firewalls

RSS

  • Review

    Next-gen firewalls: Off to a good start

    Posted May 7, 2012 - 11:57 am

    When we tested four next-gen firewalls strictly on performance, we found that the products could forward packets at impressive rates, but throughput dropped when advanced security features were turned on. We now dive deep into application identification and control - the defining features of next-gen firewalls - to find out what works and what doesn't.

  • Review

    Next-gen firewalls require external visibility tools

    Posted May 7, 2012 - 11:55 am

    Knowing what's happening on your network is a pre-requisite to controlling the traffic. We call that visibility because it combines all of the information the firewall knows, including session and application information, traffic volumes, and rate information, into a way to "see" into your network -- to give you visibility.

  • Review

    Palo Alto next-gen firewall stacks up well

    Posted May 7, 2012 - 11:55 am

    Palo Alto Networks has bet everything on being a next-generation firewall. Without the next-generation hook, Palo Alto has little chance at breaking into the established world of firewalls, and they've done a good job at defining the category on their own terms.

  • Review

    SonicWall stands tall in SSL decryption testing

    Posted May 7, 2012 - 11:54 am

    If one of the main advantages of a next-generation firewall is application and protocol identification and control, then SSL decryption is a basic requirement. We looked at the SSL decryption capabilities of the next-generation firewalls to see how well they would be able to discover applications, protocols, and URLs hidden within encrypted connections.

  • Review

    Basic firewall functionality: Check Point's maturity shows through

    Posted May 7, 2012 - 11:53 am

    Enterprise firewalls must have policies to control traffic, ability to create site-to-site VPNs using standards-based IPsec, translate addresses and port numbers (NAT) when needed, and apply basic bandwidth management to traffic. They must also support features such as high availability (active/passive or active/active), virtual LANs, Ethernet link aggregation, and global management systems.

  • Review

    Fortinet has highest catch rate in IPS testing

    Posted May 7, 2012 - 11:50 am

    We tested the intrusion prevention capabilities of each of the next-generation firewalls to determine how well they work and how the IPS integrates with system management.

  • Review

    Check Point takes best approach to URL filtering

    Posted May 7, 2012 - 11:45 am

    URL filtering has become a "checkbox" feature on most Unified Threat Management firewalls, and no wonder: it doesn't require a lot of imagination to do it right, and it's hard to really differentiate yourself or do a bad job of it.

  • Next big security risk for home users: Internet connected TV

    Posted April 18, 2012 - 3:25 pm

    Security gurus have been demonstrating the risk of 'smart' TVs and appliances, that support the web but not decent security. Smart malware, spear phising and the demand for botnets may finally get global, commercial hacking operations aim not at your laptop, but your TV.

  • Cisco how-to guides for firewalls, IPv6, contact centers and taking that security exam

    Posted December 5, 2011 - 9:45 pm

    We take a look at a few recent Cisco Networking Technology Series books

  • Sourcefire shipping its first two app-aware, next-gen firewalls

    Posted December 5, 2011 - 2:42 pm

    Sourcefire Monday said it expects to begin shipping its first two next-generation firewall appliances later this month, entering an increasingly crowded market.

  • Network security pros admit firewall management is a mess

    Posted November 17, 2011 - 3:08 pm

    Network security professionals admit their firewall management policies are in a mess, putting their organizations at risk of a security breach.

  • Cisco how-to guides for firewalls, IPv6, contact centers and security exams

    Posted November 16, 2011 - 6:20 pm

    If you're ready for a technical deep dive in a book, the Cisco Networking Technology Series provides that in its collection of volumes on topics that include Cisco firewalls, Cisco Unity Connection voice-messaging platform, Cisco Contact Center, IPv6 and more. Here's a quick review of the books published in this series by Cisco Press this year.

  • Dos and don'ts for next-gen firewalls

    Posted November 8, 2011 - 4:16 pm

    Plug it in and turn it on? Next-generation firewalls just aren't that simple. Here's advice from the experts on choosing the right device and getting the most it.

  • Next-generation firewalls: In depth

    Posted October 17, 2011 - 11:22 am

    Next-generation firewalls, meet this generation's network and threat environment.

  • Firewall vendors challenge findings of NSS Labs report

    Posted April 13, 2011 - 4:07 pm

    Apparently, NSS Labs struck a nerve. NSS Labs revealed that almost all of the firewalls it tested for a recent report are susceptible to crash or compromise using common attacks. The firewall vendors in question, though, beg to differ and take exception to the claims made by NSS Labs.

  • Hacker 'handshake' hole found in common firewalls

    Posted April 12, 2011 - 4:42 pm

    Some of the most commonly-used firewalls are subject to a hacker exploit that lets an attacker trick a firewall and get into an internal network as a trusted IP connection.

  • DDoS attacks made worse by firewalls, report finds

    Posted February 2, 2011 - 9:50 am

    The rising tide of distributed denial of service attacks (DDoS) is being made much worse by a tendency to mis-deploy firewalls and intrusion prevention systems (IPS) in front of servers, a report by Arbor Networks has found.

  • Just say No to DDOS attacks

    Posted February 1, 2011 - 3:31 pm

    A new report shows DDOS attacks are more successful than they should be because most nets aren't set up to just turn bogus requests away.

  • Firewall audit and big-picture risk assessment

    Posted May 13, 2010 - 2:34 pm

    Generally speaking, firewall audit tools evaluate individual firewalls, even if they can do so for hundreds of them. Some are slowly moving toward a more networkwide risk-assessment approach and the ability to evaluate not only each device, but how devices relate to one another--their mutual dependencies across the network.

  • Firewall audit dos and don'ts

    Posted May 12, 2010 - 2:21 pm

    Firewall audit products are maturing, but the product class is still a relatively young, small market, defined by compliance requirements. You have a fairly limited choice of vendors, including Tufin Software Technologies, AlgoSec, Secure Passage and Athena Security, which all come with firewall audit pedigrees, and RedSeal Systems and Skybox Security, which are primarily vendors of risk-mitigation tools, and so go beyond firewall audit to feature sophisticated risk-assessment and risk-management capabilities.

  • Seven Deadly Sins of Home Office Security

    Posted June 26, 2009 - 12:00 pm

    Good security is a key to good productivity. CSO spoke with two home office security experts about security mistakes home office workers often make (and how to avoid those errors).

  • Security Geeks: From Isolation to Rock Stars

    Posted February 13, 2009 - 4:59 pm

    Thanks to the blogosphere, social networking sites and podcasting made easy, many security pros are taking on a much more public persona, becoming near-rock stars.
Ask a Question