Tavve Releases ZoneRanger 4.0

Cost-effective solution securely manages network architecture

Research Triangle, NC (18 May, 2006) -- Tavve has released version 4.0 of its popular network management appliance, ZoneRanger®. Working with key security and management applications from major developers such as Cisco Systems, Juniper Networks, Nortel, and others, the features in ZoneRanger® 4.0 enable the user to securely manage the network environment in a simple and cost-effective solution.

”We built ZoneRanger to work in concert with the most popular network applications such as Cisco’s Security Monitoring, Analysis and Response System (Cisco Security MARS) product,” explained Anthony Edwards, CISSP, Tavve’s Chief Technology Officer. “ZoneRanger extends the reach of management consoles -- such as MARS -- into the untrusted areas of the network in a safe and secure fashion. Together, ZoneRanger and MARS provide complete and secure coverage in the network.”

Installed at the remote location with devices that need to be managed, ZoneRanger® 4.0 discovers the network and builds a topology database using Tavve’s patented technology. ZoneRanger® 4.0 has user-configurable controls to allow more command of what is being managed in the DMZ. It provides fault management services such as status polling via ICMP, SNMP, and TCP. The polling feature provides the network manager with the ability to see if a device is “up” or “down.” Failures are processed by Tavve’s root-cause analysis technology to determine the source of the fault. The root cause is forwarded securely and reliably to the NMS via SNMP traps. ZoneRanger® 4.0 can SNMP proxy to the devices through the firewall to retrieve SNMP MIB data that can be used for reporting purposes.

Enhancements from previous ZoneRanger® releases include integrated IP and TCP Status Propagation, advanced Trap/Syslog filtering, a new Syslog viewer, and network audit and recovery alerts.

The newly introduced SNMPv3 feature allows the ZoneRanger® (in conjunction with the Ranger Gateway) to act as a protocol converter for SNMPv1/SNMPv2c-to-SNMPv3 migration in addition to the existing SNMP proxy and SNMP trap forwarding features. “Few network managers are securely managing all their network devices due to the high cost of converting from SNMPv1/SNMPv2c-to-SNMPv3 technology,” said Edwards. “The new ZoneRanger® 4.0 solves this problem by surveying network devices in a secure manner with SNMPv3. In turn, the traps are converted back to SNMPv1/SNMPv2c when reporting to the NMS inside the trusted network area. ZoneRanger® 4.0 offers an affordable and immediate solution to securing your network using the SNMPv3 protocol.

“Due to the complexity and cost of upgrading hardware and software to SNMPv3, many professionals primarily use the non-secure SNMPv1/SNMPv2c to manage their networks,” explained Edwards. “While it works, this method is both untrusted and risky. But now you can manage securely without upgrading to SNMPv3, as ZoneRanger® 4.0 does it for you, mitigating SNMP-exploiting attacks.”

Managing in the DMZ with SNMPv3

The value of the authentication and privacy features of SNMPv3 is more compelling in the DMZ environment, due to the potential for compromised security in the DMZ. As such, managers who currently disallow SNMP in the DMZs will find SNMPv3 to be a viable option. Those who currently use SNMPv1/SNMPv2c in the DMZs may choose to upgrade DMZ devices to use SNMPv3. For those who decide to use SNMPv3 in DMZs, but who continue to use SNMPv1/SNMPv2c in the corporate networks, the use of an SNMPv1/SNMPv2c-to-SNMPv3 protocol converter is considerably simpler and cost-effective than upgrading their management applications to support SNMPv3.

SNMPv1/SNMPv2c to SNMPv3

In ZoneRanger® 4.0, users have the ability to proxy SNMPv1/SNMPv2c requests through ZoneRanger® to the devices in the network. ZoneRanger® can also forward SNMPv1/SNMPv2c traps. Security professionals prefer network devices to use SNMPv3 agents and those agents will not respond to SNMPv1/SNMPv2c requests. Also, many SNMP management software products are limited to SNMPv1/SNMPv2c in terms of querying devices. Thus, the management software is not able to make secure SNMP queries of those SNMPv3 devices. ZoneRanger® bridges the existing investment in SNMPv1/SNMPv2c managers and the SNMPv3 agents.

SNMPv1/SNMPv2c requests are made to the ZoneRanger® instead of the network device. ZoneRanger® converts the request into an SNMPv3 request and sends it to the end device. The information returned is converted back to SNMPv1/SNMPv2c and sent to the requester. Similarly, SNMPv3 traps are converted to SNMPv1/SNMPv2c traps before being forwarding through the Ranger Gateway.

By popular request, the ZoneRanger® can proxy TACACS+ requests out of the DMZ to a TACACS+ server in the enterprise. Thus, devices in the DMZ can be TACACS+ clients allowing the ZoneRanger® to proxy the TACACS+ requests without making modifications to the firewall or setting up additional servers.

About Tavve

Tavve creates products that focus on enabling other vendors' security/systems/network management software to work in and around secure areas such as the DMZ, extranet, untrusted network, hostile network, or remote network. Tavve also offers consulting services for network management integration and strategies, and OpenView map management software. For more information on Tavve, visit http://www.tavve.com.

Must Read Articles