Two security products step beyond the firewall

Two security products step beyond the firewall

NetFacade software from GTE Federal Network Systems goes a step beyond firewall and intrusion detection software. It simulates an entire sham network where intruders can wander at will while the administrator tracks their moves and captures their IP addresses.

Another security product, ESentry from RIPTech Inc. of Alexandria, Va., does real-time analysis of data gathered by security devices to increase the chances of spotting intruders.

Neither product can replace a firewall or intrusion detection system, however.

'A facade doesn't eliminate the need for any of the other components,' said Wesley E. Jordan Jr., vice president of GTE Federal Network Systems of Arlington, Va. 'It's simply another tool in the bag.'

NetFacade runs on Sun Microsystems UltraSparc II processors under SunSoft Solaris 7, either inside or outside the firewall. It can simulate hosts running Linux from Red Hat Inc. of Durham, N.C., SunOS, Solaris or Microsoft Windows NT operating systems with a variety of network services.

NetFacade diverts intruders from the production network, shows how well security devices are working, is not swamped by packets as bandwidth grows, and gives an early warning of new threats, Jordan said.

On the downside, simulating a convincing network with NetFacade is not easy.

Not for novices

For sites without skilled administrators, RIPTech will take over the job of administering firewalls, intrusion detection, virtual private networks, public-key infrastructures and other security elements.

ESentry gathers and stores data from device logs in a Structured Query Language database, which it mines via a proprietary intelligence engine.

ESentry services start at $2,000 a month for a combined managed firewall and intrusion detection setup.'NetFacade's government price is $37,000, including server hardware and software, installation and one year of support. The price is lower if the buyer supplies the hardware.

Contact RIPTech at 703-916-8886 and GTE Federal Network Systems at 703-284-4676.

inside gcn

  • artificial intelligence (ktsdesign/Shutterstock.com)

    Machine learning with limited data

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group