Documentos de Académico
Documentos de Profesional
Documentos de Cultura
1.Overture
2.The Security Threat
2.1 Viruses Attack Vital Resources
2.2 Beyond the Desktop
2.3 Gateway Security
3. The Effective Security Solution
3.1 Clustering for Gateway
performance
3.2 Antivirus Clustering in Practice
3.3 Vectoring Configuration
3.4 Gateway / Proxy configuration
3.5 Split Gateway / Task specific
clusters
4. Stone Beat Antivirus – A Virtue
4.1 Introduction
4.2 Gears
4.2.1 Hardware
4.2.2 Software
4.2.2.1 SecurityCluster
Module
4.2.2.2 Management GUI
4.2.2.3 Configuration GUI
5. Conclusion
6. Bibliography
Source: Information Week Global Information Security Survey of 2700 Security Professionals, July,
1999
Gateway Security
The largest challenge facing IT managers regarding
virus security, particularly in large networks, is the response
time required to update all of the networks PCs when a new
virus outbreak occurs. When a threat like the “Love Letter”
virus can spread around the world in less than one hour, the
time required to update all networked PCs is completely
inadequate. And such an inadequacy can cost a business
millions of dollars in damage. On the other hand, a hand full
of Internet and e-mail gateways can be updated in a matter
of minutes. With the gateways monitoring all inbound traffic
for potential threats, the desktop update process can take
place to provide protection from the floppy disk or CD-ROM a
user may receive tomorrow from someone with an infected
system. IT managers need to have a complete antivirus
security solution, but with the numerous virus outbreaks that
have occurred recently, it is clear that they must implement
security systems that give them the control and the ability
to respond in a major disaster situation. The gateway has
Vectoring Configuration
A typical vectoring configuration places the antivirus
solution security server in the DMZ, just behind a firewall
(Figure 3). In this configuration the firewall sends any
potentially harmful content or malicious code to the
VirusWall for inspection before passing it on. Utilizing a
Security Cluster - 10 -
dedicated communication protocol established between the
firewall and the VirusWall.
Security Cluster - 11 -
Figure 4: Security Servers in a Proxy Configuration
Security Cluster - 12 -
firewall and the virus wall from using any additional
protocols for inter-communication.
Security Cluster - 13 -
Stone Beat Antivirus – A Virtue
Introduction
Extensive network security requires the use of different
types of security servers: e.g. anti-virus gateways, URL
filters and Java and ActiveX filters. These are deployed
together with the firewall. The high availability and
throughput capacity of firewalls is not an issue, thanks to
StoneBeat FullCluster that is used to cluster them. However,
security server throughput capacity has not scaled up
together with the firewall throughput capacity. Now,
StoneBeat SecurityCluster offers the same clustering
Security Cluster - 14 -
features for security servers that StoneBeat FullCluster
offers for firewalls.
Security Cluster - 15 -
Figure 2 A StoneBeat SecurityCluster security server used in conjunction with
firewalls
Gears
Hardware
StoneBeat SecurityCluster security server includes two
to sixteen standard security servers and an additional
control workstation for security server management. All
security servers have similar interfaces to the Internet with
the same IP and MAC addresses, respectively. Support for
multicast MAC addresses enables the operation in switched
Ethernet, while unicast MAC addresses can be used in
shared Ethernet. Standard security servers are
interconnected with one or two heartbeat links. The IP
address of the first heartbeat interface is used to identify the
security server. This heartbeat and control interface has a
unique IP address and is used also for management
purposes, e.g. StoneBeat GUI and security server
management use this address to communicate with each of
the security servers. A dedicated interface for heartbeat
ensures the communication between the firewalls even
Security Cluster - 16 -
under heavy network traffic on the internal and external
segments.
Software
All systems in StoneBeat SecurityCluster security
server run the security server software and StoneBeat
SecurityCluster Module. The security servers are managed
from a control workstation.
Security Cluster - 17 -
server. Additionally the StoneBeat SecurityCluster Module
contains an SNMP Agent that can be used to integrate the
monitoring of StoneBeat sites to a Corporate Network
Management System like HP OpenView.
Security Cluster - 18 -
WIN32 configuration GUI can be used on Windows NT and a
console configuration utility is available on all supported
platforms.
Conclusion
Security Cluster is an initiative that allows computer
networks to secure their networks against viral infections.
Although the concept is being in its infancy, it matures
successively and fights with viral demons and marches towards
the winning post of unending secured journey.
Bibliography
www.mobilewhitepapers.com
Security Cluster - 19 -
www.stonebeat.com
www.trendmicro.com
Security Cluster - 20 -