Evaluating the Total Cost of Ownership of Email Security Solutions A New IPS Test Report You might recall that The NSS Group periodically releases in-depth test reports that can be very useful to security administrators looking for solutions. Over the past couple of years, I have written twice about the group's product testing for Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs). In my September 24, 2003 article "Evaluating Intrusion Detection Systems," I wrote about the group's tests of IDSs for 10Mbps/100Mbps Ethernet and Gigabit Ethernet networks. In my March 17, 2004 article "Evaluating Intrusion Prevention Systems. The NSS Group recently finished its second round of tests and has made the results available online. According to the group, testing "consists of seven sections within three primary areas: performance and reliability, security accuracy, and usability." The group also said that "the brand new test suite contains more than 800 individual tests, many of which are run multiple times, to provide the most thorough and complete evaluation anywhere of IPS products available today." An interesting tidbit from the latest report is that nine vendors signed up for the recent tests. However four of the products didn't make the cut during stringent testing, so the final report covers the five remaining products. The current report includes detailed test information about BroadWeb NetKeeper NK-3256T 3.6.0, Fortinet FortiGate-800, SecureSoft Absolute IPS NP5G 1.1, Top Layer IPS 5500 3.3, and V-Secure V-100 7.0. A couple of other interesting notes are related to performance. During earlier tests, The NSS Group measured IDS and IPS top traffic- processing speeds of 1Gbps to 2Gbps; this year, top speeds well exceeded that threshold. So the group decided to launch a new multigigabit IPS test later this year. Ten vendors have reportedly already signed up for the next test. It's also interesting to note that industry analysts had previously claimed that IDS and IPS systems were things of the past. But something is seriously wrong with that "analysis," because IDS and IPS systems are still being used, and according to The NSS Group, the number of available products has actually grown! The group said that over the last year, it has improved the testing suite and introduced a new methodology to conduct in-depth tests of rate-based IPS systems, which gives a more accurate evaluation of their capabilities as compared to the evaluation of content-based IPS systems. The report itself is great information for security administrators looking for evaluations of prospective product choices. The report is also valuable in that it offers details about the group's test methodologies as well as about the hardware and software solutions the group uses to conduct its tests. As has been the case in the past, the results of the new report are freely available at the group's Web site (see the first URL below). If you missed the past reports, you can find those online too (see the second URL below). If you want a copy of all reports on CD-ROM or copies of selected reports in PDF format, you can purchase those at the Web site. ..Mark Edwards Security News and Features Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. Serious Flaws in Symantec and F-Secure Protection Products Internet Security Systems (ISS) reported that its X-Force research team has discovered a serious vulnerability in a Symantec parsing engine that's used in several of the company's products. ISS X-Force also discovered a critical flaw in F-Secure's antivirus and Internet security products. The flaw is in the way the products scan files that are compressed with ARJ compression. Microsoft Investigating Anti-Anti-Spyware Trojan by Paul Thurrott Microsoft is investigating a new electronic attack that attempts to disable the Microsoft AntiSpyware beta product so that it can surreptitiously install spyware on users' systems. Get Ready for SQL Server 2005 Roadshow in a City Near You Get the Facts about Migrating to SQL Server 2005. SQL Server experts will present real-world information about administration, development, and business intelligence to help you implement a best- practices migration to SQL Server 2005 and improve your database computing environment. Receive a 1-year membership to PASS and 1-year subscription to SQL Server Magazine. Register now! Fax Servers: Integrate. Automate. Communicate Attend this free Web seminar and receive a complimentary 30-day software evaluation, industry whitepaper, and a Starbuck's gift card! Join industry expert David Chernicoff and learn how leading organizations are incorporating fax technologies to empower users and enhance existing investments in infrastructure and applications while providing substantial ROI. Register now! Sensible Best Practices for Exchange Availability Web Seminar If you're discouraged about not having piles of money for improving the availability of your Exchange server, join Exchange MVP Paul Robichaux for this free Web seminar and learn how to maximize your existing configuration. Survive unexpected outages, plan for the unplannable, and evaluate what your real business requirements are without great expense. Register now! Keeping Critical Applications Running in a Distributed Environment Get up to speed fast with solid tactics you can use to fix problems you're likely to encounter as your network grows in geographic distribution and complexity and learn how to keep your network's critical applications, such as Active Directory and Exchange, running. Don't miss this exclusive opportunity--register now! Discover All You Need to Know About 64-bit Computing in the Enterprise In this free Web seminar, industry guru Michael Otey explores the need for 64-bit computing and looks at the type of applications that can make the best use of it. He'll explain why the most important factor in the 64-bit platform is increased memory. Discover the best platform for high performance and learn how you can successfully differentiate, migrate, and manage between 32-bit and 64-bit technology. Register now! How to Detect Network Sniffers I found a new free tool that can help detect network sniffers on your network. The new tool, Promqry 1.0, was developed by Tim Rains at Microsoft. Security Forum Featured Thread: Monitoring File System Changes Jay wonders whether there's a utility that can monitor for file system changes when an application is installed. Jay wants to be able to detect all the files that have been added, deleted, or changed during the installation process. Join the discussion at New and Improved by Renee Munshi A Faster IPS TippingPoint, a division of 3Com, announced that the TippingPoint 5000E Intrusion Prevention System (IPS), which can perform total packet inspection at 5Gbps with real-world traffic, will ship next month. TippingPoint claims that the 5Gbps throughput rate is "more than double any other IPS's maximum rated throughput." TippingPoint 5000E comes with eight Gigabit Ethernet ports able to protect four network segments. The TippingPoint product line is automatically kept up-to-date through the Digital Vaccine service to protect against the latest worms, viruses, Trojan horses, Denial of Service (DoS) attacks, spyware, and Voice over IP (VoIP) threats.
© 2009; SpywareUninstaller.com Group Project; All Rights Reserved.