Unicenter TNG - Network Security Option firewall for large networks


If your network is big, it is very difficult to administer all the devices. Unicenter TNG Network Security Option is one high end firewall which secures large networks effectively. Read the article to know about its features.

Any expanding organization requires bigger networks with thousands of computers. But the task of administering large number of network devices which include client workstations, messaging & file servers, routers and firewalls is not easy. For this purpose, Unicenter TNG developed Network Security Option. It runs on all major versions of Unix and Windows NT. It ties into the Unicenter resource management tools and thus, users can combine authentication and resource access rules with packet filter's port restrictions. The TNG suite of tools allows network administrators to centrally manage multiple Network Security Option firewalls distributed throughout the organization. This helps easy configuration of the firewalls and boosts security.

Minimum platform requirements


  • Intel Pentium microprocessor or an equally powerful Unix workstation

  • Hard disk drive of 500 MB

  • Two network interfaces

  • 64 MB RAM


  • Interface


    Network Security Option has a graphical interface for Unix and Windows NT. The graphical interface makes it easy to create pass/drop rules. Packets from which source can pass and which not can be decided by the administrator. He can also disable specific services for some computers. All the security options are integrated with the components of Unicenter system so that the user is not required to re-establish user account information or restrictions each time he changes his location.

    Security features


    The Security Option provides all security features like rewriting for supported protocols, Network Address Translation and generic proxying for redirectable protocols. Whenever a suspicious activity is detected, automatic reconfiguration of the security policy occurs. The system locks down in the process and gives the administrator time to decide a response.

    The major security features of Network Security Option are discussed below.

    Stateful inspection packet filter

    The stateful packet filter ensures that the data packets come from a reliable source. It effectively restricts suspicious IPs and prevents denial of service attacks & spoofing. In terms of strength, it is comparable with the filter provided by Checkpoint Firewall-1. Instead of handing protocol payloads to a separate Application Layer service, the filter rewrites it directly. This allows maintaining a proper buffer length to prevent buffer overrun conditions.

    The filter checks all typical features like source & destination addresses, port numbers, SYN bit and options set of the data packets. It checks every packet before the IP stack processes it and keeps track of connection information across the packets. However, the UDP packets do not retain any information about the sessions.

    Centralized administration & integration with management tools

    Network administrators can manage multiple firewalls throughout the enterprise by using the Central policy-based management application. This allows easy configuration and event detection. Policies can be created by the administrator and applied across the enterprise. He can also integrate the system with IT management tools so that he is regularly updated about the logs and response features.

    Real time monitoring services

    On event detection, the firewall sends alarms to the administrator through email and pager notifications.

    Pricing


    The prices vary with the Unicenter network infrastructure you use. The company has provided no pricing information on internet and network administrators will have to contact a sales representative for more details. On hear-say-basis, I expect the price to be around $3500 for smallest infrastructure. For an evaluation edition or more information, visit the official website of Unicenter TNG.

    Review


    Network Security Option manipulates the IP packets directly, without handing them to a separate proxy server application first. This enables faster proxying and therefore increased performance. The latency between the network and internet is drastically reduced. Apart from high performance & speed, other major advantages of the firewall are centralized management, integration with Unicenter and strong remote management. On the other hand, the drawbacks are its high cost and requirement of a Unicenter network infrastructure for operation.

    This infrastructure is designed for very large businesses and can again add to the cost. If your network is medium sized, do not opt for this firewall but if it is really big, you need a very strong firewall like Network Security Option to administer its numerous devices. The price is secondary then.


    Read Compaq's AltaVista Firewall - a security proxy for network


    Comments

    No responses found. Be the first to comment...


  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name:
    Email: