12 Security Products That We Love
In this issue, the CRN Test Center highlights some of the more noteworthy security products to come through the lab so far this year. Vendors in the security space face double-duty pressure—not only to best their competitors but also to stay one step ahead of never-ending and more sophisticated security threats. Here are some products that manage to do both.
Formerly called Laptop Analyzer Pro, the WiFi Analyzer is a Windows-based WLAN analysis tool. Collected data includes time of first/last received packets, signal strength, number of alarms and associated access point. Some items, such as throughput, can be drilled down for details. All discovered devices are presented in a graphical view.
FEATURES
Wi-Fi packet, interference analysis, 802.11a/b/g/n monitoring, troubleshooting tools, reporting, alarms and alerts for intrusions, penetration and hacking
BOTTOM LINE/RATINGS
Offers a single, easy-to-use interface that can be used to both troubleshoot WLAN performance and locate security threats in a network. Price: $3,995
The Pocket V-Agent is a USB stick with a VMware-based appliance. Once connected to the system, the PC becomes a security agent, monitoring for rogue devices, detecting and preventing intrusion attempts, and discovering vulnerabilities in virtual and physical networks. Monitoring and configuration are done via a Web portal. For the customer, what the Pocket V-Agent can do depends on the products selected through Catbird's SaaS solution.
FEATURES
Easy deployment, audits on network security, periodic or continuous network protection, realtime data on vulnerabilities, IPS/IDS, policy compliance, realtime snapshots
BOTTOM LINE/RATINGS
You can't argue against a security product for virtualized environments. Pocket V-Agent offers just that. Price: Free and licensed with Catbird's SaaS solution
Core Security's offering is a pure penetration tool that comes with a set of preprogrammed exploits that take advantage of known security flaws in products such as Adobe Flash and Windows. It can discover any vulnerabilities that need to be patched and fixed. It can also launch attacks through a specific device to discover the extent of damage possible.
FEATURES
Ability to make custom exploits, free updates of newly developed exploits, automation scripts, simulating phishing attacks, testing Web applications, database testing
BOTTOM LINE/RATINGS
Easy-to-use interface and automation scripts let administrators be proactive in securing the network. Price: More than $30,000 for the unlimited version
This small, UTM appliance rivals its heftier competitors. The device has integrated VPN and firewall. Features include intelligent spam scanning, spyware, malware and intrusion detection and content filtering. The Web-based management interface is a centralized location to manage updates, firewall policies, QoS policies and antivirus settings.
FEATURES
Antispam, intrusion detection, firewall, PPTP, VPN, SSL Web-based management interface, intuitive management interface with easy install and setup
BOTTOM LINE/RATINGS
A cost-efficient, all-in-one security threat management solution. Price: $799; software updates are $299 per year
FaceTime Communications' UTM product monitors realtime applications and can log transcripts of IM communications like Hotmail, Yahoo, etc. Robust Web filtering has options to block, allow access, or "coach" (recommending a user not visit) any administrator-defined Web site. Web management interface includes granular malware, P2P filtering.
FEATURES
IM realtime filtering, content, P2P, malware filtering; Unified Security Gateway offers several in-the-box reports including IM transcript reports
BOTTOM LINE/RATINGS
A formidable defense against any potential breaches in a business' compliance, legal and usage policies. Price: $24,995/1,000 users
Kaspersky Labs updated the antimalware engine to speed scanning. IS2009 analyzes unknown code to identify its capabilities before assessing its potential to cause harm. The reporting interface allows multiple scan reports to be compared at once, details where the malware was found and links to an external Web site with info on found vulnerabilities.
FEATURES
Blacklists and whitelists, analyzes unknown code, alerts, firewall rules, application monitoring, parental controls, virtual keyboard
BOTTOM LINE/RATINGS
On-the-fly protection on par with competitors, but IS2009 has more pizzazz than others in its reporting capabilities. Price: $79.95
KFSensor is a software-based honeypot designed for the Windows platform. KFSensor runs simulated Windows services like HTTP, SMTP and IIS and scans for any intrusion attempts against the ports associated with those services. Administrators can also choose to have KFSensor scan native services.
FEATURES
Simulated services can run as native services, logging can be done against an ODBC-compliant database, gives detailed info on intrusion attempts
BOTTOM LINE/RATINGS
Honeypots can be complex to configure and administer, but KFSensor is a powerful, hassle-free Windows offering. Price: Not available
McAfee's suite has an easy-to-use interface and does more than just scan for malware. It can manage the network, with a graphical map of all the devices. Network Manager checks to make sure McAfee is running on all machines in the network. QuickClean lets users easily delete cookies and cached files. Obsolete files can be "shredded."
FEATURES
Antivirus, antispam, antispyware, SiteAdvisor (alerts when accessing a known dangerous site), firewall, single-click lockdown, parental controls
BOTTOM LINE/RATINGS
A robust solution packed with networking tools; does a better job than most. Price: Annual subscription varies, starts at $59.99
This hosted mail-filtering solution uses multiple layers of spam-fighting techniques. MX Logic is constantly tweaking those layers and adding new ones. User-specific quarantines are accessible online. There's also the option to queue mail and users can log in and read and reply to messages even in an outage.
FEATURES
Blacklists, whitelists, URL filtering, examines HTML and JavaScript tags, scans for worms and viruses, multilanguage filter, deep content analysis
BOTTOM LINE/RATINGS
A perfect example of why SaaS is so popular. It's accurate, responsive and straightforward to manage. Price: Varies by version, users
The device's management interface lets administrators see at-a-glance information on virus updates, Web traffic and bandwidth. The appliance uses behavioral genotype scanning, which allows zero day attacks and unknown threats to be caught. This is more robust than reputation scanning, which relies on pre-existing knowledge of the threat's code.
FEATURES
Full content scanning, true file type scanning, in-the-box reporting, URL testing, analysis of a network's traffic patters in the dashboard panel
BOTTOM LINE/RATINGS
Ideal sentry against established threats and zero day, unknown threats. Price: $18 per user per year, based on 1,000 users for 3 years
Combining open-source projects with commercial tools into one security solution, the platform consists of the server software running on a dedicated PC and the client for configuring and installing applications. Select applications from a "catalog" and the software automatically installs the packages with common settings. The fiddling is hidden.
FEATURES
Antiphishing, Web filter, anti-spam, spyware and virus, protocol control, firewall, VPN, remote control, policy manager, intrusion prevention
BOTTOM LINE/RATINGS
This comprehensive network security suite can be managed from a single interface. Price: Professional versions from $270 to $2,700 a year
The technology brings Untangle's Gateway Platform to the smallest business by removing a barrier: having a dedicated PC. The technology installs a VMware appliance on a normal Windows XP desktop that runs in the background. The appliance automatically sets up routing rules so all systems on the network pass through the virtual machine.
FEATURES
Untangle ReRouter Technology is best for networks with fewer than 25 machines; features are same as the Gateway Platform
BOTTOM LINE/RATINGS
Uses desktop virtualization to give smaller businesses a way to protect the network. Price: Free