Developer.com's Security Product of the Year Award
Information security... what more can one say about it? Keeping your business, and personal, data from the grips of the "bad guys" is of the utmost importance. Loss of mission-critical data can destroy a business or one's personal interests.
With the rising importance of implementing solid information security, one can imagine the proliferation of security products. Which one should you choose? What are your peers using, and why? Let me review the top five finalists for security products based on Developer.com's year-end product reviews. I'll end the discussion with 2005's winner. Here's what the industry is saying about five solid security products!
The following table shows the five finalists in this year's security category:
|Websense ® Web Security Suite||Websense, Inc.|
|Nessus||Tenable Network Security, Inc,|
|Sun Java System Identity Manager||Sun Microsystems, Inc.|
Let me review each of these products and show you more about the features that make each of these products popular tools IT professionals use to protect their information.
OpenSSH comes from our friends in the open source world. A key feature to OpenSSH is that it is free to all via the Internet. Found on www.openssh.com, this group has removed any restrictive components that might be tied down by patents or restrictive licensing. Having a strong security component free-of-charge is certainly attractive!
From a technical standpoint, OpenSSH is attractive due to the following key components:
- Strong Encryption: OpenSSH supports the patent-free encryption algorithms 3DES, Blowfish, AES, and Arcfour. These algorithms are known to have fast and strong capabilities. The encryption is started before authentication happens, so your passwords and authentication information are not passed as clear text.
- X11 Forwarding: OpenSSH also is able to encrypt X Windows System traffic. This keeps intruders from stealing your remote xterms or from placing malicious commands on your system.
- Port Forwarding: OpenSSH allows for TCP/IP connections to be forwarded over a secure, encrypted channel.
- Strong Authentication: OpenSSH has strong authentication that prevents security breaches like spoofing or fake routes. This product supports Public Key, One-Time Password, and Kerberos Authentication possibilities. RSA authentication, rhosts with RSA, plus one-time passwords with s/key, and Kerberos are basis for this authentication strength.
- Agent Forwarding: The OpenSSH authentication agent will hold a user's RSA or DSA authentication keys and then will forward this information to other connections the user is seeking to make. This allows for Single-Sign-On capabilities.
- Interoperability: OpenSSH's compliance with SSH 1.3, 1.5, and 2.0 protocol Standards allows for interaction with UNIX, Windows, and other ssh implementations.
- SFTP Client and Server Support in Both SSH1 and SSH2 Protocols: According to www.openssh.com, as of OpenSSH 2.5.0 complete SFTP support is included. The sftp-server(8) subsystem will operate in both the SSH1 and SSH2 environments.
- Kerberos and AFS Ticket Passing: This allows a user to access their Kerberos or AFS services without having to type in a password because OpenSSH automatically passes the data forward.
- Data Compression: This is a performance support mechanism that allows data to be compressed before encryption for greater performance over slow network links.
The second product also comes from the open source world with some touches by the Sourcefire group. The Snort intrusion detection system, with over two million downloads and 100,000+ active users, offers solid information security. Snort uses a rule-driven language that mixes signature, protocol, and anomaly-based inspection methods to form the security product. As part of the open source world, Snort has an abundance of open source developers who are able to quickly update holes and problems with Snort. Often, these updates are done at a more accelerated rate than with commercial intrusion detection programs.
Along with the open source developers, the creator of Snort, Martin Roesch, and his Sourcefire group, has added a layer of asset and behavioral profiling to Snort known as RNA (Real-time Network Awareness). According to Sourcefire, RNA gives "a persistent profile of a network and its assets. Using passive discovery methods, RNA adds a new level of visibility and intelligence."
For those who seek to stay current with Snort, there is also a full education track. This allows the user to stay current with Snort as the product develops and evolves.
Websense ® Web Security Suite
This product comes from the Unipalm group out of Great Britain. According to Unipalm, this security suite is designed to block spyware, malicious mobile code (MMC), and other Web-based threats, as well as spyware and keylogging transmissions back to their host sites. This product can keep users from phishing, and Unipalm notes that this product also can control the sending and receiving of instant message clients. With the growing popularity of IM, this is a feature that is sure to help corporate IT departments who want to curtail the use of IM or to keep the usage in check should IM be a business need.
Websense also utilizes advanced reporting features that help the information specialist to monitor and analyze their systems for security risks. Along with these reporting features, this product offers the user Websense © Security LabsTM alerts. The Websense Security Lab constantly monitors threats and potential Internet security problems and then notifies their users via alerts as to what should be done to offset the threat. System administrators will find this feature especially handy to stay current on potential threats that can harm their systems.
Nessus is brought to market by Tenable Network Security, Inc. Nessus is a leading active vulnerability scanner that features high speed discovery, asset profiling, and vulnerability assessment capabilities. Nessus is used by many Fortune 1000 companies due to these scanning capabilities. Nessus is usable on UNIX, Windows, OS X, Linux, and Solaris. The features of Nessus that make this product a popular player in the information security world are as follows:
- Complete Assessment and Discovery: Nessus can scan UNIX, Windows, and network infrastructures. It also discovers any network devices and it can identify the operating systems running on the devices, any applications on the devices, databases, and services running on those items. It will find any malware, P2P, and spyware. Nessus can scan all ports as well to find vulnerabilities and offer remediation advice. Once baselines are created for a network's devices, Nessus will compare later scans against these baselines to note any differences.
- High Speed Vulnerability Identification: Nessus scanners can be placed in multiple places along a network for quicker scanning. Also, Nessus can continually scan devices to insure that a constant look-out is on the job.
- Agentless Scanning: Nessus does not require the deployment of agents. The benefit of this, according to Tenable, is that "this allows you to rapidly deploy the scanners, eliminates the need for agent patching, and creates a flexible environment that is not dependent on target-specific agents."
- Real-Time Vulnerability Research: This is a team of industry experts researching potential pitfalls that can take over your system. This team is on the constant lookout for problems and can communicate directly with vendors or via the vulnerability knowledge base.
- Enterprise Manageability: When using Nessus with Tenable's Lightning Console, one can load balance scans, complete multiple scans more quickly, and track remediation efforts more efficiently.
- Commercial Support and Training: With Nessus, one has access to what Tenable calls a "direct feed: of the latest vulnerability data and the ability to keep vulnerability checks up to date automatically." Tenable also offers classroom and online training to help customers learn and stay up-to-date with the Nessus product.
Sun Java System Identity Manager: Developer.com's Winner!!
The winning product comes from Sun Microsystems. This product is hailed as a full solution for managing identity profiles and permissions. Sun touts that the Sun Java System Identity Manager provides:
- Enhanced Security: This includes being able to detect potential risks such as dormant accounts and being able to revoke all user accounts or administer access privileges from a central location. This central location also can be used to enforce consistent corporate information security policies.
- Lowered Costs: This product offers cost savings with automation, self-service capabilities, and delegated administration.
- Improved Productivity: Users can administer their own passwords and requests of access themselves. Also, it allows for seamless integration and automation of business processes.
With many elements of this winning product that are first-rate, here are a few of the bigger elements of the Sun Java System Identity Manager that Sun Microsystems puts forth:
- Virtual Identity Manager: This function allows identity information to be worked with from its native residence. This helps enhance speed and contain overhead costs by eliminating the need to develop another user data repository.
- Agentless Adapters: This feature leverages remote management protocols that enable connections to managed resources.
- ActiveSync: This detects permission- and/or profile-related changes on target systems. These detections will promptly be communicated and synchronized with the rest of the environment. This synchronization ensures that systems are not using old permissions or profiles that can compromise system information and security.
- Dynamic Workflow: This feature automates approval and notification tasks. These are tasks typically connected to the process of changing access permissions and identity data.
Identity Manager is one of the most open, modular and integratable solutions on the market and we're pleased it has earned recognition from Developer.com," said Tamara Rezler, director of product management, identity management, Sun. "Not only do we believe effective identity management is the single most important enabler of the networked economy but also that the entire industry is moving toward the adoption of open systems."
These are just four of a long list of key features that this winning product can offer an organization and their information security needs. For a look at the full list, check out http://www.sun.com/software/products/identity_mgr/ to see whether these features meet your needs as they do with other Developer.com readers.
|To see the entire list of Developer.com Product of the Year 2006 winners go to www.developer.com/lang/article.php/3576286.|
Security and coverage of information systems is critical. Knowing your needs now and being able to assess how your needs will change and grow are critical when selecting the right products to help defend your systems. Developer.com's user awards have highlighted five very solid products for you. Others exist as well, but it is our hope that the Developer.com user awards have helped highlight products that can help you in your critical security task.