Security is big business, especially considering the sophisticated blended attacks that are now commonplace. Solution providers use various appliances and software products to help combat those attacks and intrusions, but managing those multiple solutions is an expensive burden. What's more, many of the security solutions on the market don't address unknown or zero day threats. Zero day threats are becoming more prevalent, often taking the form of worms and leveraged security vulnerabilities.
Symantec's Network Security 7100 Series of security appliances provides an ample solution. The 7100 series offers several fully scalable appliances with throughput ranges from 50 Mbps to 2 Gbps that can meet the security needs of any business, no matter the size. CRN Test Center engineers evaluated the 7120, which is capable of 200 Mbps throughput for intrusion detection services and 100 Mbps throughput for overall in-line security processing. The unit includes four 10/100 Ethernet ports for network segmentation and lists for $7,995. Certified partners can expect a margin of around 20 percent. Placement in Symantec's five-tier channel program is based on a partner's commitment to selling the vendor's products and technical capabilities.
Several technological advances help to make the 7100 series unique in the security appliance market. First, Symantec's network threat mitigation architecture combines anomaly, signature, statistical and vulnerability detection techniques to secure networks from known and unknown attacks. In other words, the 7100 series can prevent attacks and outbreaks even if no virus or anomaly signatures exist.
The unit's convergence of security technologies is built around Symantec's enterprise products. Solution providers will find that the unit integrates protocol anomaly detection, traffic rate monitoring, IDS evasion handling, flow policy violation and signatures to effectively and accurately identify malicious activity. This single device can secure a network from almost any threat. Administrators also have the ability to define additional signatures, which can help protect the network from internal scripted attacks. Other security signatures are supplied via a database built around Symantec's proprietary threat database.
The unit's advances also include deployment flexibility, which means the unit can be configured to work inline. This setup forces all network traffic to travel through the unit for thorough screening. The 7120 can also be used as a monitoring device on a network segment, passively monitoring all traffic on that segment. This capability offers a good solution for those looking to leverage the product's intrusion detection and prevention architecture. Solution providers can also install the unit in Switched Port Analyzer, (SPA) mode to copy network communication from client and server segments to the unit. This feature is ideal for forensic analysis.
Other installation scenarios include a tap mode and an in-line bypass mode. The 7120 can also be used as a high-availability cluster. These modes are quite specialized, and are targeted for use in larger, more complex infrastructures. However, these features can offer customers an added sense of security and provide excellent selling points for solution providers.
The initial installation is straightforward, and the unit can be set up and start protecting a network in a matter of minutes. The unit's advanced capabilities do require a technical touch, and Symantec offers trained partners additional maintenance opportunities. CRN Test Center engineers found the unit's documentation concise and the integrated help system easy to use.
Administrators will benefit from the comprehensive realtime reporting that offers either a snapshot view or historical view of network activity. Symantec's own live update technology keeps the unit up-to-date with signatures and patches. What's more, Symantec's outbreak technology speeds signature updates by recognizing worm and virus outbreaks as soon as they are reported to Symantec.
Network Security 7100 Series appliances can be centrally managed via the Symantec Network Security Management Console, a scalable security management system that supports large, distributed enterprise deployments. The software also provides comprehensive configuration and policy management, realtime threat analysis, enterprise reporting and flexible visualization.
Solution providers will benefit from Symantec's use of field-based systems engineers to provide support, assist in integrations and make joint-sales calls.
Symantec's partner Web site includes a co-branded marketing program and various technical resources such as general technical training programs and facilitation packs, which train partners in designing specific, complex solutions.
CHANNEL PROGRAM SNAPSHOTS
> Symantec Network Security 7100 Series Appliance
DISTRIBUTORS: Arrow/MOCA, Douglas Stewart, Ingram Micro, Synnex, Tech Data
Note: Vendors can earn up to five stars for technical merit and five for their channel program. If the average of these two scores is four stars or greater, the product earns CRN Test Center Recommended status.