| Title | Date Added | Company | |
|---|---|---|---|
![]() |
Limited Choices Are Available for Network Firewalls in Virtualized Servers | 2007-12-20 | gartner |
| The increased use of virtualization solutions that support an internal virtual network, combined with the increasing deployment and use of network firewalls within the data center, is changing how network firewalls are deployed to provide security in the data center. The increasing use of virtualization, particularly in data center environments, will lead to new potential attack paths. In response to threats that can originate from within the enterprise, data centers are now a part of the extended DeMilitarized Zone (DMZ). To protect critical servers and data in virtualized environments, the use of network-based firewalls and IPSs that run in those environments will be required to maintain security segmentation.
Tags: Network Security, Security Tools |
|||
![]() |
How Cisco IT Upgraded Intrusion Detection to Improve Scalability and Performance | 2007-12-19 | Cisco Systems |
| Comprehensive network security has no substitute. Firewalls are Cisco IT's first line of network defense, protecting against most intrusions from outside the network and intrusions into data centers. Firewalls are effective but limited in scope. Cisco IT needed more security at the network perimeter. Cisco deployed 35 Cisco IDS 4230 sensors worldwide. These sensors protect the network perimeter, alert IT staff when an intruder has penetrated the firewalls (or is within the firewalls), and captures data to help identify the IP address of the intruder.
Tags: Network Security, Intrusion Detection Systems |
|||
![]() |
Personal Firewall Usability - A Survey | 2007-12-12 | Helsinki University of Technology |
| This paper focuses on the usability challenges presented by personal firewalls. Nowadays, the focus of IT security is changing from patching system to securing remote access citeTM07, so many personal computer owners install a personal firewall to increase the security of end nodes on a network by monitoring both incoming and outgoing traffic. But there are tons of personal firewalls to choose from, each with their features and complexity. The warnings or questions asked by prompts for there firewalls often are cryptic; many of their rules are not needed, or are too flexible, and are always enabled, making the network nodes vulnerable to a variety of attacks.
Tags: Network Security, Security Tools |
|||
![]() |
Policy-Driven Access Control Over a Distributed Firewall Architecture | 2007-12-01 | University of London |
| Motivated by a Grid based scientific application, where a dynamic collection of individuals and institutions are required to share resources to achieve certain goals, this paper propose the synthesis of two lines of research. The first line is Policy-Driven Access Control which treats policies as first-class objects that can be negotiated and tailored to particular roles. The second line is Distributed Firewalls that provide a dynamic and distributed security infrastructure bringing together peer-to-peer collaboration and hierarchical administration. Through this fusion one expects to deliver a scalable, dynamic and distributed method of setting up security infrastructures which has the benefits of allowing peer-to-peer collaboration, whilst maintaining the robustness and re-configurability of systems supplied by the central administration of the security policies.
Tags: Security Tools |
|||
![]() |
Avfs: An On-Access Anti-Virus File System | 2007-12-01 | Stony Brook University |
| Viruses and other malicious programs are an ever-increasing threat to current computer systems. They can cause serious damage and consume countless hours of system administrators' time to combat. Most current virus scanners perform scanning only when a le is opened, closed, or executed. Such scanners are inefficient because they scan more data than is needed. Worse, scanning on close may detect a virus after it had already been written to stable storage, opening a window for the virus to spread before detection. A true on-access anti-virus file system is developed called as Avfs that incrementally scans les and prevents infected data from being committed to disk.
Tags: Security Tools |
|||
![]() |
Detection and Removal of Firewall Misconfiguration | 2007-12-01 | Universitat Autonoma de Barcelona |
| To police network traffic, firewalls must be configured with a set of filtering rules. The existence of errors in this set is very likely to degrade the network security policy. The management of these configuration errors is a serious and complex problem to solve. This paper presents a set of algorithms to manage rules that never apply or are redundant in a firewall configuration. The approach is based on the analysis of relationships between the set of filtering rules. Then, a subsequent rewriting of rules will derive from an initial firewall setup to an equivalent one completely free of errors. At the same time, the algorithms will detect both shadowed and redundant rules in the initial firewall configuration.
Tags: Network Security, Security Tools |
|||
![]() |
A Distributed Firewall for Multimedia Applications | 2007-12-01 | Darmstadt University of Technology |
| Firewalls are a widely used security mechanism to provide access control and auditing at the border between "Open" and private networks or administrative domains. As part of the network infrastructure they are strongly affected by the development and deployment of new communication paradigms and applications. Currently use of multimedia applications has rise. These differ in many aspects from "traditional applications", for example concerning bandwidth usage, dynamic protocol elements or multiple data flows for one application session. Corresponding firewall mechanisms and techniques did not change with the same dynamics though. This paper identifies typical characteristics of multimedia applications that cause problems using traditional firewalls.
Tags: Security Management, Security Tools |
|||
![]() |
Intrusion Defense Firewall | 2007-12-01 | Trend Micro |
| Mobile computers that connect directly to the Internet outside of a company's firewall can introduce risk into the corporate network and thus require a higher level of security to protect against network intrusions. Host intrusion defense systems combine intrusion detection and prevention capabilities, and run on the host itself. There are two main approaches to host intrusion defense - system execution control or a network approach. The network approach offers several advantages by blocking malicious code before it impacts the host, targeting potential vulnerabilities in addition to known exploits, and providing proactive vulnerability-facing network inspection. Using multiple techniques to filter both inbound and outbound traffic insures optimal efficiency and effectiveness.
Tags: Network Security, Security Tools |
|||
![]() |
TechNet Webcast: Improving Desktop Security and Deployment (Part 5 of 7): Deploying IPSec With Windows Vista (Level 200) | 2007-11-26 | Microsoft |
| The presenter of this webcast looks at the new network stack in the Windows Vista operating system, and talks about how innovations in the stack can help secure the network by enabling new features to filter network traffic and prevent unwanted forwarding. The presenter shows the new features in Windows Firewall based on the Windows Filtering Platform (WFP). This webcast covers the new rules system, which has many scenarios already defined in an easy-to-use interface, and shows how Windows Vista helps secure connections with tightly-integrated Internet Protocol Security (IPSec).
Tags: Network Security, Windows Vista |
|||
![]() |
Diverse Firewall Design | 2007-11-26 | Institute of Electrical and Electronics Engineers |
| Firewalls are the mainstay of enterprise security and the most widely adopted technology for protecting private networks. An error in a firewall policy either creates security holes that will allow malicious traffic to sneak into a private network or blocks legitimate traffic and disrupts normal business processes, which in turn could lead to irreparable, if not tragic, consequences. It has been observed that most firewall policies on the Internet are poorly designed and have many errors. Therefore, how to design firewall policies correctly is an important issue. This paper propose the method of diverse firewall design, which consists of three phases: a design phase, a comparison phase, and a resolution phase.
Tags: Security Tools |
Careers at Accenture
Immediate job opportunities at Accenture – Apply Now!
Webcast: Maximizing Data Protection with Disk-Based Backup
Register to attend this webcast and learn why data protection is critical to your business.
Compare your IT salary
Sign-up for free download of IT salary benchmark report 2008.