SearchSecurity: The new breed of unified threat management tools

Unified threat management devices have traditionally been suited for small and medium-sized business networks. UTMs combine a number of essential technologies, including firewall, perimeter antimalware and antispam, VPN, Web content filtering and more, but historically have not been capable of handing the traffic load of a large enterprise network. Now, UTM vendors are integrating a host of new features in an attempt to become more competitive against other enterprise-grade security appliances.

You can watch the five minute screencast that I did for SearchSecurity here. I cover several different products, including Fortinet, Sophos, Checkpoint and Juniper.

FedTech magazine: Cisco’s ASA-5512-X review

dashboard betterTo better protect the enterprise network, organizations need stronger firewalls. Cisco Systems’ Adaptive Security Appliance 5512-X delivers a solid set of features to address those needs: Zero-day malware protection, application-aware software and integration with endpoint device control for end-to-end security.

You can read my review here for FedTech Magazine.

Network World: Mobile Device Manager Review

airwatch 2Mobile Device Managers (MDMs) make a lot of sense when you are trying to control whom can access your enterprise network and applications from particular phones and tablets. But to effectively evaluate these products, you should first consider what exactly are you trying to control: the apps on particular devices, the pairing of a user with his or her device, the device itself, or the collection of files on each device. Each MDM has a somewhat different perspective, and has strengths and weaknesses in terms of what it can control best.

In my review today for Network World, I looked at six different products: AirWatch (pictured above), Apperian’s EASE, BlackBerry’s Enterprise Server 10 (BES10), Divide, Fixmo, and Good Technology’s Good for Enterprise. No single MDM product won this review; all had serious flaws that would prevent them from being successfully deployed, depending on your circumstances.

The need for better mobile security is obvious: witness this story from last year about a hospital volunteer taking pictures of patient records with his phone and them selling them. Sadly, most current MDMs still wouldn’t be able to prevent something this overt.

The MDM arena is still pretty immature, akin to where the anti-virus world was decades ago. Security profiles are somewhat clunky to install and administer and some vendors don’t support vintage versions of iOS or Android. Topping this off: once you find phones that have been compromised, there is no easy way to return them back to a pristine condition, largely through the fault of the mobile OS vendors.

Expect to pay between $20 to $75 per user or per device per year, which can add up if you have a lot of phones to protect. Few vendors are transparent about their pricing (Airwatch and Blackberry are notable exceptions).

Good and BlackBerry do the best jobs of protecting your messaging infrastructure, so if that is the primary reason for picking an MDM product you should start with these two. Divide had the most appealing management console and overall simplest setup routines, and also supports licensing unlimited devices per user. And Apperian is great for corporations that have developed a large collection of their own apps and want a consistent set of security policies when deploying them.

You can see the full range of screenshots for my review in this deck.

FedTech: Review of Microsoft Office Pro Plus 2013

Microsoft Office has split into two distinct personalities, Office 2013 (which you get via a CD) and Office 365 (that comes via the browser and the cloud). The two share several common features and will make it easier for federal government users to collaborate without having to serially email documents back and forth. There is also tighter integration into your Microsoft account for reading emails and adding contacts and calendar entries.

For more on my review of MS Office Pro Plus 2013, read it in FedTech Magazine’s latest issue here.

Password manager reviews for Network World

Today Network World has posted the latest product review of mine and is the third in a series of reviews over the past year that I have written about the general topic. We all have too many passwords to deal with, and enterprise IT managers have too many products that can manage them.

The most recent review looks at six different products that can be used by either consumers or corporations to handle passwords in a variety of situations. They are Kaspersky Pure, LastPass Enterprise, Lieberman Enterprise Random Password Manager, 1Password, RoboForm Enterprise, and TrendMicro DirectPass. Because you can’t directly compare the six, I didn’t award a winner, but I did like LastPass and Lieberman’s products a lot.

You can also see the various features of the products in this series of screenshots that I posted on Slideshare.

My earlier review on single sign-on products last December can be found here. These are strictly enterprise-related and look at ways that enterprises can deploy more secure Web services’ logins. The winner of that review was Okta.

Finally, my review of two factor authentication tools last May can be found here. These strengthen passwords by adding another mechanism, such as your cell phone, to the login process. The winner of that review was SecureAuth’s IdP.

Why your small business needs a better firewall

When I set out to test a collection of new small business firewalls for Network World, I wanted to find a place that could illustrate their need. I was fortunate to find Mercury Labs, which despite their name is a video production and public relations company of about 10 people located in midtown St. Louis, not far away from my office. Over the course of a couple of weeks, I brought in several different unified threat management boxes to try out, including Check Point Software’s 640, Dell/Sonicwall’s NSA250MW, Elitecore Technologies’ Cyberoam CR35iNG, Fortinet’s FortiGate 100-D, Juniper Networks’ SSRX220H-POE, Kerio Technologies’ Control 1100, Sophos/Astaro’s UTM 220, and Watchguard Technolgies’ XTM330.

Mercury was instructive because before I got there, they didn’t really have a lot of protection on their Internet connection: the only device connected to their cable modem was an Apple Airport. Relying on NAT does not a firewall make. Over the course of my tests, they were intrigued to see the consistent number of attacks coming across the big bad Internet as we could capture them in real time. Think of a sewer line that is encased in clear plastic so you can see the flow of filth.

Several of the vendors sent in their techs to help me with the tests, something that I always welcome because we always find bugs in any product. In fact we found a killer bug in the top-rated product from Check Point. The tech was making some frantic calls back to his developers in Israel where they quickly found and fixed the bug and sent us the new firmware.

Small businesses have lots of choices when it comes to protecting their network. You can buy a home router for less than $50 from any number of consumer networking vendors, or you can spend more than $4,000 for one of the more than a dozen firewalls from the enterprise security vendors. The UTM products lie in between those price points.

The UTM products include more than just a firewall: there is intrusion detection and prevention, network-based anti-virus and anti-spam screening, virtual private network connections (VPNs), and content filtering on outbound Web browsing to prevent phishing and browser-based attacks.

I liked the Check Point UTM because it had a nice balance of simplicity and power, and it was also the cheapest of the boxes that I tested. It worked well on the mostly Mac network at Mercury, something not all of its competitors could claim. You can see a sample screen from Check Point’s box below.

chkpt dash

You can see lots more screencaps here. And you can read my review in Network World here.