Taking inspection to the depths
If going beyond just keeping a hacker from coming in sounds like a paragraph from your job description then deep packet inspection firewalls promise to deliver the next wave of defence. The deep packet inspection firewalls, such as the FortiGate system from Fortinet, have been touted as the best line of defence against anything getting through a network.
Eddie Irvine, computer systems specialist with the division of information and communications science at Macquarie University, said the process of installing the Fortinet system was at times leisurely followed by brief periods of intense stress.
Before installing the system, Irvine was running two firewalls, one of which was used to keep the students in and the other to protect desktop machines running Windows software which staff use.
Irvine said initially, the architecture was a mess.
"The firewall stopping our students from doing things - like hacking NASA - had grown organically and we had to merge the two firewalls into one; it was time for a change and to seek out an alternative," he said.
After trialling Fortinet the installation went ahead and Irvine said merging two firewalls into one is pretty painless.
There were three reasons why he chose the product. First was that the company approached him at the right time and Irvine said the vendor was pretty proactive during the entire process.
But more importantly it was price-competitive and he thought it was good technology.
"The real reason we chose Fortinet was that it inspects network traffic and finds and blocks viruses on the traffic, which I was cynical about in the beginning and initially saw only as an added bonus," Irvine said.
"Anybody responsible for desktops running Windows 2000 has got virus detection and prevention issues. We use Norton Anti-virus as well as an antivirus system in the e-mail gateway and saw the number of detections of viruses reported by Norton fall from 30 per day to maybe one or two since we introduced Fortigate.
"We had no problems with the Sasser worm or its variations."
Fortinet Asia Pacific general manager, Matt Young, said the aim of Fortigate-60 was to create an entire security platform that was affordable. "Our customers are saying they want an all-in-one system offering best-of-breed capabilities," Young said.
"An organization serious about security needs a cost-effective solution that is easy to manage and has to be 'plug and play'.
"Currently the market is swamped by managed security providers offering outsourcing and it is just as easy for a smaller firm to deploy a system like Fortigate."
Young said system attacks have risen from around 3000 a year in 1998 to 250,000 today.
He said the best defence is a network with intelligent solutions that keep IT managers informed ahead of time.
With Sandra Rossi