Firewall/Server or Standalone. Microsoft made a strong showing in this category, with its Internet Security and Acceleration (ISA) Server 2006 Beta taking first place and its Windows Firewall in Windows Server 2003 R2 nabbing the second spot. Considering that ISA Server 2006 wasn't generally available when the Readers' Choice Awards voting was taking place, its winning the top spot is quite an achievement. Server 2006 builds on its predecessor, ISA Server 2004, to provide server-firewall protection for corporate networks. ISA Server performs three types checks: packet filtering, stateful filtering, and application-layer filtering. The new wizards designed to make it easier to create firewall rules. And ISA Resiliency feature should help the firewall withstand common flooding attacks better.
Firewall/Desktop. Sunbelt Kerio Personal Firewall has both network and host intrusion prevention features to block signature-based and behavioral attacks, respectively. Administrators can create packet filter rules that block or limit traffic for specific ports, protocols, or IP addresses. End users also "train" the firewall by telling it what to do when it encounters an application for the first time (i.e., always run it, run it this time, always block it) and can set the firewall to halt the sending of private information such as credit card numbers, email addresses, phone numbers, and social security numbers. Administrators can configure Sunbelt Kerio Personal Firewall to log traffic history and security breaches with a customizable level of granularity and send the logs to a remote server for review.
Proxy Server/Web Access Control & Monitoring Solution. Microsoft Internet Security and Acceleration (ISA) Server 2006 Beta wins as best proxy server, after earning third-place honors last year. ISA Server 2006's proxy capabilities help companies control Internet access and protect clients from malicious traffic. Internet requests from computers configured as Web proxy clients are directed to ISA Server's firewall service. The Web proxy is implemented as an application filter that sits on top of the firewall engine in ISA Server 2006 to eliminate interprocess communication overhead. Microsoft says that due to this change, Web proxy traffic runs 3.5 times faster under ISA Server 2006 and ISA Server 2004 than under ISA Server 2000.This new architecture is also more secure because Web proxy traffic now goes through the firewall inspection engine instead of straight through the Web proxy.
Intrusion Detection or Prevention Solution. You might not think of Microsoft Internet Security and Acceleration (ISA) Server as an intrusion detection system (IDS), but ISA Server 2006 Beta's attack detectors have made believers out of our readers, who voted it the best in this category. ISA Server 2006 uses configurable application-specific filters that can inspect the payload contained in a set of packets to ferret out malicious code, such as worms and viruses. (The packets look fine to packet-filtering firewalls because their network layer headers are identical in format to those of legitimate traffic.) Microsoft says that ISA Server 2006 can detect a number of attack types, including WinNuke, Land, Ping of Death, IP Half Scan, UDP Bomb, and Port Scan. In addition, ISA Server 2006 can filter incoming traffic to check for DNS host name overflow, DNS length overflow, and DNS zone transfer traffic.
Vulnerability Scanner. For the second straight year, Sunbelt Software's Sunbelt Network Security Inspector was voted the Best Vulnerability Scanner. In "Vulnerability Scanners" (October 2004, InstantDoc ID 43888), Jeff Fellinge gave this assessment of Sunbelt Network Security Inspector 1.5: "A fairly robust and user-friendly scanner; good for those who are concerned with the learning curve." The current 1.6 version can scan multiple Windows, Linux, and UNIX versions, Mac OS X, HP printers, and various Cisco devices. Sunbelt Network Security Inspector is licensed by administrator, not IP address, so you can scan unlimited devices for the same price. For a comparison of Sunbelt Network Security Inspector with other scanners, including GFI Software's GFI LANGuard Network Security Scanner and eEye Digital Security's Retina Network Security Scanner, see the aforementioned " Vulnerability Scanners" article.
Antivirus/File Server or Client. In a close race, Symantec AntiVirus Corporate Edition edged out its competition to earn the title of Best Antivirus/File Server or Client. Symantec Security Response, Symantec's Internet security research organization, contributes to Symantec Antivirus Corporate Edition's database of virus signatures. The current version of Symantec Antivirus Corporate Edition supports several popular Linux clients, including versions of Red Hat Enterprise Linux and SUSE Linux Enterprise Server. Another new feature is integrated Web-based reporting that scales to support thousands of users, is designed to be simple to install, offers streamlined workflow and usability, and provides basic reports. Also, spyware repair enhancements automatically block spyware installation, spyware detection and remediation is "stealthed," you can view the impact of a piece of spyware according to Symantec's Risk Impact Matrix, and repairs have been improved for invasive risks.
Antivirus/Mail Server. Microsoft Exchange Hosted Filtering is the rebranded version of one of the managed services Microsoft acquired in its purchase of FrontBridge Technologies last year. This email filtering service got its new name in April; now it's the first service to win our Best Antivirus/Mail Server award. In the Exchange & Outlook UPDATE article "Front-Bridge Gets a Makeover" (April 1, 2006, InstantDoc ID 49910), Paul Robichaux describes Exchange Hosted Filtering: "The filtering process includes antivirus scanning using your choice of four engines (Trend Micro, Symantec, Sophos, and Kaspersky Lab); spam filtering; and policy controls that let you block or redirect messages according to their origin, destination, or content. The Exchange Hosted Filtering service also includes a feature that I wish would be included in Exchange 12: filtering mail by character set." The Exchange Hosted Filtering service is delivered over the Internet and runs on a set of fault-tolerant, load-balanced servers in multiple locations. The service is priced per user per month.
Spyware Blocker. CounterSpy Enterprise from Sunbelt Software repeated its 2005 performance to win the Spyware Blocker award—with a big margin. In "Get Smart: Enterprise Antispyware" (February 2006, InstantDoc ID 48830), Jeff Fellinge summed up CounterSpy Enterprise as, " A good pick for enterprises on a budget." CounterSpy Enterprise detects and blocks more than 35 categories of malware. Its threat database is updated by Sunbelt's CounterSpy Research Team and CounterSpy customers who participate in Sunbelt's ThreatNet community by sending possible spyware to the CounterSpy Research Center. Because of a previous agreement between Sunbelt and GIANT Software, whose antispyware solution formed the basis of Windows Defender, CounterSpy and Defender share spyware definitions. CounterSpy also offers policy-based, centralized management as well as reporting based on Crystal Reports.
User Authentication Solution (Password Management, Two-Factor, Biometric). A relatively new product catapulted to the top spot in this broad category, and its name is a mouthful: Microsoft Active Directory Federation Services (ADFS) in Windows Server 2003 R2. Active Directory (AD) gives an organization's users single sign-on (SSO) functionality by authenticating the users to Windows applications that operate within the organization's security or enterprise boundaries. ADFS extends the SSO functionality to Web-based applications for customers and partners outside the organization. With ADFS, these users can sign on once and be authenticated to multiple Web applications during their online session. ADFS accomplishes this by securely sharing digital identities and entitlement rights, or "claims," across security and enterprise boundaries. Tightly integrated with AD, ADFS retrieves user attributes from AD and authenticates users against AD.
|
SECURITY Firewall/Server or Standalone Firewall/Desktop Proxy Server/Web Access Control & Monitoring Solution Intrusion Detection or Prevention Solution Vulnerability Scanner Antivirus/File Server or Client Antivirus/Mail Server Spyware Blocker User Authentication Solution (Password Management, Two-Factor, Biometric) |
