|
|
|
|
|
|
|
|
|
||
|
|
||
|
Be a Commerce Partner |
Intrusion
Detection Systems:
Symantec
Symantec Gateway Security combines intrusion detection,
firewall, anti-virus, virtual private networking, and content filtering
in a single appliance that's priced for smaller businesses, like your
ISP business.
[June 19, 2002] |
 |
Symantec, best known for its anti-virus solutions, came by AXENT Technologies two years ago. The acquisition provided Symantec with AXENT's firewall and intrusion detection software. With a full range of security products under its wing, it was a logical next step for Symantec to consider combining a range of solutions in a single integrated appliance.
Howard Lev, Product Manager for Symantec Gateway Security, explains that
the latest security threats demand a multifaceted defense. "There are
firewall products, there are intrusion detection products, there are anti-virus
products, but there's no integration between them," he said. "That exposes
networks to threats which leverage those weaknesses."
|
Symantec
|
 |
In response to such threats, the company introduced the Symantec Gateway Security appliance in February. "It's the first fully integrated multifunction network security appliance," Lev said. "It's got firewall, anti-virus, intrusion detection, virtual private networking, and content filtering—and it's all integrated—it works together."
Lev says Symantec Gateway Security is the first in a series of integrated products the company has planned to help make security easier to manage. "Eventually what you'll see from Symantec is the gateway security products, the server security products, and the client security products, all being managed by a common management interface, all with common logging, reporting, and alerting," he said.
The idea, he says, is to make it simpler for small to medium sized businesses, as well as branch offices of larger organizations, to gain comprehensive security at a much lower cost. "We have enterprise-grade security made simple," Lev said. "You've got simple deployment and management, and Symantec provides technical support and response from a single vendor."
Layered protection
One of the greatest strengths of Symantec Gateway Security is its active
intrusion detection capability, with an application-level firewall providing
additional backup. "If a packet comes in and we detect an attack, we drop
the packet right there," Lev said. "If we don't detect it as an attack,
it'll then go through the firewall engine, where we do additional checks
on the source and destination addresses of the packets."
Lev says the inclusion of gateway anti-virus detection is another unique asset. "All the packets that come through, if they're mail, web, or FTP packets, will get scanned by the AV scanner on the way through," Lev said. "A lot of people out there are saying they have the same kind of capabilities, but if you look down deep, you'll find out that it's desktop AV they're talking about, not gateway AV."
The Symantec Raptor Management Console provides centralized management, either for one appliance or for a group. "You can manage multiple appliances from one location, whether they're in the same room or they're halfway across the world, because we have an encrypted link for management," Lev said. "You have the ability to manage a good number of machines."
Load balancing software is included in the appliance, and can be turned on for an additional fee. "If you buy another machine and turn it on in both machines, they'll run in a high availability load balancing cluster, so that if one machine goes down, the other machine will pick up the load," Lev said. "We can cluster up to eight machines."
Each device features four independent Ethernet ports, allowing separate rules to be set up to prevent attacks from both inside and outside the network. "You can set up one set of rules from the Internet to the user network, another set of rules from the Internet to the web server network, and another set of rules from the Internet to the FPT/mail server network," Lev said. "We have a lot of flexibility with this appliance."
Balance your options
Three different versions of the appliance are available. Model 5110, which
protects up to 50 nodes, is priced at $11,790. Model 5200, for up to 250
nodes, costs $23,590, and Model 5300 (left), which can protect
up to 1000 nodes, is priced at $51,990. All models come with one year
of Gold Support and one year of hardware warranty.
Gold Support includes content updates for anti-virus, intrusion detection, and content filtering, as well as one year of hardware warranty extension, and one year of advanced replacement should the appliance fail. Gold Support also includes technical support during business hours, while Platinum Support is available around-the-clock.
Available cross-grades include a change from site-to-site VPN to remote-to-site VPN, which costs between $2,995 and $8,895, depending on the model. High availability load balancing can also be enabled for $4,995 per appliance.
META Group analyst Mark Bouchard says Symantec Gateway Security is a particularly well-balanced solution. "It's well-balanced in that it accounts for the need to support both inbound and outbound sessions," he said. "It's also from a well known name in security: its capabilities are backed up by years of experience."
Bouchard says the challenges the product will face are likely to come from the fact that enterprises tend to justify security investments one function at a time, and may be wary of investing too heavily in a single multi-function solution. On the other hand, he notes that the convenience and cost savings the product offers are likely to outbalance any such concerns.
He adds that one key factor helps to differentiate Symantec Gateway Security from any startups that might be coming out with competing products. "Symantec has years of experience under its belt, whereas the upstarts have very little," Bouchard said. "The only way to prove the effectiveness of a security product is through millions of hours in service without customers complaining that it's Swiss cheese."
For the target market of small to medium sized businesses, Symantec's Lev contends the product is a perfect fit. "The big guys say they want the best of breed: they want to be able to mix and match," he said. "But in one box, we can give you a comprehensive, integrated solution for your network security needs, and you have just one vendor to deal with."
— End
Online Resources:
Intrusion
Detection Systems Directory
IDS
Quick Reference Chart
| Related articles: | ||
| [Dec. 24, 2001] | White Paper: Reducing Network Security Risk | |
| [Sept. 25, 2001] | Physical Security Augments Logical Security | |
| [July 11, 2001] | ISP-Planet Survey: MSSPs | |
ISP-Planet's
RSS feed
