Dave's Bit Bucket

It's that "Awards" time of year again...

Following on from Simon's idea of examining the Infoworld winners in his particular area of expertise, I decided to have a look at the winners in the Security section.

The bulleted text below is verbatim from the site (with links added by me):

• Vontu 5.0: Repeat champion Vontu still can't be beat for finding confidential information on file servers and PCs, monitoring network traffic, stopping transmission of restricted data, and enforcing security and encryption policies. Vontu 5.0 sets itself apart with blocking, scalability, finding data at rest, and adhering to privacy safeguards.
• Elemental Security Platform 2.0: ESP 2.0 does an excellent job of identifying and grouping devices attached to your network. Policy deployment is easier than in the previous release, and the new regulatory polices are well-rounded. Reporting gets a massive overhaul with nearly four times as many reports as before, and the ESP server can now scale to 10,000 managed agents.
• Blue Lane PatchPoint G/450: Blue Lane PatchPoint patch proxy appliance is a sorely welcome addition to the IPS field. PatchPoint excels at protecting unpatched Windows, Linux, and Unix servers against many publicly known exploits for popular applications by analyzing network packets and removing harmful bits. It delivers the gains of patching, without the pain.
• SonicWall Pro 2040: The SonicWall Pro provides the best all-around mix of features and functionality among the UTM appliances we've tested. Setup and policy creation are straightforward, and UTM services work across all traffic types in all situations.
• Symantec Mail Security 4.1: Symantec Mail Security offers best-in-class performance with a spam catch rate of more than 97 percent. It is easy to use and has a relatively low cost per user, with compliance and digital asset security features standard. Great policy-driven filtering and e-mail firewalls add value to the anti-spam and anti-virus functionality.
• IronPort C-Series Version 4.0: The IronPort C-Series offers easy setup, strong monitoring and troubleshooting tools, and excellent spam filtering with no tuning necessary. Registering the fewest false positives of any solution we tested, IronPort also provides a wide array of security features, including content filtering for objectionable language, information security, and compliance with legal requirements.

I find it an interesting mix of technologies; Vontu appears to amount to "significant elements of Enterprise DRM without the need for pervasive PKI" and IMHO merits further investigation (particularly with regard to how it goes about distinguishing between sensitive data and other stuff), and Symantec and IronPort are both praised for their anti-spam capabilities (and interestingly, it's IronPort who are particularly praised for their low false-positive rate, which is IMHO the most important element in any traffic filtering solution at the application level).

PatchPoint is a very interesting idea, and while its likely purchasers will be organisations who have not succeeded in getting to grips with system management, there may also be purchasers who have sufficiently mission-critical vertically-scaled systems that they feel they can't afford to fail a clustered service over in order to go patching the nodes (although they would be advised to talk to us if this is so), or have traditional fault-tolerant hardware...

(2007-01-17 07:46:23.0) Permalink Comments [0]