Firewalls - IT Library : ZDNet Asia

White Papers

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Southern California University Turns Back Denial of Service Attacks With TippingPoint Intrusion Prevention Systems 2006-10-20 01:00:16 3Com

Deploying its first network in 1999 brought University of Redlands a lot more than connectivity to support its 5,000 faculty, students and staff. It also triggered the onset of crippling Denial of Service (DoS) attacks that compromised the Southern California liberal arts and sciences institution's academic research and communications. With its firewalls clearly unable to combat the DoS threats, the Redlands IT department sought an alternative solution that would provide the comprehensive and pervasive protection it required, but with one important caveat. The security solution also had to interoperate seamlessly with the university's Cisco Gigabit network. The IT department learned of the TippingPoint Intrusion Prevention System (IPS) from 3Com.

East Grand Rapids Schools Find Security and Economy With the TippingPoint X505 2006-10-20 01:00:16 3Com

To continue a tradition of academic excellence dating back to 1841, East Grand Rapids Public Schools uses technology to enhance "Student learning at all levels." As powerful as these technologies were, however, they still posed security risks to the suburban Grand Rapids school system. East Grand Rapids Public Schools began examining firewalls from Cisco, WatchGuard, and 3Com when administrators learned of the innovative, high-value TippingPoint X505 platform from TippingPoint, a division of 3Com.

3Com Case Study: T. Rowe Price 2006-10-20 01:00:16 3Com

T. Rowe Price, headquartered in Baltimore, Maryland, is an investment management firm offering individuals and institutions around the world investment management guidance and expertise. T. Rowe Price has approximately 1,000 servers and users all over the world - London, Tokyo, Hong Kong, among other places. Senior management, auditors and network security staff needed a reliable IPS system to protect their applications. The intrusion prevention product they bought ensured compliance with Sarbanes-Oxley, led to a radical decrease in spyware by more than 80%, was easy to deploy and to maintain, and protected the company's servers from exploits that would have made it through their firewall without it.

Information Leak Prevention in Outpost Firewall Pro 4.0: A Guide to Leak Tests 2006-10-27 01:00:16 Agnitum

Outpost Firewall Pro 4.0 is the first personal firewall to offer anti-leak technology that is specifically designed to prevent malware programs from transmitting information out of a protected computer by hijacking a trusted application's access permissions. This paper focuses on the all-encompassing protection provided by Outpost Firewall Pro 4.0 to prevent personal and confidential information from leaking out of the PC into the hands of hackers and cyber criminals. Real-world examples show that Outpost Firewall Pro 4.0 passes all recognized third-party leak tests, providing significant additional security for Internet-connected PC users.

OneCare Firewall: A Light-Weight Approach to a Heavy-Duty Problem 2006-10-27 01:00:16 Agnitum

Since Microsoft released its Windows Live OneCare security kit, there has been much discussion as to how the product would benefit ordinary PC users and whether it really delivers on its mission of providing reliable, yet easy-to-use, PC protection for consumers. On top of those discussions came accusations that Microsoft was engaging in predatory pricing intended to drive off competition and stifle innovation in the security space for consumers. In order to fully understand the ins and outs of the debate, the authors decided to go ahead and install the product and conduct their own in-house assessment of the OneCare-bundled firewall protection. This paper shares the results of this test run.

NAT and Firewall Traversal Technical Report 2006-10-13 Cable Television Laboratories

Due to the rapid growth of low-cost, Network-enabled devices, high-speed data service subscribers frequently install IP routers and Ethernet hubs in their home so that they can connect multiple devices to the broadband network. Frequently, these devices contain IP Network Address and Port Translation (NA(P)T) and Firewall capabilities. While NATs and Firewalls provide numerous benefits to the customer, they also create numerous challenges for service providers seeking to offer seamless communication services to applications located behind the customer's NAT/Firewall device. NATs translate IP addresses between one IP address "realm" and another. This mapping is most commonly done between a private Internet address space and a public Internet address space and is created when an outbound packet is sent (from "Inside" to "Outside" the NAT/Firewall device).

Tags: Network Security, Security Tools

Server Consolidation Security - Firewall and VPN Solutions for IBM eServers 2006-10-04 Stonesoft

Today's on-demand enterprise can gain significant benefits by consolidating servers into their mainframe and midrange systems. Whether an organization uses IBM eServer iSeries model 800s or the IBM eServer zSeries z990, consolidation of servers is now possible, yielding substantial return on investment. Whether it's mainframes or midrange, organizations can reduce administration, infrastructure, and systems costs significantly by running many virtual servers inside a single eServer zSeries or iSeries machine, instead of using tens or hundreds of x86-architecture based PC servers. The conversion to server consolidation, although very beneficial to the on-demand organization, is not without concerns. Traditional mainframes and midrange systems were considered very secure.

Tags: Network Security, Server Consolidation

Winning the PCI Compliance Battle: A Guide for Merchants and Member Service Providers 2007-03-30 18:06:18 Qualys

This white paper explores the compliance requirements for PCI data security and helps online merchants select a PCI compliance service vendor. It also introduces QualysGuard PCI, which helps online merchants scan and remediate vulnerabilities, and submit PCI compliance status directly to their acquiring banks via its "auto-submission" feature.

Topics in this Whitepaper include:

- Compliance Requirements of the PCI Data Security Standard
- Participation and Validation Requirements
- Selecting a PCI Network Security Testing Service
- Automating the PCI Validation Process with QualysGuard PCI

Using Firewalls to Enforce Enterprise-Wide Policies Over Standard Client-Server Interactions 2006-10-01 Academy Publisher

This paper proposes and evaluates a novel framework for enforcing global coordination and control policies over message passing software components in enterprise computing environments. This framework combines the use of firewalls, both per-node software and dedicated firewalls, with an existing coordination and control system to enforce policies that, among other properties, are stateful and communal. The firewalls act as a set of distributed reference monitors that filter messages exchanged between the interacting software components. The coordination and control system coordinates the firewalls to enforce a specific set of policies, passing only messages allowed by these policies. Filtering decisions may be based on credentials presented to the coordination and control system as well as system state accumulated over time.

Tags: Security Tools

Tuning Cisco IOS Firewall Denial-of-Service Protection 2006-10-01 Cisco Systems

Prior to Cisco IOS Software Release 12.4(11)T, Cisco IOS Firewall provided Denial-of-Service (DoS) attack protection as a default when either Classic or Zone-Based Policy Firewall was applied. Cisco IOS Software Release 12.4(11)T modified the default DoS settings so protection is effectively disabled, but the connection activity counters are still active. This paper provides procedures to tune Cisco IOS Firewall DoS protection values for both Classic and Zone-Based Cisco IOS Firewall. Cisco IOS Firewall maintains counters of the number of "Half-open" TCP connections, as well as the total connection rate through the firewall and intrusion prevention software, in both Classic Firewall (ip inspect) and Zone-Based Policy Firewall.

Tags: Denial of Service, Security Tools

Jump to [11] 12 13 14 15 16 17 18 19 20

Title	Date Added	Company
Southern California University Turns Back Denial of Service Attacks With TippingPoint Intrusion Prevention Systems	2006-10-20 01:00:16	3Com
Deploying its first network in 1999 brought University of Redlands a lot more than connectivity to support its 5,000 faculty, students and staff. It also triggered the onset of crippling Denial of Service (DoS) attacks that compromised the Southern California liberal arts and sciences institution's academic research and communications. With its firewalls clearly unable to combat the DoS threats, the Redlands IT department sought an alternative solution that would provide the comprehensive and pervasive protection it required, but with one important caveat. The security solution also had to interoperate seamlessly with the university's Cisco Gigabit network. The IT department learned of the TippingPoint Intrusion Prevention System (IPS) from 3Com.
East Grand Rapids Schools Find Security and Economy With the TippingPoint X505	2006-10-20 01:00:16	3Com
To continue a tradition of academic excellence dating back to 1841, East Grand Rapids Public Schools uses technology to enhance "Student learning at all levels." As powerful as these technologies were, however, they still posed security risks to the suburban Grand Rapids school system. East Grand Rapids Public Schools began examining firewalls from Cisco, WatchGuard, and 3Com when administrators learned of the innovative, high-value TippingPoint X505 platform from TippingPoint, a division of 3Com.
3Com Case Study: T. Rowe Price	2006-10-20 01:00:16	3Com
T. Rowe Price, headquartered in Baltimore, Maryland, is an investment management firm offering individuals and institutions around the world investment management guidance and expertise. T. Rowe Price has approximately 1,000 servers and users all over the world - London, Tokyo, Hong Kong, among other places. Senior management, auditors and network security staff needed a reliable IPS system to protect their applications. The intrusion prevention product they bought ensured compliance with Sarbanes-Oxley, led to a radical decrease in spyware by more than 80%, was easy to deploy and to maintain, and protected the company's servers from exploits that would have made it through their firewall without it.
Information Leak Prevention in Outpost Firewall Pro 4.0: A Guide to Leak Tests	2006-10-27 01:00:16	Agnitum
Outpost Firewall Pro 4.0 is the first personal firewall to offer anti-leak technology that is specifically designed to prevent malware programs from transmitting information out of a protected computer by hijacking a trusted application's access permissions. This paper focuses on the all-encompassing protection provided by Outpost Firewall Pro 4.0 to prevent personal and confidential information from leaking out of the PC into the hands of hackers and cyber criminals. Real-world examples show that Outpost Firewall Pro 4.0 passes all recognized third-party leak tests, providing significant additional security for Internet-connected PC users.
OneCare Firewall: A Light-Weight Approach to a Heavy-Duty Problem	2006-10-27 01:00:16	Agnitum
Since Microsoft released its Windows Live OneCare security kit, there has been much discussion as to how the product would benefit ordinary PC users and whether it really delivers on its mission of providing reliable, yet easy-to-use, PC protection for consumers. On top of those discussions came accusations that Microsoft was engaging in predatory pricing intended to drive off competition and stifle innovation in the security space for consumers. In order to fully understand the ins and outs of the debate, the authors decided to go ahead and install the product and conduct their own in-house assessment of the OneCare-bundled firewall protection. This paper shares the results of this test run.
NAT and Firewall Traversal Technical Report	2006-10-13	Cable Television Laboratories
Due to the rapid growth of low-cost, Network-enabled devices, high-speed data service subscribers frequently install IP routers and Ethernet hubs in their home so that they can connect multiple devices to the broadband network. Frequently, these devices contain IP Network Address and Port Translation (NA(P)T) and Firewall capabilities. While NATs and Firewalls provide numerous benefits to the customer, they also create numerous challenges for service providers seeking to offer seamless communication services to applications located behind the customer's NAT/Firewall device. NATs translate IP addresses between one IP address "realm" and another. This mapping is most commonly done between a private Internet address space and a public Internet address space and is created when an outbound packet is sent (from "Inside" to "Outside" the NAT/Firewall device). Tags: Network Security, Security Tools
Server Consolidation Security - Firewall and VPN Solutions for IBM eServers	2006-10-04	Stonesoft
Today's on-demand enterprise can gain significant benefits by consolidating servers into their mainframe and midrange systems. Whether an organization uses IBM eServer iSeries model 800s or the IBM eServer zSeries z990, consolidation of servers is now possible, yielding substantial return on investment. Whether it's mainframes or midrange, organizations can reduce administration, infrastructure, and systems costs significantly by running many virtual servers inside a single eServer zSeries or iSeries machine, instead of using tens or hundreds of x86-architecture based PC servers. The conversion to server consolidation, although very beneficial to the on-demand organization, is not without concerns. Traditional mainframes and midrange systems were considered very secure. Tags: Network Security, Server Consolidation
Winning the PCI Compliance Battle: A Guide for Merchants and Member Service Providers	2007-03-30 18:06:18	Qualys
This white paper explores the compliance requirements for PCI data security and helps online merchants select a PCI compliance service vendor. It also introduces QualysGuard PCI, which helps online merchants scan and remediate vulnerabilities, and submit PCI compliance status directly to their acquiring banks via its "auto-submission" feature. Topics in this Whitepaper include: - Compliance Requirements of the PCI Data Security Standard - Participation and Validation Requirements - Selecting a PCI Network Security Testing Service - Automating the PCI Validation Process with QualysGuard PCI
Using Firewalls to Enforce Enterprise-Wide Policies Over Standard Client-Server Interactions	2006-10-01	Academy Publisher
This paper proposes and evaluates a novel framework for enforcing global coordination and control policies over message passing software components in enterprise computing environments. This framework combines the use of firewalls, both per-node software and dedicated firewalls, with an existing coordination and control system to enforce policies that, among other properties, are stateful and communal. The firewalls act as a set of distributed reference monitors that filter messages exchanged between the interacting software components. The coordination and control system coordinates the firewalls to enforce a specific set of policies, passing only messages allowed by these policies. Filtering decisions may be based on credentials presented to the coordination and control system as well as system state accumulated over time. Tags: Security Tools
Tuning Cisco IOS Firewall Denial-of-Service Protection	2006-10-01	Cisco Systems
Prior to Cisco IOS Software Release 12.4(11)T, Cisco IOS Firewall provided Denial-of-Service (DoS) attack protection as a default when either Classic or Zone-Based Policy Firewall was applied. Cisco IOS Software Release 12.4(11)T modified the default DoS settings so protection is effectively disabled, but the connection activity counters are still active. This paper provides procedures to tune Cisco IOS Firewall DoS protection values for both Classic and Zone-Based Cisco IOS Firewall. Cisco IOS Firewall maintains counters of the number of "Half-open" TCP connections, as well as the total connection rate through the firewall and intrusion prevention software, in both Classic Firewall (ip inspect) and Zone-Based Policy Firewall. Tags: Denial of Service, Security Tools

Security

Featured Whitepapers

Member Login

Webcast: Maximizing Data Protection with Disk-Based Backup

HP Simply StorageWorks D2D Backup System

Industry Watch: Healthcare