NCJ Number
206165
Journal
Law Enforcement Technology Volume: 31 Issue: 6 Dated: June 2004 Pages: 74-78
Date Published
June 2004
Length
5 pages
Annotation
This article discusses the importance of firewalls and intrusion prevention systems to safeguard law enforcement data and describes several products on the market.
Abstract
Using a firewall or intrusion prevention system is critically important to thwarting cyber attacks. The Orange County Sheriff’s Office uses the Cyberguard KS1500 firewall to protect its computer data. Cyberguard’s features include multilevel security and mandatory access controls, a graphical user interface, and “hybrid” architecture that allows users to customize the firewall to their specific needs. Technology staff at Orange County described the system as quick to configure and low maintenance. Computer protection should not stop at firewalls, however. Firewalls are limited by their inability to look at traffic content, which is where intrusion prevention systems (IPS) come in. IPS’s detect and block abnormal patterns of network traffic, potentially stopping Web-based attacks that firewalls allow through. StillSecure’s Border Guard IPS is described as a user friendly package that describes threats in layman’s terms. Another StillSecure product, Vulnerability Assessment and Management (VAM), automatically scans a network to determine vulnerabilities. A product that combines six features, Secure Enterprise by Sygate Inc., is described. Among its features are adaptive protection capabilities, an intrusion prevention system, a managed personal firewall, enterprise police management, universal enforcement, and automatic remediation. Secure Enterprise was specifically designed for an investigative environment in which the network is accessed from remote environments. It is imperative for system administrators to stay up to date on security industry developments.