The traditional security products, including firewall, IDS, and anti-virus are very familiar to us. They are occupying most of security market share. And we know the UTM, IPS, and SOC are the ongoing stars. However, what’s about the future? From the view of ISO/OSI model, we know we have done too much on the network layer; we had focused on this layer and developed lots of products based on it.
Maybe the reason is like this: in the past, we implement the IT infrastructure without security built in it. Internet spread widely in few years as security just can’t keep up with it. This has brought a lot of breaches or exposure at the networking layer. Read more…
或许A在网络信息安全这个领域中有点神秘色彩,也有些特殊地位。Authentication, Authorization, Account, Accounting, Audit, Availability, Accountability, Administration, 很多A,每个A都在A的名义下定义了不同的功能。
最早Cisco路由器配置中的AAA Newmodel,其中的AAA是指:Authentication, Authorization, and Accounting. 功能很明确,先作用户认证,然后授权他可以在设备上面进行什么样的操作,最后,进行记帐。对,这里的Accounting,就是记帐,不是帐号。它帮助运营单位对网络流量和操作进行记帐。
IDC中AAA的分类,定义了AAA,这里的AAA与Cisco网络设备配置中的AAA有所不同,区别点在于第三个A,IDC的AAA的第三个A是指 Administration, 其实含义基本上是除了Authentication认证,Authorization授权,以及Anti-virus反病毒、Firewall防火墙、 IDS入侵检测系统(在2000年以前,似乎IDS和扫描器都在这第三个A中,后来IDS单独分类统计)。现在IDC重新定义了AAA,将其分成了两个区域,第一是IAM(Identity and Access Management),第二是SVM(Security Vulnerability Management)。参考下面的示意图,IAM中增加一个新内容,就是目录管理,SVM中也增加一点新内容,就是漏洞管理。漏洞扫描产品(scanners)本来也是属于IDC AAA中最后一个安全管理的内容,后来与IDS成为一个分支 ID&A,现在漏洞管理的名义下重新回到SVM下面。当然了,今天的漏洞管理在内涵上大大超出了原来的单纯的漏洞扫描。
而AAAA则是国内领先运营商在AAA/IAM基础上结合国内的实践提出的模型,它的全称应该是: Account, Authentication, Authorization, Audit,也反映了中国安全业界对于安全管理的思索和创新。
Force10 is getting into a new territory by the release of its P-series 10GE/GE IDS/IDP yesterday. Basically speaking, it's the first 10G IDS/IDP products in the market. Force10 P-series products includes P-10, which has two 10GE ports, and P-1, which has two 1GE ports. They can work like with SPAN from switches lieke IDS's , and in-line like IPS's. Force10 will compete against Juniper, Cisco, Fortinet, 3Com and other high-end IDS/IPS/UTM vendors.
It's a bit astonishing that 2×10GE port P-10 is condensed into a 1U rack mountable box. Based on its patented DPI (deep packet inspection) technology, P-series engines run at full line-rate for GbE or 10 GbE network links with full deep-packet inspection and stateful signatures/policies enabled.
While they're at it, Force10 officials are taking a swipe at the mainstream security market with the P-1, a similar two-port box for Gigabit Ethernet lines.
MetaNetworks was shipping its own products, but those are subsumed by the P-series, which Force10 believes is more suitable for volume shipments. Force10 officials have said they'll eventually turn MetaNetworks's FPGA-based technology into a series of blades.
Any lead Force10 has in 10-Gbit/s security might not last long. Fortinet Inc. admits it doesn't have a 10-Gbit/s intrusion detection and prevention box, but the company pledges it will "announce something, probably within the next couple of months," a spokeswoman says.
Both of the P-series systems are shipping in production, with the P-10 listed at $95,000 and the P-1 at $38,000.
Click here for the datasheet.
时间如白马过隙,匆匆忙忙中2005年就结束了,现在2006年的时针转的似乎比去年更快。有朋友提醒说总该回首一下、前瞻一下,拖了一段时间,总算写下几段文字,也算对自己和朋友有个交代。
2005年不能算是安全市场的丰收年,写下战国七雄的文字后,未料到其中已有玩家遭遇“宏智”-like的不幸,我自认不是乌鸦嘴,这事肯定与我无关,-:(
还是看看后面的技术发展吧。我借用了Gartner公司的新技术发展曲线,将若干我想到的安全技术都拎出来,给他们找了个位置。欢迎大家批评、评论。
请看: Read more…
Categories: -Chinese-, P2P, Security, Telecom Tags: Anti-virus, DoS, Firewall, IDS, P2P, Security, SKM, Skype, SMW, SOC, SSO, SVM, UTM
Recent Comments