Scenario 1 and how we tested
Scenario 1
Company: Drake Industries
This professional services company wants to install firewalls on all executive notebooks and all PCs that store confidential information.
Approximate budget: Open.
Requires: Firewall software for 50 users.
Concerns: Keeping the data secure is the key factor in making a choice. Installing and maintaining the software on so many PCs would be time consuming, so the company is interested in the ability to remotely deploy and manage the firewalls.
Best Solution: The choice for Drake Industries would depend on its current infrastructure. If the company needs a complete security system, Check Point may be the way to go, for a fully integrated, whole of business approach. If it needs to revisit its antivirus control at the same time, Symantec may well be a good integrated solution. If the budget is tight and antivirus is in place, it is very hard to look past the McAfee Desktop firewall with ePolicy Orchestrator to manage it.
Just focusing on the firewall aspects, McAfee seems like the company's best choice, but Zone Alarm Pro would also be a serious contender.
How we tested
The software was installed on a typical system, an Excel 2700C Notebook with a 1GHz Pentium III processor, 256MB of RAM, running Windows 2000 SP2.
We conducted two tests to assess the software's ability to prevent attacks from outside:
- The system was port scanned using nmap v3.00 with fingerprinting. This reveals if any TCP or UDP ports are visible to the outside world, which may then be attacked.
- A ping flood attack was launched at the system using a program called jolt2.exe. This determines how vulnerable the system would be to a denial-of-service attack.
We then ran a series of basic client functions:
- Connect to a Windows share
- Browse some Web pages
- Read e-mail with a dedicated client
These tests determine the firewall's ability to detect and block software on the tested PC connecting to the outside. This is to prevent Trojans or other malicious code from sending data on the PC to the outside world, or from using the PC as a launch-pad to attack others systems.
Interoperability was based on the clients that the systems would run on and some of the management features available.
Futureproofing was based on the user friendliness and configurability of the systems, as well as their potential to be managed in a large environment.
Return on Investment was based on features of the software balanced against the cost (both software and deployment).
Service was based on documentation and support available.
About RMIT Test Labs
RMIT IT Test Labs is an independent testing institution based in Melbourne, Victoria, performing IT product testing for clients such as IBM, Coles-Myer, and a wide variety of government bodies. In the Labs' testing for Technology & Business, they are in direct contact with the client supplying products. Their findings are their ownâ€"only the specifications of the products to be tested are provided by the magazine. For more information on RMIT, please contact the Lab Manager, Steven Turvey, at stevet@rmit.edu.au.
Subscribe now to Australian Technology & Business magazine.
