Breaks into VPN Security Scene

Over thepast year or two, security violations, hacks, and cracks have gone from theconcern of security administrators to big news -- and big business. Whilesecurity companies have grown to fill almost every niche, a still-developingmarket in the security space is that of the virtual private network (VPN) is establishing itself in this market with the recently releasedSecurityAnalyst 5.0.

SecurityAnalyst5.0 is a major upgrade. One new feature is the incorporation of Novell NetWare3.x, 4.x, and 5.x assessments, which allow security management of Microsoft andNovell networks from a single console. The previous versions of the softwarerequired separate installations of the product for disparate networks.

SecurityAnalystwas originally produced in 1994 and only served NetWare 3.x and Windows NT 3.0networks. The product has since changed ownership several times, being boughtby in 1999, which led to the development of SecurityAnalyst 5.0.

The productalso features a file rights auditor, which allows administrators to use thesystem to see which users have access to which directories and files. Theproduct monitors security access in a number of different ways. Access controlchecks station, time, and account restrictions, determining if a user isallowed access to data from certain workstations on the network and duringcertain time parameters. Password strength checks the password policy of thenetwork, determining if users are forced to change passwords on a regularbasis, if they are allowed to reuse passwords, or if the passwords must be keptunique from previous password choices. The password checker featureincorporates the hacker software L0phtCrack’s code base to protect againstfalse or stolen passwords.

Dataintegrity checks include determining whether the user has sensitive services startedon the machine, and checks for NT virus software. Data confidentiality checksscreen save status and password scripting. System monitoring looks for an auditpolicy on the system, and after running the tool, produces a report cardlisting a score in each security area and a top 10 risks list for the network.SecurityAnalyst 5.0 provides a graphical representation of its findings usingthe Crystal Reports reporting engine.

In additionto the release of SecurityAnalyst 5.0, announced a partnershipwith Telenisus Inc. Telenisus is a managed services provider that also providese-commerce services. Intrusion and Telenisus partnered to work on VPN andfirewall services.

Thepartnership focuses on the small office, known as power users. This niche ofthe market is neither small business nor consumers, rather a small branchoffice of a larger enterprise, such as a bank branch or a satellite office withless than 10 employees.

Theagreement integrates’s small-office VPN and firewall devices withTelenisus’ managed software and services.

Index: Inc., Richardson, Tex.,

Must Read Articles