[ISN] Software extras add fuel to firewalls

From: mea culpa (jerichoat_private)
Date: Fri Mar 19 1999 - 15:13:10 PST

  • Next message: mea culpa: "[ISN] Retailer Frustrates Hackers"

      This message is in MIME format.  The first part should be readable text,
      while the remaining parts are likely unreadable without MIME-aware tools.
      Send mail to mimeat_private for more info.
    Content-Type: TEXT/PLAIN; CHARSET=us-ascii
    Content-ID: <Pine.SUN.3.96.990319160428.19018Fat_private>
    Forwarded From: darek milewski <darekmat_private>
    Software extras add fuel to firewalls
    By Tim Clark
    Staff Writer, CNET News.com
    March 18, 1999, 12:20 p.m. PT
         The lowly firewall, once threatened with becoming a commodity, is
    being beefed up with antivirus software, virtual private network
    functions, intrusion detection, digital certificate servers, and bandwidth
         "The trend of last year was that every firewall vendor became a VPN
    vendor as well," said analyst Chris Christiansen of International Data
    Corporation. "This year everybody became a firewall, VPN, and security
    management platform." 
         Firewall vendors are souping up their firewalls for corporate
    networks because of falling prices and their desire to have their products
    at the center of the security universe. "They all see this huge installed
    base sitting out there and an opportunity to cross sell," said Jim Hurley
    of the Yankee Group. 
         Vendors are taking a variety of approaches to expanding their
    firewalls. Network Associates, Axent, and Secure Computing have bought
    several security technologies and either bundled them as an integrated
    suite or put them on a menu of offerings. Network Associates offers
    firewall, antivirus, and intrusion-detection software in its security
         But Secure Computing is now looking outside too; earlier this week it
    announced it will add intrusion-detection software from market leader
    Internet Security Systems in its firewalls. Next week it will announce it
    is bringing in load-balancing software from Radware, allowing a cluster of
    firewalls to function as one so it has automatic backup if one fails. 
         Another aggressive mover is antivirus firm Trend Micro, which has won
    deals with Lucent for its managed firewall product and has strong ties
    with firewall leader Check Point. 
         Firewalls are a natural place to cluster security technologies. "A
    lot of these products aggregate at the perimeter of the network, so
    there's an opportunity to combine them," said Matthew Kovar, security
    analyst at Yankee Group. 
         Also, firewalls are relatively mature technologies, and they're often
    the first piece of security software a network manager installs after
    hooking up to the Internet. 
         "It's becoming a must, have technology," said Robert Wise, director
    of product marketing for Secure Computing. In addition, he said, security
    threats have multiplied and network insiders are responsible for perhaps
    half of security breaches. Then there are computer viruses, hostile Java
    applets, and coordinated "denial of service" hacker attacks designed to
    crash a firewall. 
          Sitting on the edge of a network, firewalls are becoming a place to
    marshal security forces against a broad range of attacks. 
         "There's a growing realization that firewalls are extremely effective
    in controlling who can enter your organization, but they are not effective
    in terms of what enters your organization," said Daniel Schrader, director
    of product marketing at Trend Micro. 
         Check Point was one of the earlier firewall vendors to add VPN
    capabilities, and customers have responded. Two years ago, one in 12
    customers bought a VPN add-on to their Firewall-One, said Asheem Chandna,
    Check Point's vice president of marketing. In its most recent quarter,
    half of its firewall buyers purchased VPN too. 
         But Check Point's ultimate strategy is to own the centralized
    management of a corporation's security network, and for that it has
    established its OPSec Alliance of some security 200 vendors whose products
    work with Check Point's. Through a deal with public key infrastructure
    vendor Entrust, Check Point now bundles public key infrastructure software
    to authenticate both rs and devices on a network using digital
         Lucent, a latecomer to the network security, isn't sticking just to
         "We have found on firewall side that the two elements customers want
    are content security and integration of user authentication," said Howie
    Gittleson, Lucent's director of security and VPN solutions, hinting of
    more deals. 
         But Hurley says big customers don't see the need for integrating
    other security measures with firewalls. 
         "We're not seeing a large take, up from users to take advantage of
    all these things," Hurley said, noting that firewalls are notoriously
    difficult to configure and manage.  "Adding additional services that plug
    into firewalls only makes their job more difficult," he added. 
         Analyst Kovar says big customers still look for the best products in
    the category. 
         "If they're going to use those products already, they're happy for
    vendors to do the integration for them," he said. "They're looking for
    best products and that's what they're going to go with. If the
    relationships are already established, it's better for them." 
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Hacker News Network [www.hackernews.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:21:19 PDT