8 Cool Network Security Products At RSA 20131:00 PM EST Tue. Feb. 26, 2013
Network security vendors are rolling out new appliances and updating current ones at RSA Conference 2013, adding some new features that could provide better protection from targeted attacks, sophisticated malware and zero-day exploits. Some of the new capabilities draw on cloud-based services so once a threat is identified it can be shared with other customers. The goal is to provide faster detection and analysis so malware is identified and either contained for further analysis or blocked altogether.
Here are 8 standout network security offerings from RSA Conference 2013.
Barracuda Networks unveiled Barracuda Firewall aimed at small and midsize organizations. The firewall has centralized management and content filtering, Layer 7 application control and a control panel for installing, configuring and managing policies. Barracuda Firewall is available immediately in four models with throughput up to 5 Gbps, up to 8 Gbit copper ports, and no user or IP limitations. Pricing starts at $1,499, with no additional per-feature fees or other costs.
Juniper Networks delivered a new device fingerprinting technology that it said changes the way traditional IP address blocking is conducted. The company's Junos Spotlight Secure is a cloud-based device fingerprinting database of attacker devices for identification and blocking of attackers. The service is supported by Junos WebApp Secure and Juniper Networks SRX Series Services Gateways. David Koretz, vice president and general manager of counter security at Juniper, told CRN that he is overseeing integration of Mykonos Software, the company he co-founded, into Juniper. Mykonos was acquired by Juniper for $80 million last year.
Juniper is rolling out a DDoS protection system for websites and Web applications. Called Junos DDoS Secure, it will be deployed as a hardware appliance or as a virtual machine in private, public or hybrid cloud environments. It provides protection up to 40 Gbps for attacks as well as low-and-slow-style application attacks. The new DDoS technology follows Juniper's recent acquisition of the assets of anti-DDoS vendor Webscreen Systems from Accumuli.
Fortinet unveiled the FortiGuard Labs cloud-based sandboxing and IP reputation services for targeted attacks. The services support the company's FortiGate, FortiCloud, FortiWeb, FortiDDoS and FortiDNS network and application appliances. The sandboxing service uses behavioral attributes to detect malware by executing them within a virtual environment. Suspicious files can be automatically submitted to the new hosted service for further scanning without impacting FortiGate performance. The company also is rolling out a website for status and visibility into scanned results. FortiGuard Labs actively investigates and monitors IPs and manages honeypots to provide intelligence for its FortiGate, FortiWeb and FortiDDoS appliances.
Sourcefire delivered an Advanced Malware Protection appliance designed to defend against sophisticated network malware from the point of entry through propagation to post-infection remediation. The appliance is built on the company's FirePower platform for malware protection. The appliance delivers network malware detection, blocking and continuous file analysis. An alerting feature notifies users of malicious files entering their environment even when they were previously classified as safe. The appliance can be licensed to function with Sourcefire's IPS and next-generation firewall devices. The AMP appliance includes 100 seats of FireAMP malware protection for endpoints, mobile devices and virtual networks.
Splunk, a software platform for operational intelligence, and Palo Alto Networks unveiled the Splunk App for Palo Alto Networks 3.0. It uses Splunk's machine-generated data to analyze risk to address operational and regulatory concerns. The application feeds Palo Alto Networks appliance data with the Splunk application for analytics to provide information on an organization's security posture. The Splunk App can directly configure Palo Alto Networks Devices. It enables Splunk searches and supports Splunk Enterprise 5, making it scalable for large deployments.
Mandiant touted its partnership with Palo Alto Networks, agreeing to integrate the networking security vendor's next-generation firewalls and its WildFire modern malware prevention subscription with its Mandiant for Security Operation product. The incident response and resolution product will generate an alert when the Palo Alto Networks platform identifies which endpoints have been compromised.
Check Point Software Technologies unveiled a Threat Emulation Software Blade designed to prevent infections from zero-day exploits and targeted attacks. The new software blade inspects suspicious files and emulates how they run to discover malicious behavior. It completely prevents malware from entering the network, Check Point said. The software blade reports new threats to its ThreatCloud service, which is designed to share identified threats with other customers.