SSH Communications Security announced recently that its SSH Tectia product line now supports Federal Information Processing Standard (FIPS) 140-2 certified operation for Windows Server 2003, Windows 2000, Sun Microsystems' Solaris 9, Red Hat Enterprise Linux 3.0, and Red Hat Enterprise Linux 2.1. FIPS 140-2 is the most recent version of the standard for cryptographic modules released by the National Institute of Standards and Technology (NIST). SSH Tectia also supports FIPS 140-2 operation on Windows XP, Solaris 8, AIX 4.3.3 and HP-UX 11i.
SSH Tectia is a commercial client, server, and management tool for securely connecting computers by using the Secure Shell (SSH) protocol. SSH is an application layer protocol that can forward local ports to remote machines over an encrypted connection, adding secure communications to any distributed application that communicates over TCP/IP. SSH Communications' CEO George Adams describes the product's benefits: "VPNs can still be problematic when you connect from a hotel \[using Network Address Translation\]. We make it easier to support a broader base of users. With us, it just works."
The SSH protocol has long been popular among administrators for secure remote administration. The SSH Tectia Connector is an SSH client that operates transparently to users. Connector operations, such as port forwarding, and SSH client and server security policies, such as acceptable encryption algorithms and logging, are all managed centrally through the SSH Tectia Manager. SSH Tectia also supports two-factor authentication with public key infrastructure (PKI), RSA Security's RSA SecurID, or smart cards. With FIPS-certified operation on additional platforms and centralized management, SSH Tectia allows IT administrators to deliver SSH communications to end users in addition to using SSH for remote administration.
Enterprise Security on Every Box
Symantec released Symantec Client Security 2.0, a network client and remote user protection suite. Client Security lets administrators centrally control virus definition files, firewall rules, and intrusion detection signatures through Symantec's Norton AntiVirus LiveUpdate sessions. The product also supports Symantec's client compliancy applications programming interface, which prevents computers from connecting to your network until security updates are completed. Client Security puts a firewall, Intrusion Detection System (IDS), and antivirus program on every PC and server. By providing multiple forms of protection throughout the network, Client Security provides better protection than simple perimeter security or host-based antivirus programs alone. For example, Client Security's intrusion detection can disable spyware automatically, and administrators can defend against worm attacks by closing the ports that the worm uses on every host until virus definitions are available. Symantec Client Security 2.0 is priced at $320 for a five-user license. Volume discounts are available.
SoftPerfect Research released SoftPerfect Network Protocol Analyzer 2.1. Network Protocol Analyzer captures and analyzes data from LAN and dial-up networks. It includes all the tools you expect from a protocol analyzer, including TCP stream viewing, filtering, and support for common protocols, including Authentication Header (AH), Encapsulating Security Payload (ESP), IP version 6 (IPv6), Internet Control Message Protocol version 6 (ICMPv6), HTTP, SNMP, POP, IMAP, FTP, and Telnet. Network Protocol Analyzer also includes a tool for building your own packets and sending them onto your network segment for testing. The software runs on all Windows OSs and supports multiple processors. A single-user license costs $99.
Autonomic Software released Autonomic Network & Security Administration (ANSA), a product to perform cross-platform patch management. ANSA provides a policy-based software distribution framework that supports Windows, Linux, Sun Microsystems' Solaris, and Mac OS X. ANSA automatically distributes and installs digitally signed patches for supported systems. ANSA receives patches from Autonomic Global Update Repository (GUR), which Autonomic updates as vendors release patches.
ANSA also supports asset tracking and custom software distribution. ANSA's asset discovery engine probes the network for OSs and applications. Administrators can also deploy any software that can be installed through an executable program or script. ANSA costs $35 per agent. Volume and educational discounts are available.
SOFTWARE LICENSE COMPLIANCE
Know Your Usage; Ace the Audit
Engagent released Engagent Software License Manager 2.3, a tool that tracks compliance with software licensing agreements. Many volume software license agreements, including Microsoft's, have a right-to-audit clause that lets software vendors assess whether you're using more copies of a software product than you've purchased, sometimes by directly accessing your systems. The key to surviving a software license compliance audit is having good records both of the software you're using and the licenses you've purchased. Engagent Software License Manager tracks license details, manages software installation requests and approvals, discovers existing installations, and helps administrators avoid overpurchasing. Engagent Software License Manager reports on usage and purchases by department and identifies invoices as proof that you have licensed your software. Engagent Software License Manager 2.3 includes a new look and feel as well as additional reports. An enterprise license for a single administrator with unlimited users costs $4950.
AdventNet released a freeware version of OpManager 5, its systems management software. OpManager supports monitoring WANs, LANs, server OSs, hardware, printers, and applications. The product can collect data from SNMP, local and remote Windows event logs, Windows Management Instrumentation (WMI), and Telnet or Secure Shell (SSH) sessions. OpManager also includes built-in service monitoring for HTTP, HTTP Secure (HTTPS), DNS, POP, IMAP, and FTP.
OpManager can alert administrators through Short Messaging Service (SMS) or email and supports time-based escalation. You can configure OpManager for performance monitoring, as well as fault monitoring. The product's performance-reporting tools include graphs of memory, CPU, disk, and network usage both in real time and historically. OpManager runs on Windows and Linux. OpManager Free Edition manages as many as 10 devices and never expires. OpManager Professional Edition manages unlimited devices and costs $1295 for a two-user pack.
Network Instruments released Observer 10, a network protocol analyzer. Observer reads packets from multiple network segments and uses expert rules to process them. Observer operates as a management console that collects data from remote agents listening on network segments across your enterprise. Observer can analyze traffic from multiple virtual LANs (VLANs) on a trunked port and supports the 802.11a, 802.11b, and 802.11g wireless networking standards.
New features in Observer 10 include expanded data analysis features, central management of remote network probe agents through a probe authentication server, and reporting templates. Version 10 can also monitor SNMP MIBs for Remote Network Monitoring (RMON) version 1, RMON version 2, and High Capacity RMON (HCRMON) on WAN links. Observer 10 pricing starts at $995. Expert Observer includes advanced features for what-if modeling, monitoring protocol- and application-based problems, monitoring by time interval, and generating an Expert Summary of problems it detects. Expert Observer is priced at $2895.