When we tested next-generation firewalls last May, at least one important security vendor wasn't there: Cisco, because they weren't ready to be tested. Now that the ASA CX next-generation firewall has had a year to mature, we put the product through its paces, using the same methodology as our last NGFW test.
Joel Snyder | 17 Jun | Read more
If there's gold in log files, Splunk, Inc's Splunk will help you to find it. Splunk bridges the gap between simple log management and security information and event management (SIEM) products from vendors such as ArcSight, RSA, Q1 Labs, and Symantec.
Joel Snyder | 26 Sep | Read more
If there is a simple way to describe the difference between a next-generation firewall and a traditional firewall, it is "more detailed controls." In firewall terms, people talk about "widening the 5-tuple."
Joel Snyder | 22 Aug | Read more
Web scanning is different from vulnerability scanning because it looks for bugs in the Web apps themselves, rather than in the software installed on the Web server. For example, all of the vulnerability scanners told us about an old embedded system on our network vulnerable to a cross-site scripting attack because of an old version of PHP.
Joel Snyder | 20 Jun | Read more
Compliance is a natural extension of a vulnerability analysis tool. Normal vulnerability scanning includes searching for unpatched systems, unprotected directories and other errors in configuration.
Joel Snyder | 20 Jun | Read more
We developed a test methodology and evaluation criteria in six main areas, including results reporting, product controls and manageability, scan results, vulnerability workflow features, interoperability, and updates and protocol support.
Joel Snyder | 20 Jun | Read more
Twelve leading NAC products put to the test
Joel Snyder | 22 Jun | Read more
As an avowed IPSec zealot, I generally recommend the technology for remote access. But the SSL VPN vendors have been building such great technology that there are now places where SSL-based remote access is clearly a better choice than IPSec. One of the best places for SSL VPNs is in the ad hoc environment -- places where your employees want to connect but would have to use someone else's computer, such as in an Internet caf‚ or at their brother-in-law's barbecue.
Joel Snyder | 21 Dec | Read more