New Weapon In Network Security And Availability Battle
Network traffic monitoring really is an emerging weapon in the battle
for network security and availability. According to our recent survey,
(and Gartner agrees with us) the top two areas of concern this year
is security and availability. Security and availability tools tend to
be distinct from each other and address different types of issues.
But in the case of Iris, we have found a best-of-breed product that
addresses both areas.
Developed by eEye Digital Security, the team that brought you both
SecureIIS and Retina, Iris is a powerful and easy to use network
traffic analyzer that allows you to examine the traffic on your
network. Iris makes the forensics of a security breach or performance
problem quick and effortless, allowing you to take immediate action
to resolve the issue.
One of the key features of Iris is its ability to decode and reconstruct
network traffic (such as emails, instant messages, Web-browsing sessions
and more) in its original format. In other words, you can actually see
the web pages viewed by a suspicious employee or follow the trail of
a hacker through your network, to quickly determine whether company
security has being compromised. Iris even delivers a complete audit
trail, giving you the evidence you need to take appropriate action
against those committing malicious or non-compliant acts.
With Iris?s ability to monitor network traffic, you?ll be able to
proactively recognize (and take steps to eliminate) suspicious or
non-compliant behavior before it can become a problem. You can also
identify potential performance issues, such as bandwidth abuses, hacker
attack damage and more, and take steps to resolve them before they
can result in major downtime for your users.
As always, we have picked a best-of-breed product. Iris has claimed
several recognitions including being voted to receive the W2Knews
Target Award as the best Network Traffic Monitor. Some of the other
features of Iris include:
Best news is that this puppy is only $995 a pop.
- Packet logging: Traffic is logged to buffer and then to disk and can
be referenced at a later date.
- Stream decoding: Entire series of packets, even from stored data,
can be reconstructed to allow for a "playback" of network traffic
- Packet manipulation: Modification of captured packets which can be
injected back into the network.
- Keyword filters: Traffic logging can be tuned down to certain events
and not just the capturing of all data seen on the wire.
- Scheduler: Start and stop logging automatically so only certain
timeframes of the day or night can be captured without human intervention.
- "Auto-discover": Any active machine on a network and include them
in an address book for easy target/origination selection inside filters
and for searching.
- Statistics: Statistics can be generated by quantity of packets,
protocol, and packet size. Bandwidth can also be monitored.
ELM Version 3.0 Is Finally Here!
We've been waiting for this for a while but the Build 188.8.131.524 of the
new version of ELM was really worth the wait. The original ELM has now
been broken up in three separate tools, each with its own focus. Everything
you had in your original ELM is still in the new Enterprise Manager, and
a whole bunch more stuff. The Log Manager and Performance Manager are
sub-sets and also cheaper. The good thing is that the price per server
has only gone up marginally, and you now have a state of the art, MMC
snap-in tool with ELM. It's better than ever. Get your new versions!
To compare the three, here is a nice little grid that explains:
Eval versions here:
ELM Enterprise Manager? 3.0
ELM Log Manager? 3.0
ELM Performance Manager? 3.0
Opportunity To See Interactive Demo of New SecureIIS
Remember the effects of Code Red and Nimba? $11 billion damage worldwide.
Microsoft?s IIS web server application is usually the most vulnerable
part of a network.
Exclusive to W2Knews readers, SecureIIS developer eEye is offering the
unique opportunity to learn first hand about SecureIIS, the IIS application
firewall. Created by the company that first discovered Code Red, eEye
Digital Security will get you an on-line interactive demonstration; you
will have the opportunity to observe SecureIIS in live action.
Learn how this application firewall fits within your overall security
infrastructure and the features that make SecureIIS the best tool on the
market, voted by Windows 2000 as one of the three great security tools.
Through interaction with the eEye team, you will learn about:
Several sessions are available. Each session is 45 minutes long. Space
is limited. Click on the below link to register.
- The Company behind the product
- The Role of SecureIIS protecting your web server
- Key features and capabilities of SecureIIS
- SecureIIS in action