmeister likes to keep tabs of everything happening on the network. That's why we love Sourcefire's Real-time Network Awareness Sensor 2000 - it's like a magic eye that watches everything happening on your network. By combining passive network analysis with a Web-based management system, Sourcefire delivers a powerful tool to IT personnel who need more information about their networks. While RNA Sensors offer a wealth of information about the systems and services on your network, the downside is that it is up to you to make sense out of it all. To help network managers understand the information from RNA Sensors and the alerts and events from the company's intrusion-detection systems sensors (Intrusion Sensor), Sourcefire offers the Defense Center (if purchased collectively, Sourcefire refers to the package as its 3D Product Suite). RNA Sensors and Intrusion Sensors send information to the Defense Center, which provides a central view of alerts and events, network configuration information and forensic data. RNA Sensors sit passively on the network and watch the traffic pass by. The RNA Sensor we tested had four Ethernet interfaces, but we used only one with virtual LAN-based monitoring to give RNA Sensor visibility into different parts of our production network. While this virtual LAN capability is a great feature for a network site, if you wanted to monitor multiple sites, you'd need to deploy multiple sensors. Configuration is simple: once you tell RNA Sensor what networks to watch, it begins collecting data and populating its databases. As RNA Sensor watches the packets fly by, it builds a model of the network topology and pinpoints the hosts on your network, the network applications they are running, and the users and devices they are communicating with. Because RNA Sensor watches every connection to every host, it also collects information about specific network flows, such as a particular HTTP connection from a client to a server. RNA Sensor's information about our network was quite accurate. Application identification was excellent, as the sensor found obscure mail servers on non-standard ports and managed to get product and version information for most products. RNA Sensor's "policy-free" architecture is great for the sophisticated network professional, but you've got to have an idea of what you want to know - or combine it with Sourcefire's Defense Center management console - before it becomes a very useful tool. RNA Sensor offers a limited policy-compliance tool kit. As the product gathers information about systems, it generates internal events. You can search the event logs at any time, or with the policy tool kit you can build rules that watch for particular combinations of events and values. When these incidents occur, RNA Sensor will send e-mail, an SNMP trap or a syslog message. The true power of RNA for policy compliance and monitoring comes in the Defense Center, and this is where Sourcefire hits its stride. When RNA Sensors are connected to a Defense Center console, policy-compliance rules are evaluated on the management console, which means you can combine the results from multiple sensors when writing policy rules. For the full report, go to <http://www.nwfusion.com/reviews/2004/0823revrna.html> RELATED EDITORIAL LINKS Sourcefire adds new software http://www.nwfusion.com/news/2004/0531sourcefire.html Sourcefire releases IDS helper Network World, 11/24/03 http://www.nwfusion.com/news/2003/1124sourcefire.html _______________________________________________________________ To contact: Neal Weinberg Neal Weinberg is features editor at Network World, in charge of product reviews, Buyer's Guides, technology primers, how-tos, issue-oriented feature stories and the Technology Insider series. You can reach him at <mailto:[EMAIL PROTECTED]>. _______________________________________________________________ This newsletter is sponsored by SBC Dialing for Dollars CRATE & BARREL'S VOIP MOVE NETS SAVINGS AND FLEXIBILITY An apples-to-apples comparison showed that a centralized, software-based, IP-based platform could provide significant cost savings and productivity benefits over a comparable, traditional PBX system. Download whitepaper now, click here http://www.fattail.com/redir/redirect.asp?CID=78737 _______________________________________________________________ ARCHIVE LINKS Reviews archive: http://www.nwfusion.com/reviews/index.html _______________________________________________________________ FEATURED READER RESOURCE WONDERING IF YOUR PAY IS UP TO SNUFF? Check out Network World's 2004 Salary Calculator to see if you're getting paid what you're worth. Using data collected in the 2004 Network World Salary Survey, we've programmed this calculator with several categories that could affect your pay. Answer the questions and find out what the average salary is for your job category. Click here: <http://www.nwfusion.com/salary/2004/calculator.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED] ------------------------ Yahoo! Groups Sponsor --------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/BCfwlB/TM --------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/kumpulan/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
