« previous next »
Pages: 1 2 3 [4]   Go Down

Author Topic: Network Securities?  (Read 952 times)

Offline bikekil

  • Gold Member
  • *****
  • Posts: 2038
Network Securities?
« Reply #45 on: December 02, 2004, 06:47:06 PM »
Quote
Originally posted by Vulcan
Not good enough. I want an exact technical explanation of the advantages of one personal computer, with a firewall and average AV software connected to the internet versus another personal computer with just mcafee 8i connected to the internet. I want to know exactly in technical terms the advantages of that cheap firewall.


that personal computer have to be a windows box? :)

If it can be a open source system, then you have a firewall for free, intrusion detection for free and you should pay for the antivirus software ONLY and if you really want to save, you have the ClamAVF that's also a free solution.
In addition you can scan all of your e-mail by amavis + clamav (or f-secure or anything) you can scan every "proxy" traffic and so on... for free, or pretty cheap when you want to pay for the antiviral software (that's what we decided to do).

If you want to be sure it's secure, you can cluster the linux boxes :)

Centralised management and reporting - you can write your own script or use some log analyzer (webalizer) to have a centralised reporting.  It's harder with the management part, but after all, you have the admins to manager the thing... if not, most of the stuff is based on a config files anyway, so you could write a management console that suits your needs pretty easy.
-----------------------------------

Everything whule we assume that you have a time to go with an open source thing. If you don;t have the time to invest in it, it's better to pay for a solution that it's already built :)
Logged

Offline Vulcan

  • Plutonium Member
  • *******
  • Posts: 9910
Network Securities?
« Reply #46 on: December 02, 2004, 07:12:13 PM »
Quote
Originally posted by bikekil
If it can be a open source system, then you have a firewall for free, intrusion detection


OK lets pick this particular gem out.

What Layer 7 Firewall system is available for free on any open source system?

What IDP system is available for free on any open source system?

If you can provide either (which somehow I seriously doubt) who is responsible for attack signiture updates?
Logged

Offline Trell

  • Nickel Member
  • ***
  • Posts: 693
Network Securities?
« Reply #47 on: December 02, 2004, 07:34:41 PM »
Vulcan,

How would you conpare one of there systems with a check point  SecuRemote system.  

does it compare well in pricing,  can they be set up for High Availability with clustered systems?.  for the added fee the give you the key for the ids addon as well.  I have not looked into virus scanning on the system it self.  We use corperate mcaffy(yes i know my spelling sucks)
« Last Edit: December 02, 2004, 07:56:03 PM by Trell »
Logged

Offline Trell

  • Nickel Member
  • ***
  • Posts: 693
Network Securities?
« Reply #48 on: December 02, 2004, 07:49:17 PM »
Quote
Originally posted by Vulcan
OK lets pick this particular gem out.

What Layer 7 Firewall system is available for free on any open source system?

What IDP system is available for free on any open source system?

If you can provide either (which somehow I seriously doubt) who is responsible for attack signiture updates?



It is not free But i have been looking into a linux based system for home use,  and depending how it works   look into it in the workplace next year

http://www.astaro.com/
Logged

Offline bikekil

  • Gold Member
  • *****
  • Posts: 2038
Network Securities?
« Reply #49 on: December 03, 2004, 07:04:31 AM »
Quote
Originally posted by Vulcan
OK lets pick this particular gem out.

What Layer 7 Firewall system is available for free on any open source system?

What IDP system is available for free on any open source system?

If you can provide either (which somehow I seriously doubt) who is responsible for attack signiture updates?


Here is an example:

http://www.clarkconnect.com/info/

You have enerything you need and everything is based on open source solutions :)
They have some kind of support over there and are responsible for things... but,

Willing to try? it's pree for non-commercial purposes :)

If it's an open source thing - you can built it yourself without panyin anyone.

Attack signatures? why do i need them?
It's an addition to the regullar log analysis.
If i have no time (have no security team or so) i could base on the signatures of attacks that someone wrote and would have to wait for the updates... while it's  more secure to controll things yourself and have the various features as a bonus.

Virus definitiopns are another story and it's really cool to have a good system form a good vendor.

As for the security updates for linux itself?

if a hole in a software is published you have to do:
apt-get update
apt-get upgrade
and you are good to go :)
Of course you can recompile stuff manual way.
(pure Debian baby, but ClarkConnect and some other distro's are using it too).
Logged

Offline Trell

  • Nickel Member
  • ***
  • Posts: 693
Network Securities?
« Reply #50 on: December 03, 2004, 08:24:18 AM »
I believe you can get updated attack sigs from the snort sites.  Not positive.  But i am willing to bet they are there some where.
Logged
Pages: 1 2 3 [4]   Go Up
« previous next »