More options for security management
- By Maggie Biggs
- Jul 07, 2003
Several other appliance-based solutions are available to help agencies manage security. Although we could not evaluate every solution in this space, two
hardware-based solutions in particular bear evaluation by agencies seeking to improve security.
SilentRunner Inc.'s SilentRunner Enterprise Edition (www.silentrunner.com) appliance specializes in monitoring an Ethernet network for unauthorized entries. Not a fire-and-forget system, it requires frequent monitoring by an expert.
A second option is Sandstorm Enterprises Inc.'s NetIntercept (www.netintercept.com). This security appliance captures network traffic by plugging into an Ethernet port on your network switch. Administrators can view and analyze collected information and specify which data should not be overwritten in case it needs to be saved for further auditing. With NetIntercept's interfaces, users can also query datasets or generate reports.
In addition to appliance-based security management, a number of open-source solutions provide good functionality. Chief among those is Ethereal (www.ethereal.com), which enables agencies to monitor live traffic or capture it to disk for later analysis. Ethereal includes a rich filtering capability and tools that enable administrators to reconstruct TCP sessions.
Another open-source solution for security management is the Network Security Analysis Tool (nsat.sourceforge.net). This scanner can capture and analyze traffic for more than 50 supported services. Administrators can view archives to query data and create reports.
Regardless of whether you choose an open-source solution, software-based tools or a security appliance, implementing defensive measures will reduce security risks.