CrossNodes Product Briefing: Firewalls

by Dayna Delmonico

Firewalls are, of course, the first line of defense against intruders to your network. It is difficult to justify a network's not having one, if that network is also used as a conduit to the outside world. CrossNodes Product Briefings provide an overview of what you need to know before purchasing a specific technology, and include round-up listings of current products from each of the major vendors.

With the advent of the Web and inter-network communications, the past few years have seen firewalls become a volatile market. A network firewall is like having a good watch dog. They let everybody that belongs in the house out but don't allow intruders in.

However, it looks like intruders still manage to get in. 40% of respondents detected system penetration from outside the company in the last year, while only 25% reported that in 2000. Gartner Group says 75% of U.S. corporations have experienced security problems. According to Meta Group, the majority of network managers/administrators are responsible for network, and often all of, IT security.

It's a no-brainer that network security is vital to your organization, but delving a little further into the latest numbers explains a few things you might not have otherwise suspected. For the past six years, The Computer Security Institute (CSI) along with the San Francisco Federal Bureau of Investigation (FBI) Computer Intrusion Squad have conducted the "Computer Crime and Security Survey". The findings are based on responses from over 500 security practitioners in U.S. corporations, government agencies, financial institutions, medical institutions and universities. According to the survey, 85% of respondents experienced computer security breaches in the last twelve months. 65% acknowledged financial losses. Of the 35% (186 respondents) of those willing and or able to quantify their loss, amounts totaled to almost $378,000,000 or over $2.3 million per respondent. In contrast, the 249 respondents in 2000's survey averaged $1.3 million per respondent.

We all know that the first line of network defense is the firewall. The firewall story emerged out of the UNIX world. Early on, vendors were accomplishing the same security goals in complex and inconsistent ways. Once installed, most firewalls then required a lot of user coddling, for even a minor configuration blunder could mean a serious security breach. Because firewalls emerged so rapidly, vendors had trouble agreeing on core technology and standards. Matters were further complicated by the surge of NT products coming into the market. That surge prompted some "buyer beware" press coverage.

Though pundits disagree on whether things have gotten much better, the current crop of offerings are well established with healthy install-bases. Along with firewall software applications and firewalls that operate as network appliances, operating system and server vendors offer firewall software, and you can now rely on an outsource to setup and maintain your firewalls, or all your security needs, on a contract basis.

The latest versions of firewalls incorporate strong user interfaces and configuration utilities. Vendors will continue to enhance the usability of the devices in order to compete more effectively in the market. Such features as automatic alarms and traffic logging are commonplace, and IT Managers can expect the list of functions to grow.

Vendor: Checkpoint Software Technologies
Web: www.checkpoint.com
Product: Firewall-1
OS(s): WinNT; MS Win 2000; HP-UX; Solaris; Red Hat Linux; IBM AIX
Network Interface/Protocol(s): ATM; Ethernet; Fast Ethernet; 
FDDI; Token Ring

Vendor: Cisco Systems, Inc.
Web: www.cisco.com
Product: Cisco Secure PIX Firewall
OS(s): WinNT; HP-UX
Network Interface/Protocol(s): Ethernet; Fast Ethernet

Vendor: Computer Associates
Web: www.ca.com
Product: eTrust Firewall
OS(s): WinNT; MS Win 2000 
Network Interface/Protocol(s): TCP/IP

Vendor: CyberGuard Corporation
Web: www.cyberguard.com
Product: CyberGuard Firewall for NT
OS(s): WinNT
Network Interface/Protocol(s): TCP/IP; UDP; ICMP

Vendor: Elron Software, Inc.
Web: www.elronsoftware.com
Product: IM Firewall/IM Firewall Manager
OS(s): WinNT
Network Interface/Protocol(s): Ethernet

Vendor: IBM Corporation
Web: www.ibm.com
Product: SecureWay Firewall
OS(s): WinNT; HP-UX
Network Interface/Protocol(s): TCP/IP; ATM; Etherent; 
 FDD; Token Ring; NDIS; X.25

Vendor: NetGuard
Web: www.netguard.com
Product:  Guardian Firewall
OS(s): WinNT
Network Interface/Protocol(s): TCP/IP

Vendor: Novell Pacific Coast
Web: www.novell.com
Product: Novell Firewall for NT
OS(s): WinNT; MS Win 2000
Network Interface/Protocol(s): TCP/IP

Vendor: SLMsoft.com
Web: www.slmsoft.com
Product SecureIT Firewall
OS(s): WinNT
Network Interface/Protocol(s): TCP/IP

Vendor: Symantec Corporation
Web: www.symantec.com
Product: Symantec Enterprise Firewall v6.5, 
 (formerly Raptor Firewall from Axent Technologies)
OS(s): WinNT; MS Win 2000; Solaris
Network Interface/Protocol(s): TCP/IP
This article was originally published on Monday Jun 18th 2001