Wednesday, June 27, 2012

BeSecure NDP-VM


The BeSecure NDP-VM ($5,000) virtual appliance is a secure Web gateway from Wedge Networks. The company's BeSecure line offers network administrators basic firewall capabilities such as port routing for protocols, but the main focus of the appliance is to inspect network traffic, identify suspicious packets, and block malware and offending content from reaching the endpoint. Administrators worried about Web threats and malicious emails can look over the BeSecure product family and take advantage of flexible deployment options, easy-to-configure security features, and detailed logging capabilities without breaking the bank. The NDP-VM is available as a dedicated hardware appliance or as a virtual machine. While I reviewed the virtual appliance, the experience is supposed to be the same regardless of the type of appliance deployed, virtual or hardware.

Who's it for?
BeSecure can perform real-time analysis of thousands of Web sessions and email traffic to protect the network as well as control access to certain Web content based on keywords.While knowing what is happening on the network is important, small and midsized businesses tend to have less complex networks and may not always be willing to shell out for security.

The only difference across various appliances is the box's processing capability. BeSecure NDP-1005D, the entry-level hardware appliance can process 100,000 email messages and a million HTTP requests per hour for more than a hundred concurrent users. The NDP-1005D is priced at $5,080. The virtual appliance I looked at, BeSecure NDP-VM, would come out to about $5,000 for an SMB customer. Wedge Networks also offers a cloud service, the Wedge Stargate, which provides the same protection for only $20 to $50 per person per year.

Large organizations would pick an appliance that matches the number of users and expected traffic. Businesses that have dipped their toes into the virtualization pool would find the virtual appliance a breeze, especially since there's no extra hardware investment required. The BeSecure NDP-VM is generally suited for businesses with about 100 people to 2,000 users. Businesses with fewer user would be better suited to try the Wedge Stargate cloud service.

WedgeOS
WedgeOS is the deep content inspection platform developed by Wedge Networks and the heart of the technology powering the BeSecure appliance. When booting up the BeSecure appliance, I could see the base modules for Fedora 12 loading, and the WedgeOS console launched after I logged in to the system.

The custom WedgeOS software doesn't look at just the network packets when scanning traffic. The Deep Content Inspection technology identifies the context in order to identify whether the traffic is legitimate or truly malicious. The Web gateways are designed to recognize digital objects, documents, images, and scripts when analyzing Web, email and other types of network traffic. It can extract files from archives, binders, packers, and scramblers to inspect all the components for malware.

WedgeOS identifies packets that were part of a malicious payload and then reconstructs a copy of the payload for analysis. It also scans the payload using a traditional signature-based scanner, a heuristic scanner, and an anti-spam filter. When malware is found, the user is blocked from reaching the website and a customized warning message is displayed in the browser.

Deploying the Virtual Appliance
Since the software handles all the filtering and inspection, the experience is expected to be the same whether the appliance is hardware-based or virtual. I reviewed the BeSecure NDP-VM virtual appliance.

NDP-VM is available as a VMware image. It's possible to install the virtual machine on VMware's ESXi Server 4 using vSphere 4, but VMware Player and VMware Fusion is also supported. Player is a stripped down version of VMware's virtualization platform with limited management capabilities. The accompanying QuickStart Guide provides step-by-step instructions for installing the appliance.

Deployment was just a matter of downloading the virtual machine from Wedge Networks. Customers would receive the package from either Wedge Networks or a certified reseller. After importing the appliance into the platform, I configured the appliance to use unique virtual networks for the appliance's network adapters. The virtual networks would make it possible for other virtual machines on the platform to connect to the BeSecure appliance using the Ingress port ?in transparent bridge mode. Ingress refers to a virtual port used for incoming traffic; Egress ports handle outgoing traffic.

The transparent bridge code also meant the appliance could see VLAN information and MAC and IP addresses associated with the network traffic.

I was surprised at how lightweight BeSecure was, as I could run the virtual machine in VMware Player on a small HP server. Wedge Networks recommended having 4 GB of memory for BeSecure, but it appeared to work just fine with just 2 GB on my test machine. I was able to run other virtual machines on Player and bridge them to BeSecure so long as I had sufficient physical memory on the server.

I also had the option to configure the appliance to see other machines on the network?not just virtual machines?in router mode. After setting up the appliance, I just made sure each endpoint was pointing to the appliance's IP address as the network gateway. In router mode, I could route physical and virtual machines on the same network to pass through BeSecure NDP-VM before reaching the Internet.

However, Microsoft's Hyper-V is not supported. Wedge Networks assured me that adding support for Microsoft's virtualization platform was on the roadmap. The team actually built a Hyper-V image for me to test with, but we ran into some issues tied to the way Hyper-V manages physical resources.

philadelphia marathon rhodes scholar cranberry sauce recipe mls cup amas 2011 black friday elliot

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.