NETWORK WORLD NEWSLETTER: PHIL HOCHMUTH ON SECURITY 10/28/04 Today's focus: Enterasys upgrades its security suite
Dear [EMAIL PROTECTED], In this issue: * Upgrade for Enterasys Networks' Dragon intrusion detection ��system * Links related to Security * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Junniper Networks SSL VPNs-Secure Remote Access At companies of every size, IT staffers are running ragged trying to provide secure remote access to their network. There's a better way: SSL VPNS can give your employees secure remote access at a fraction of the time, trouble and cost. Evaluate SSL VPNs for your business. FREE whitepaper at: http://www.fattail.com/redir/redirect.asp?CID=85474 _______________________________________________________________ NOW AVAILABLE! Networking for Small Business website Get all the combined Small Business advice, authority, and know-how from the experts at NW Fusion and PC World distilled into one powerful resource, the new Networking for Small Business website. Find everything your small business needs regarding Security, Networking, Broadband, Hardware, Software, and Wireless and Mobile technology at: http://www.fattail.com/redir/redirect.asp?CID=85537 _______________________________________________________________ Today's focus: Enterasys upgrades its security suite By Phil Hochmuth Enterasys this week is expected to announce an upgrade to its Dragon intrusion-detection-system product that the company says will make it easier for customers to protect their networks. Dragon Intrusion Defense 7.0 lets users deploy network-based and host-based intrusion detection while simplifying the management and collection of network activity data, Enterasys says. The software also can be used to trigger actions on network devices - such as launching scripts or closing ports - when suspicious activity is detected. Faster IDS processing is also on tap. The updated suite consists of IDS software that can run on Enterasys Dragon appliances or standard servers dedicated for IDS. Host sensors are part of the package, and are used for detecting network hacks on servers. Also included is an upgraded network management package for configuring and setting rules on IDS nodes and monitored servers. New management capabilities rely on a client-server architecture. A Java-based client, as opposed to a previous Web-based client interface, now is used to access an Intrusion Defense management server. Enterasys says the new client lets users perform more-complex IDS management and eases configuration tasks. The management software also includes a Security Event Gateway feature, which can let users aggregate information from third-party IDS appliances, firewalls and routers and build a database for tracking network events. Enterasys says this feature requires help from Enterasys' professional services arm to implement because it involves writing custom scripts for collecting and processing log files and other data from third-party products. Enterasys says next year it will have a version of Security Event Gateway that will let users self-configure the settings. A new virtual sensor capability lets a single Dragon IDS appliance (running Intrusion Defense 7.0) monitor traffic on multiple virtual LANs, and even individual application traffic streams, when attached to a mirrored port on a network distribution switch - a box that ties together multiple desktop switches. In the past, a separate Enterasys Dragon appliance would have been needed for monitoring each individual VLAN or application stream, the vendor says. The network-based IDS monitoring software also has been fine-tuned to process attack signatures and recognize suspicious traffic patterns more quickly, Enterasys says. Version 7.0 lets a Dragon appliance or server fitted with Gigabit Ethernet inspect traffic at near line rate. Gigabit ports were available on Dragon appliances in the past, but maximum traffic inspection speeds were about 400M to 600M bit/sec. Enterasys says its Dragon Intrusion Defense 7.0 framework will be integrated next year with the company's Trusted End System (TES) architecture. TES is a technology that lets Enterasys LAN switches shut off network access to suspicious users, or move end users into quarantined network segments based on third-party, virus-scan information. Dragon-TES integration could let IDS gear communicate with LAN switches to close network ports when intrusions are detected. Dragon Intrusion Defense 7.0 competes with IDS products from Cisco, as well as security vendors such as CheckPoint, Internet Security Systems and open source products such as SNORT. The Dragon Intrusion Defense 7.0 suite starts at $10,000 for the IDS software, management server and host sensors. The product is scheduled to ship in November. RELATED EDITORIAL LINKS Security vendors take softer approach Network World, 10/25/04 http://www.nwfusion.com/news/2004/102504security.html Security management products on tap from CA, SenSage Network World, 10/25/04 http://www.nwfusion.com/news/2004/102504ca.html Check Point bolsters LAN security Network World, 10/25/04 http://www.nwfusion.com/news/2004/102504checkpoint.html _______________________________________________________________ To contact: Phil Hochmuth Phil Hochmuth is a Network World Senior Editor and a former systems integrator. You can reach him at <mailto:[EMAIL PROTECTED]>. _______________________________________________________________ This newsletter is sponsored by Junniper Networks SSL VPNs-Secure Remote Access At companies of every size, IT staffers are running ragged trying to provide secure remote access to their network. There's a better way: SSL VPNS can give your employees secure remote access at a fraction of the time, trouble and cost. Evaluate SSL VPNs for your business. FREE whitepaper at: http://www.fattail.com/redir/redirect.asp?CID=85473 _______________________________________________________________ ARCHIVE LINKS Archive of the Security newsletter: http://www.nwfusion.com/newsletters/sec/index.html Breaking security news: http://www.nwfusion.com/topics/security.html _______________________________________________________________ FEATURED READER RESOURCE NW CLEAR CHOICE TESTS The Network World Lab Alliance is a coalition of industry experts, network integration consultants, independent test labs and universities who conduct single-product reviews and head-to-head comparative tests in real enterprise network settings. Find out which products get the "thumbs-up" in categories such as web front-end devices, WLAN security, anti-spam and more at: <http://www.nwfusion.com/reviews/> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
