|
|
|
|
|
|
|
Sybergen Secure Desktop provides
basic IDS capabilities plus a personal firewall rolled
into a single package. It is thus ideal as a secondary
level of defense for users behind a corporate firewall
or IDS system, as well as providing protection for mobile
users when they venture out from behind the company firewall.
In addition to blocking ports and periodically self-scanning
for vulnerable spots, Sybergen Secure Desktop also
monitors open ports, closing and opening them whenever
access is required and automatically closing them if no
ending packet is received within a certain period of time.
It also analyses the network traffic and compares it against
a database of attack signatures, alerting users to potential
problems. If suspicious activity is noted, it will close
the offending connection automatically as well as logging
the attempt. When used in conjunction with the Sybergen
Management Server, the system administrator is able
to view the individual user logs.
Unfortunately, the user interface is a little tacky, looking
more like something out of a computer game than a serious
security tool. It also requires at least 65,000 colors
to be set on your monitor otherwise it is virtually unreadable
(and thus unusable). (Ed: Sybergen says that a lower
usable color format is available.) No serious tool
of this nature should depend so heavily on the hosts
graphical capabilities.
The main control on the interface is the Security Level,
which can be set from Off (no protection), to Ultra (nothing
at all gets through). In-between are Low (accepts inbound
requests), Medium (allows any local applications to communicate
with the Internet) and High (only allows certain protocols).
This provides a rapid means of setting the appropriate
level of security required. If more control is required
over the firewall settings then the Configure button
provides access to this. Here the user can specify trusted
applications and IP addresses, as well as adding or removing
access to specific protocols, ports and ICMP capabilities.
All changes made in this section are tied to the particular
Security Level currently in force. Thus, a user
may wish to use the High setting, but allow a couple of
extra ports through.
Once the ports are added, they will be enabled every time
the user selects High. Unfortunately, we could
see no means of similarly controlling the IDS policy in
Sybergen Secure Desktop. In a corporate environment,
it is possible for a system administrator to control these
settings from a central location if required.
The final buttons on the front panel provide access to
the log file and a neat Test facility, which contacts
the Sybergen Secure Desktop site over the Internet
and runs a port scan against a users machine. Handy
if you do not have access to high-end scanners such as
CyberCop or IS. |
|
|
Copyright © 2000
West Coast Publishing Inc. Posted from SC Magazine,
161 Worcester Road, Framingham, MA 01701.
#32048 All rights reserved. Managed by Reprint Management
Services, (717) 399-1900, www.rmsreprints.com sales@rmsreprints.com
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Home
| Company
| Products
| News
| Downloads
| Buy
| Support
| Partners
| Contact
Us |
1997-2001
Sygate Technologies, Inc.
All content, brands,
and products referenced herein are the trademarks or registered trademarks of
their respective holders. SygateŽ is a registered trademark of Sygate Technologies,
Inc. No part of this document may be reproduced or transmitted in any form or
by any means, electronic, mechanical, or otherwise, without prior written permission
of Sygate Technologies, Inc. Please be advised that Sygate Technologies, Inc.
actively and aggressively enforces its intellectual property rights to the fullest
extent of the law. |
|