Full Text

Network security at the edge doesn't just mean at the firewall and router anymore. InfoExpress believes you should implement your security policy at the other network edge-the desktop and remote virtual private network user.

CyberArmor is a centrally managed, enterprisewide personal firewall that uses multilayer stateful inspection to protect against Trojan Horses and other IP-based network attacks. It also logs suspicious activity to a common ODBC-compliant database. It's available for all Win32 platforms and will soon have clients for Solaris and Linux.

Our only complaint with CyberArmor is that defining a policy requires some effort and an intimate knowledge of CyberArmor's command syntax.

Really a suite of tools with four separate components, CyberArmor Enterprise Personal Firewall is composed of CyberArmor (firewall agent), PolicyManager, CyberServer and CyberConsole. The firewall com-

ponent, CyberArmor, is available for Windows 9x, Windows NT 4.0 and Windows 2000, and support for Red Hat Linux and Sparc Solaris is in development. CyberArmor inspects TCP/IP traffic up through Layer 7 to protect against IP-based as well as application-level attacks. Like other stateful inspection firewall engines, it inspects all TCP/ IP layers to make sure traffic conforms to established security policies.

Unlike proxying firewalls, which still advertise the protected services, stateful inspection engines will let you run applications without exposing the system any more than is required. For example, applications that use multiple ports, such as FTP, can be explicitly locked down to only allow user- initiated sessions. CyberArmor...