Hacker Wars - Episode Five: Interop Conference 2008 (New York, NY, USA)

Submitted by Bruiser on Sun, 09/21/2008 - 5:47pm. 

Once again Bruiser made the trek to Interop 2008 in New York, NY using super-sniff-sense to find out where the next big thing in Network Security could be found.

(...)

Drawn to the aroma of fresh network security technology, Bruiser made it over to Norman’s booth. Haven’t heard of them? No surprise. They don’t market the most of us but if you are using any major vendor’s anti-virus solution, they probably use the Norman Sandbox to learn about zero-day Malware and build signature tests. Still, I hate to give up my CPU on my laptop to let it download signature after signature test trying to scrub and scan and keep up with the worst of the worst malware. If only there were a way to offload this to a server? Hmmm…..Enter NNP. Woof! I’d trade a fresh milky dog bone biscuit for one of these.

Yes, the product that really made Bruiser’s day is the Norman’s Network Protection appliance (NNP). This product is an in-line technology that identifies and blocks malware traveling in and out of your network. What makes the product so impressive is that it does not delay your traffic using a traditional proxy based method of scanning for malware. The packets are duplicated in NNP and the originals are passed through the system to the destination in real time. As soon as something malicious is found, the communication is stopped, causing the destination client to discard all data from the transmission. Now if I just kept my laptop safe and sound behind one of these puppies, I’d never have to spend time in the pound, getting a cleaning and scrubbing from CPU intensive virus scanners.

As the malware problem increase, it’s becoming vital to have some additional layer of defense to compliment host based antivirus engines. Unlike most of the network-based solutions I’ve seen, the NNP seems to be the only appliance to reduce the impact on network and host performance. The plug and play nature of an inline product results in almost instant setup for securing many puppies in the pound almost instantly.

Not only does NNP use Norman’s award winning signature based scanning engine, but also boasts the proactive Norman SandBox technology. The power of the SandBox and the malware tools Norman has build around the technology is amazing. Even if you’re not in the market for malware related products, I highly recommend stopping buy Norman’s booth at their next tradeshow pit stop just for the demonstration of Norman’s SandBox Malware Analyzer tools and Network Protection technologies. I was always afraid to click my paw on “VIRUS.EXE” until I learned about how to do it in a Sandbox. And I thought sandboxes were for cats, like my friend Spencer. For more information, visit http://www.norman.com.

On this year’s trek to the big apple, after wandering through hundreds of booths looking for goodies and market makers, my picks this year to watch from Interop are Avocent, Meru Networks and of course Norman. That’s it for the Bruiser trip report – back to the puppy playgroup. Woof!

Read the full blog from Bruiser (opens in a separate browser window)