Browse the White Paper Categories
WatchGuard Unveils Vision of Extensible Network Security
SEATTLE - June 30, 2008 - WatchGuard® Technologies, a global provider of network security solutions, today announced its vision of taking unified threat management (UTM) to the next level of performance, scalability, high security, investment protection and endâ€user choice with its vision and technology direction of extensible threat management (XTM) and connectivity solutions.
Read the white paper
SSL Everything: Protect all of your website, not just a few parts
Chances are, if you're utilizing SSL, you're not utilizing it to its full potential. SSL is a powerful technology that can help organizations protect their data as well as their users. While the technology behind SSL is solid, the most common best practices for its implementation do not take full advantage of the benefits that SSL brings. And this may be inadequate to provide proper security to the modern web application environment.
Read the white paper
All-in-One Network Security Appliances: Common Myths and Misperceptions
As this white paper is being written, the concept of UTM (unified threat management) has been
around for more than five years. Network Box Corporation has actually been in existence for
almost 10. Yet, even after these many years, and with so many other vendors now on the
market, the UTM concept has yet to be as generally accepted as one would expect, considering
the enormous benefits it provides in terms of simplification, manageability, and cost of network
gateway security.
Read the white paper
VPN - Extending ADTRAN's Traditional WAN Solutions
Virtual Private Network technology is gaining in popularity as more and more companies begin to realize the benefits VPNs offer. VPNs represent the next step in enterprise network technology. Just as frame relay is a more cost-effective alternative to private lines for many users, VPNs once again reduce costs for wide-area networking.
Read the white paper
IPSec vs. SSL VPNs for Secure Remote Access
This white paper provides an overview of the differences between SSL VPNs and IPSec VPNs, and explains why SSL VPNs are ultimately a better choice for secure remote access.
Read the white paper
Six Tips for Choosing the Right SSL VPN
SSL VPNs are rapidly becoming the remote access solution of choice for many organizations. Marketplace issues are driving the need for clientless access, proven security, easy deployment, and simpler administration than IPSec VPNs can offer.
Read the white paper
Guide to the TCO of Encryption
Deployment of Check Point data security can reduce the total cost of ownership by half
Read the white paper
Preventing Data Leaks on USB Ports
Pointsec Protector simply regulates access and data for any plug-and-play peripherals
Read the white paper
Theft of Information: A Multilayered Prevention Strategy
Theft of information can result in loss of intellectual property, compromised customer privacy, loss of company reputation, and exposure to regulatory violations. It ranks as a top-three concern for IT groups in the public and private sectors in the United States, according to a 2005 survey by the Computer Security Institute (CSI) and U.S. Federal Bureau of Investigation (FBI).
Read the white paper
MLX: Machine Learning to Beat Spam Today and Tomorrow
As spammers employ increasingly sophisticated techniques to avoid detection by the antispam rules and heuristics currently in widespread use, these simplistic anti-spam solutions have become less and less effective. Clearly, a new approach is needed to defend corporate messaging infrastructures and reclaim email's value as a corporate communications medium.
Read the white paper
HP's Disaster Proof Solutions: Ensuring Application Availability
Research indicates that 36% of enterprises indicate they will incur significant revenue loss or other adverse business impact if they have even an hour or less of downtime on their mission-critical applications. More organizations of all sizes, in all industries and located across the globe, now require applications to be running and data to be always available.
Read the white paper
Building a Solid Network Access Control (NAC) Solution
There's a wide range of NAC options available today from many vendors and industry consortia, including Cisco Network Admission Control (CNAC), Microsoft Network Access Protection (NAP), Trusted Computing Group's Trusted Network Connect (TNC) and others. While these offerings may vary in several respects, the goal of all such solutions is to prevent unwanted users and devices from accessing key network resources.
Read the white paper
Defining the Rules for Preemptive Host Protection: Internet Security Systems' Multi-Layered Strategy
Protecting desktop and server - or "host" - systems has rapidly become a high priority for organizations that want to ensure uptime and the availability of day-to-day business applications. This whitepaper serves to identify common problems associated with effectively protecting host systems and defines the components of a comprehensive solution offering a superior level of host protection.
Read the white paper
Internet Security Systems' Multi-Layered Approach to Stopping Information Theft
Spyware does more than just spy; it records and reports back specific information about the computer it infects. Under the right circumstances, and lacking adequate security precautions, spyware can infect a corporate host system as easily as a PC in a private home.
Read the white paper
Virus Prevention Without Signatures
Too many malcode (malicious code) attacks by viruses, worms, Trojans and the like are breaking through today's most prevalent system defenses - Antivirus (AV) programs. It is time for the next generation of virus prevention. This whitepaper will discuss the full impact of virus disasters and what historically has been done to combat the problem. It will show how ISS' new Virus Prevention System (VPS) represents a quantum leap in preemptive protection.
Read the white paper
Multi-layered Security Solutions for VoIP Protection
As the technology has become more reliable in recent years, companies have been moving to VoIP for a number of reasons. Consolidation of voice and data on one network reduces costs and results in a lower network total cost of ownership (TCO).
Read the white paper
Benefits of Flow Analysis Using sFlow®: Network Visibility, Security and Integrity
This technical white paper provides the reader with an introduction to sFlow® and the network visibility, integrity and security benefits it provides for wide area and very high bandwidth network monitoring. The paper discusses how detailed statistical analysis of sampled packets can provide a comprehensive network view, encompassing both traffic analysis and security, when combined with an innovative comprehensive Network Behavior Analysis (NBA) and Response technology, such as StealthWatch™ by Lancope®.
Read the white paper
The Role of Network Behavior Analysis & Response Systems in the Enterprise
Organizations face escalating security risks and network availability requirements as they open their networks for communications and transactions with key customers, critical business partners and trusted employees. This increasingly ambiguous perimeter along with security policy violations and misconfigured network devices leaves applications, data and systems inside the network vulnerable to rapidly propagating new attacks and insider security breaches.
Read the white paper
An Introduction to Biometrics
Biometrics technology using advanced computer techniques is now widely adopted as a front-line security measure for both identity verification and crime detection, and also offers an effective crime deterrent.
Read the white paper
Using a Network Analyzer as a Security Tool
Network Analyzers are designed to watch the network, identify issues and alert administrators of problem scenarios. This white paper shows how using a network analyzer can enhance network security, which analyzer features are essential for this task and how an analyzer should be a part of any IT professional's security incident response plan.
Read the white paper
Nortel Secure Network Access and Microsoft Network Access Protection Integration
With the ever-increasing need for enterprises to provide endpoint security and policy compliance, Network Access Control (NAC) solutions abound. However, confusion around industry standards, the multitude of NAC vendors and the complexity of the solutions has led to a relatively slow industry-wide NAC adoption rate. In order to increase flexibility, simplicity and comprehensive cross-platform device support, Nortel has worked with Microsoft to provide a joint NAC solution.
Read the white paper
A New Approach to Defeating Spam
Junk postal mail is a nuisance for those who receive it, but it is limited by two important economic factors: a) junk mail costs something to produce and, as a result, b) senders of junk mail must achieve acceptable content-to-customer conversion rates in order to make the sending of their information economically worthwhile.
Read the white paper
Network Security Management
A White Paper on why network context is critical for correlating, managing and responding to security events
Read the white paper
Securing Virtual Private Networks and Web Publishing
The Microsoft® Internet Security and Acceleration (ISA) Server helps provide secure, fast and manageable Internet connectivity by integrating an extensible, multilayer enterprise firewall and a high-performance web cache server. ISA Server helps the enterprise combat increasingly sophisticated Internet-based threats and secure the Windows® environment.
Read the white paper
Implementing a Secure Virtual Private Network
Virtual Private Networks (VPNs) provide a private tunnel through the public cloud to realize cost savings and productivity enhancements from your remote access applications. But being private doesn't necessarily mean a VPN is secure. That's because a VPN is still often protected by nothing more than a weak password. This paper is designed to help you understand the nuts and bolts of VPNs as well as the choices that are available to enhance the security of a VPN.
Read the white paper
Identity & Access Management
A comprehensive Identity and Access Management (I&AM) strategy provides cost-effective user management and enforceable security policies - key to attaining ROI in these competitive times. In this paper, RSA Security takes a closer look at how an effective I&AM strategy is an imperative that can have a direct, quantifiable effect on your bottom-line.
Read the white paper
Leveraging Two-factor Authentication to Provide Secure Access to Corporate Resources from BlackBerry Devices
BlackBerry® devices are becoming ubiquitous throughout the enterprise, as organizations improve employee connectivity and communications. The BlackBerry® Enterprise Solution - designed and manufactured by Research In Motion (RIM) - is a flexible, Information Technology (IT)-friendly solution that provides mobile users with secure wireless access to their enterprise email and critical business applications.
Read the white paper
An Enterprise Perspective on Identity Theft
This white paper explores the scope and roots of identity theft, how enterprises are victimized, and how they sometimes contribute, inadvertently, to the victimization of consumers. The discussion then turns to issues of accountability and "desired outcomes" and describes best security practices for thwarting identity-related crimes, with a focus on RSA Security's identity management and encryption solutions.
Read the white paper
Dude! You Say I Need an Application Layer Firewall?!
This paper describes the evolution of firewalls from the standpoint of the controls that they apply to data and traffic, and explains why the currently accepted "state-of-the-art" firewall really represents a step backwards in most cases for securing perimeters. Over the next decade, it's critical that we thoroughly map the inbound and outbound flow of traffic across our network boundaries with security mechanisms relevant to the traffic.
Read the white paper
Stopping the targeted attack: Why comprehensive malware protection is superior to anti-virus signatures for protecting your organization
This white paper discusses the evolving nature of malware, and why enterprises continue to be highly vulnerable to targeted malware attacks despite deployment of common security solutions like anti-virus software (signatures) and traditional firewalls. Accordingly, the paper describes new solutions designed to be much more proactive and effective in protecting inbound and outbound traffic from malware.
Read the white paper
Securing Web 2.0
The main attribute of a Web 2.0 application is interactivity. What this actually means in reality is that more functionality has been placed on the client-side of the equation, and less on the server, which in turn allows a request to be updated directly in the browser without needing to refresh the entire page.
Read the white paper
Web Application Security and PCI Compliance
In our age of increased information privacy and security requirements, practically every business must take action to secure their Web applications in order to protect the sensitive credit card data that they store, transmit, and receive. This isn't just good business practice. It is being mandated across all industries in the U.S. through the Payment Card Industry (PCI) Data Security Standard.
Read the white paper
Beyond the firewall: The next level of network security
The myth that a firewall alone is sufficient to protect a network has been proven false time after time in recent years, yet many still hold firmly to the belief. The sensational news stories of crippling viruses and stolen credit card numbers fail to mention that almost all of the victims of these attacks had network security - in the form of a firewall - in place. In fact, it's estimated that 80% of network attacks get through or around the firewall (Computer Security Institute).
Read the white paper
The Evolution of NAC and the Age of Complete NAC
No other technology in information security has generated as much interest, discussion, or requests during the past two years as network access control (or NAC). There are multiple reasons why NAC has become the latest solution in keeping our enterprises secure. The first is that the concept behind NAC is simple to grasp. If a device does not meet the appropriate access policy, it should not be allowed access, or only have access to a limited portion of the network. Another reason for the appeal of NAC is the realization that after years of hardening the perimeter, a greater risk to our security comes from the insider threat.
Read the white paper
Passing an information security audit: Targeted reporting for network vulnerability management
Identifying and remediating network vulnerabilities is an effective way to protect yourself from attack. Beyond reaping the benefits of improved security, many organizations are looking to vulnerability management to achieve compliance with security and regulatory audits. Prevailing info security regulations require tight control over sensitive data. Internal and external auditors are demanding to see evidence that the network is secure, and the state of an organization's vulnerability management process is a key barometer.
Read the white paper
IPS vs. IDS: Similar on the Surface, Polar Opposites Underneath
A common notion is that an Intrusion Prevention System (IPS) is nothing more than an Intrusion Detection System (IDS) deployed in-line with blocking capabilities. This paper explains why that notion is incorrect.
Read the white paper
Benchmarking Strategies for Intrusion Prevention Systems (IPS)
Part One: Wired Systems
Read the white paper
Network Intrusion Prevention Systems
Why "Always On" Stateful Inspection and Deep Packet Analysis are Essential to Deliver Non-Stop Protection
Read the white paper
The Critical Importance of Three Dimensional Protection (3DP) in an Intrusion Prevention System
Enterprises without a sound intrusion prevention strategy across the three threat dimensions - undesired access, malicious content, and rate-based attacks - open the door to unacceptable risks and costs, especially from hybrid attacks. Top Layer's unique Three Dimensional Protection (3DP) approach provides the most comprehensive IPS protection for clients, servers, and network infrastructure, while maximizing bandwidth for mission-critical traffic
Read the white paper
Managed Intrusion Prevention Services
Proactive Network Protection
Read the white paper
The Business Value of Identity Federation
Efficiently coordinating and integrating business processes with trading partners in an increasingly dynamic business environment is a complex dilemma faced by most large enterprises. Identity federation and the industry standards that comprise it were invented to address this cross domain, application interoperability challenge. This paper introduces and defines identity federation; the benefits that companies can reap by leveraging it, some use cases that can be enabled by it, the most relevant industry standards and specifications that underlie it and the business issues that must be addressed for identity federation to be successfully delivered at scale.
Read the white paper
Encryption Best Practices: Protecting Backed Up Data
Encrypting backed up data is increasingly becoming a priority, and developing procedures to easily manage encryption helps reinforce your data's security. The encryption types most commonly used, for example to secure commercial transactions over the Internet, are handled without requiring the user to know the encryption key. This kind of encryption, asymmetric encryption that uses a public key authority, is the most commonly used in protecting data.
Read the white paper
Encryption: The Business Case for Protecting Data at Rest
While network and Internet security have been addressed through rigorous authentication and encryption to restrict access to sensitive personal, financial, and medical information, data at rest remains vulnerable. Restricting access to data backups has been accomplished primarily by restricting access to the backup media. Yet a single backup tape might contain millions of credit card transactions, thousands of medical records, and multiple copies of a company's public and not-so-public financial data.
Read the white paper
Enterprise Network Security Architecture Does Not End with an Inline IPS
This whitepaper does not seek to rule out the deployment of Inline Intrusion Prevention technologies but rather encourages their deployment at certain strategic locations focused primarily at the network's edge or "perimeter". For the remainder of the network; high speed, port dense distribution and core areas; the reader is encouraged to consider a "defense in depth" model that involves the use of flow-based behavioral analysis technologies commonly referred to as network behavior analysis and response systems.
Read the white paper
The Role of Network Behavior Analysis & Response Systems in the Enterprise
Organizations face escalating security risks and network availability requirements as they open their networks for communications and transactions with key customers, critical business partners and trusted employees. This increasingly ambiguous perimeter along with security policy violations and misconfigured network devices leaves applications, data and systems inside the network vulnerable to rapidly propagating new attacks and insider security breaches.
Read the white paper
Risky Management Using SNMP v1/v2c
In these times, CISO's (Chief Information Security Officers) are re-evaluating their IT practices and nervously observing that the insecure protocol SNMP (versions 1 and 2c) is still in wide use. Although SNMP v1/v2c was chosen because of its ease of use, simplicity, and low cost, it now poses a threat to the security of the enterprise. It may be worth the risk to continue using SNMP v1/v2c inside secure networks, but it is unacceptable for insecure networks such as DMZ's. In this white paper, we present the benefits and risks of using SNMP v1/v2c and mitigation of those risks.
Read the white paper
Network Security
This white paper will give you a basic understanding of security threats and give you an overview of how to defend your network. It will not make specific recommendations as to what your security policy should be. Every network in every organization has different security needs, and security strategies must be adapted to each specific situation. Because it’s not always easy to distinguish between threats to individual users and threats to networks, this paper will cover the whole range of threats from simple scams to large-scale, denial-of-service attacks.
Read the white paper
Security with the ServSwitch Wizard IP
The ServSwitch Wizard IP is an innovative KVM-via-IP product designed to address the demanding needs of enterprise applications. The requirement for robust security ranks high, and this white paper explains how the security architecture of the ServSwitch Wizard IP fits that need.
Read the white paper