Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.
  • Review

    Fee vs. free: Paid, free antivirus programs

    Posted November 30, 2010 - 10:57 am

    Depending on whom you ask, paying for antivirus software is either a good investment or a total ripoff. In reality, neither viewpoint is accurate. You can find plenty of good reasons to choose a paid antivirus product, and plenty of good reasons to go with a freebie.
  • Review

    Review: 'HTTPS Everywhere' fends off Firesheep

    Posted November 29, 2010 - 10:42 am

    The Web is an insecure place and getting more insecure all the time. The latest threat, the Firesheep add-in for Firefox, is particularly dangerous because it is exceedingly simple to use. Someone with absolutely no hacking experience can grab your private login information to sites such as Facebook and Amazon, and then log in as you and do anything they want, as if they were you. The free Firefox add-in HTTPS Everywhere helps protect against that threat and other privacy invaders by effectively encrypting information when you visit certain Web sites.
  • Review

    Intrusion detection honeypots simplify network security

    Posted November 18, 2010 - 3:42 pm

    Low-cost, low-fuss honeypots are highly effective early-warning systems against external attacks and insider threats; KFSensor, HoneyPoint, and Honeyd offer safety, ease, and flexibility
  • Review

    Review: Cisco SA 520 firewall disappoints

    Posted November 9, 2010 - 1:00 pm

    There are two ways to look at the Cisco SA 520 network security appliance. On one hand, it offers a solid array of features: 65Mbps IPSec VPN throughput, 100Mbps overall throughput, integrated firewall (limited to 100 rules), built-in filtering for common services like IM and P2P networking, SSL VPN, IPS, DDNS, and multi-WAN support. On the other hand, it has nearly no relation to the rest of Cisco's security solutions.
  • Review

    Review: AVG Internet Security 2011

    Posted October 13, 2010 - 1:47 pm

    AVG Internet Security 2011, which shipped on Tuesday, offers the full complement of tools you'd expect in an all-in-one security suite, packaged in a simple-to-use interface and offering integration with popular browsers and Outlook. But the software is marred by annoying attempts to upsell you to other products, and a scanning engine that may slow down your system.
  • Review

    Symantec: Top-of-the-line feature set for the largest enterprises

    Posted October 11, 2010 - 8:50 pm

    Symantec's Enterprise Vault (EV) is as full-featured product in the enterprise space as you're likely to find, offering n-tier architecture, a very sophisticated feature set, superb expandability and integration with other Symantec e-mail security, storage and backup products.
  • Review

    Eight great virtual appliances for VMware, free for the downloading

    Posted September 1, 2010 - 11:06 am

    The combination of free open source and virtual machines is hard to beat; here are some of the handiest virtual appliances you'll find
  • Review

    Review: Meeting the network security and compliance challenge

    Posted August 4, 2010 - 9:48 am

    ArcSight, LogRhythm, and NitroSecurity lead a strong field in mining event log data for security alerting, compliance auditing, and countless other uses.
  • Review

    Review: Firewall operations management

    Posted July 12, 2010 - 2:01 pm

    Anyone running multiple firewalls in a complex, enterprise environment knows how difficult it can be to catch misconfigurations, avoid conflicting rules, identify vulnerabilities and meet auditing and compliance mandates.
  • Review

    5 security webcams for your home

    Posted June 29, 2010 - 8:00 am

    Security cameras aren't just for businesses and the exceedingly wealthy anymore. Now you can equip your home with cameras that are not only wireless but accessible for viewing via the web.
  • Review

    Symantec NAC: Easy to install, strong on endpoint compliance

    Posted June 22, 2010 - 1:33 pm

    Symantec NAC is all about compliance: ensuring that devices on your network properly comply with the endpoint security policy you set in your Symantec Endpoint Protection console. Symantec NAC isn't about authentication or access controls beyond basic VLAN switching.
  • Review

    Cisco NAC: Strong in-line enforcement

    Posted June 22, 2010 - 1:31 pm

    While Cisco's overall NAC strategy is in flux, a NAC Appliance investment is likely to come with substantial purchase protection — just be sure to keep your SMARTnet contract up to date.
  • Review

    Network access control authentication: Are you ready for 802.1X?

    Posted June 21, 2010 - 4:25 pm

    In the NAC products we tested, authentication varies from very strong to very weak, and every point in-between. When starting down your path of evaluating NAC products, decide very early what kind of authentication mechanism you want, if any.
  • Review

    NAC access control: A multi-dimensional puzzle

    Posted June 21, 2010 - 1:51 pm

    To understand how access control is done in NAC products, you have to look along three dimensions: where access controls are enforced, how access control is communicated, and the granularity of access control.
  • Review

    Network access control vendors pass endpoint security testing

    Posted June 21, 2010 - 1:33 pm

    One of the main promises of NAC is that you can ensure that endpoint security tools are up to date and that non-compliant machines can be identified or blocked. As regulatory compliance has grown in importance, NAC vendors have reacted by building strong feature sets aimed at endpoint security and compliance. In our NAC testing, we had good, and sometimes great, results across the board when it came to endpoint security.
  • Review

    Security Conference: My First FIRST

    Posted June 16, 2010 - 1:35 pm

    The 22nd annual Forum of Incident Response and Security Teams (FIRST) conference is meeting this week in Miami. While this is my first opportunity to participate in any FIRST activity, these conferences have obviously been ongoing since 1988. With a focus on detecting and responding to security incidents and the convention of moving to a different location each year -- last year in Kyoto, next in Vienna -- the conference in unsurprisingly international.
  • Review

    NAC: What went wrong?

    Posted May 24, 2010 - 11:33 am

    After spending four months in the lab testing the 12 leading network access control products, we’ve come to this conclusion: Five years of hype, buzzwords, white papers, product launches, standards battles and vendor shakeouts have resulted in very little in the way of clarity. Agreement on what NAC really means and the right approach to NAC remain as elusive today as in 2005, when the first NAC products burst on the scene.
  • Review

    Cisco's NAC goes off track, customers taken aback

    Posted May 24, 2010 - 10:45 am

    As the most important supplier of network infrastructure to enterprises, Cisco's NAC products are a natural point of curiosity for network managers. Unfortunately, though, Cisco's approach to NAC has been riddled with in-fighting, false starts, delayed product releases, and a good dose of chaos and confusion.
  • Review

    NAC standards wars end in truce

    Posted May 24, 2010 - 10:41 am

    The Trusted Computing Group’s Trusted Network Connect (TNC) is an industry-supported working group developing NAC architecture documents and standards. The first public documents came out of TCG’s TNC in 2005 after a year of work, and the group has continued to publish NAC standards and fill out their NAC architecture every year.
  • Review

    Course Review -- The Art of Exploitation: Bootcamp Edition

    Posted April 21, 2010 - 6:06 am

    I just returned to work following a two-week hacking class. Called "The Art of Exploitation: Bootcamp Edition", this class has pushed me through to the "aha" (I really got it) stage of what hacking really is and how it works. Definitely in the "red team" (attack) camp, this high intensity, short time frame "bootcamp" class went from basics to realistic, seriously complicated hacking within its modest two week time frame.
  • Review

    DLP primer

    Posted April 20, 2010 - 11:48 am

    Data Leak Protection products (DLP) are designed to help organizations keep tabs on and protect sensitive data that, if lost, could create legal liability, loss of profit, safety or security risks, and so on.
  • Review

    Data loss prevention comes of age

    Posted April 20, 2010 - 10:02 am

    After testing endpoint and perimeter data loss prevention products, we conclude our series with a look at data loss prevention tools that can do both.
  • Review

    Review: BlackBerry Enterprise Server, express or deluxe?

    Posted April 16, 2010 - 2:50 pm

    Extensive BlackBerry Enterprise Server will be indispensable to some, but free BlackBerry Enterprise Server Express is good enough for most
  • Review

    Maximum Security: 2010 Internet Security Suites

    Posted March 31, 2010 - 3:22 pm

    The year 2009 was a bad one for PC security: Online attackers created more malware last year than in the previous 20 years combined. Clearly, this means that in the realm of computer security, the rules have changed, and you can no longer rely solely on traditional definition-based antivirus software and firewalls to protect your PC. Instead, to meet this new breed of threats, you need a new breed of security.
  • Review

    Microsoft delivers feature-rich SSL VPN

    Posted March 8, 2010 - 2:25 pm

    We tested Whale Communications' SSL VPN back in 2003 and the product didn't fare very well. Microsoft bought Whale in 2006, jettisoned some of the strange idiosyncracies of the product, dramatically simplified management, and subsequently integrated several Vista and Windows 7 technologies.

Join today!

See more content
Ask a Question