- NASA to save computers from swarming ants
- The real sticking point with Microsoft/Yahoo
- Inside Lockheed Martin's wireless security lab
- Six free security tools you shouldn't live without
- Businesses must adapt to 'thumb generation'
Single sign-on in a Web 2.0 world. Listen now!
BitTorrent blocking; SQL injection attack. Listen now!
The movement towards laptop computers has fueled an unprecedented number of data breaches. For IT and Information Security, encryption and training has proven ineffective against careless users and insider threats. This paper discusses these limitations and explains how endpoint security allows remote deletion of sensitive data, tracking of computers outside the network and the physical recovery of missing computers. Learn how you can ensure mobile data protection regardless of end-user interference.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
Watch Raven Zachary, Research Director for Open Source at the 451 Group, an independent IT analyst firm, discuss the emergence of enterprise Linux and the role of Oracle Unbreakable Linux support.
This general train of thought can apply to workers in other countries.
As a Canadian, I've contemplated...- Adam K
Top Layer Networks this week is expected to unveil a clustered version of its intrusion-prevention system that can reach 8G bit/sec throughput while supporting inspection and traffic blocking through multiple routers.
The Attack Mitigator IPS 5500 ProtectionCluster combines two IPS 5500 appliances in a design that ensures that if one fails, the second will continue to operate at up to 4G bit/sec and inspect traffic at the packet level to block attempted break-ins and denial-of-service attacks. Top Layer says ProtectionCluster improves on previous fail-over mechanisms that the IPS uses by supporting the asymmetric routing architecture that large organizations favor.
Mike Paquette, vice president of technology at Top Layer, says large organizations sometimes balance traffic across two routers for better performance and reliability, but this can make it harder for an IPS to inspect traffic. "It can confuse the IPS," Paquette says, because session traffic is being shared between routers.
While there has been no independent lab testing of IPS products that explore the effect of asymmetric routing and high availability on IPS efficiency, equipment-evaluation firm NSS Group is expected to undertake such testing late next year.
One customer using the stand-alone version of Attack Mitigator IPS 5500 says he plans to upgrade to ProtectionCluster.
"I do have a single point of failure here so I plan to use this," says Dave Foss, manager of computer systems and networking at the Massachusetts Institute of Technology's research laboratory of electronics in Cambridge. The Attack Mitigator, which has been used at MIT for about a year, has been very reliable, he says.
MIT uses the Attack Mitigator 5500 as the firewall for four MIT departments, while the electronics lab is the only one that has elected to use Attack Mitigator's blocking capabilities. The result has been "the lab has the lowest number of attacks on campus for a large sub-net," Foss says.
While brief downtime on a university campus doesn't usually constitute a crisis, that is not necessarily the case in the corporate world, Foss notes. There, IPS backup and the ability to support asymmetric routing and fail-over in an IPS would have high importance, he says.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
