Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Networking

    AlgoSec Targets Security Weaknesses in VPN Configurations

    By
    Brian Prince
    -
    April 21, 2008
    Share
    Facebook
    Twitter
    Linkedin

      AlgoSec has expanded the capabilities of its firewall analyzer to provide deeper insight into VPN settings to improve security and management.

      The technology, called AlgoSec VPN Analyzer, is meant to fill a gap in VPN products by helping users analyze their VPN settings for security weaknesses. It has been added to Version 4.3 of the company’s Firewall Analyzer product released earlier this month, and is available with either the Risk or Optimization modules. AlgoSec Firewall Analyzer is built to help users automate aspects of firewall, router and VPN administration across Cisco, Check Point and Juniper products.

      “The focus of the Firewall Analyzer’s VPN analysis capability is to provide visibility, analyze risk and support cleanup operations of VPN definitions that are on the firewall–both point-to-point and remote-user VPNs,” said Avishai Wool, AlgoSec chief technology officer. “The vendors have convenient methods of adding new definitions, or editing existing ones. They do not have good capabilities in reporting and analysis of these definitions. It is quite difficult to find out what access does user Bob have or which users have access through rule 17.”

      In addition to providing real-time monitoring and the ability to track configuration changes, users can also compare their VPN rules to industry standards and eliminate security vulnerabilities from the VPN configuration.

      Wool explained it this way: “We have to remember that a VPN is just an encrypted pipe that usually requires authentication to get into. But once the VPN is established, anything can pass through it. So, for instance, if a VPN is established from a user’s home net to the corporation, in principle anything that is running on the home net can potentially enter the corporate net.”

      Clearing Out the Clutter

      By default the AlgoSec Firewall Analyzer looks at the traffic allowed through the VPN based on the rules but does not flag risks for such traffic–essentially whitelisting all traffic traversing a VPN. But for more security-conscious organizations this behavior can be overridden on a risk-by-risk basis, allowing the organization to use the full power of the AFA’s knowledge base of risky traffic on VPN traffic, Wool said.

      Over time, VPN configurations become full of clutter, he added.

      “You can find users whose access has expired, users that do not belong to any user groups, which means that they have no access, user groups that are not connected to any rule so they are just dead wood,” he said. “The AFA VPN analysis finds all these floating definitions and highlights them in an easy-to-navigate report that allows quick drill-down too.”

      The product also allows users to view rules from the firewall policy that relate to the VPN, lists of VPN users and user groups, as well as the rules associated with each group.

      Avatar
      Brian Prince

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×