Network security is one of those topics where everyone has an opinion, but there’s no way to know what’s right until you try it. We’ve tried to alleviate the need to frantically practice trial-and-error on every last network security product for the enterprise by polling IT Knowledge Exchange members. And here’s what you had to say:
Technochic’s company recently switched from Symantec Antivirus to Endpoint Protection, and they’ve experienced greater control over server and client security. Another swapout her company made was for BlueCoat from Websense. Technochic praises that they “can now pinpoint not just what computer accessed what site, but also what user on that computer. The more details, the better!” Is your company looking for more details about the actions of network members, or do you prefer to have the minimum amount of data to keep track of when it comes to user activity?
Rechil recommends several tools, depending on your OS. For Windows, he prefers MWAV, an emergency-based tool, and Nmap, a free, open-source network mapper great for security auditing. He cautions that you should have adequate knowledge for proper configuration of built-in firewalls. He had nothing but great things to say about the built-in tools with Linux, stating confidently that, when configured properly, Linux firewalls are sufficient against the notably less-than-Windows security threats.
Carlosdl’s company is using McAfee Antivirus, moving from Symantec due to budget constraints. The switchover started out rocky:
We moved from Symantec a couple years ago because of budget restrictions, but during the first week with McAfee a virus infected one client machine and it propagated to the whole network quickly, to the point of taking our main database server and a couple of other servers down.
Further investigations revealed that the EPO server wasn’t configured properly by the vendor representative when he installed it. Once corrected, we haven’t had other similar incident til now.
Carlos reiterated Rechil’s support for Linux’s IP tables firewall, which his company adopted after “thousands of connection attempts (a brute-force attack) to one of our Linux servers that was running an ftp server.” For vulnerability scanning, he liked Nessus, though he advices extreme caution when performing scans on production machines: “One of the first times…I ran a heavy scan on a production server that was running a VoIP application and it degraded the server’s performance to the point that it was almost going down, so the scan had to be stopped immediately.”
Finding the right network security tool can make you feel like Goldilocks sometimes, too, as Jinteik experienced with Panda’s IPS and antivirus. According to him, the antivirus program caused server crashes and the IPS needed ample restarts to fix GUI display problems. Unfortunately, their chance to save face and keep a customer fell flat as well, as Jinteik described their technical support as “not that strong and not helpful.”
Have you had a different experience with some of these networking tools than your fellow IT Knowledge Exchange members? Let us know in the comments section or feel free to send an email at Melanie@ITKnowledgeExchange.com.