Protecting your business network against hackers and crackers interested in stealing critical data, remains at the top of the to-do list of many small businesses. Experts agree that a multi-layered approach is the best defense, i.e., using more than one solution to plug a variety of security holes. For example, adding a hardware firewall on your network and installing software firewalls on the individual desktops.
Intrusion attacks assaults on your servers from the outside world designed to crash your company's networks, usurp its computing power or steal passwords or customer credit card info can be particularly damaging.
Network appliances can help fight this scourge, but even the more affordable products from companies such as V-Secure its low-end appliance starts at $10,000 are priced beyond the budgetary means of many SMBs.
|Click here for a larger, actual-size image.|
Arxceo, a Huntsville, Alabama-based company specializing in network intrusion prevention technologies, recently announced the Ally ip100, a product that it says protects your company from intrusion attacks such as denial of service, DNS cache poisoning and spoofed traffic and prevents hackers from probing your network for potential vulnerabilities. The small device, which oddly enough resembles a stapler, costs $895.
The company says that the Ally preemptively protects networks against hacker and cyber thieves and even zero-day attacks newly minted exploits that are unknown to the public and, consequently, the most difficult type of hack to protect against.
Security companies typically rely on what's called anomaly and behavior-based technology to fight zero-day attacks. In basic terms, the technology detects behavior that resembles buffer overruns and other kinds of common hacks to stop trouble before it starts. In a public statement, Arxceo's CEO, Donald Davidson, recommends that companies add this type of behavior-based technology to their network defense plans because "signature-based approaches are not enough to stop zero-day attacks."
The Ally is what Chandler Hall, the company's vice-president of marketing, calls an anti-reconnaissance product in that it keeps outsiders from probing and cracking into your network. "Ally includes a patent-pending technology called Tag-UR-IT that prevents hackers from gaining access to your network and scanning for ways to exploit it," he said.
Hall added that malicious hackers use automated tools to probe and attack networks in order to find out what you have behind your network firewall. "They're typically trying to find three things: the operating system and specific versions your servers use, the servers' IP address and port numbers and the names and versions of applications on the servers. Once they have any of that information, they can look up known exploits that will let them crack into your server to record keystrokes or to access credit card numbers and passwords."
According to the company, the Ally augments your network's firewall. Geographically speaking, it sits between the hardware firewall and the Internet and supports up to 100-megabit throughput. Hall said another option is to place the Ally between your network and a wireless access point so that mobile users can wirelessly access your network and remain protected. Arxceo claims the device provides the same Enterprise-level protection found in its gigabit products.
"The vast majority of small businesses connect to the Internet at less than 100 megabits," said Hall. "A DSL connection provides about 1.4Mbit throughput on the downstream side and a cable modem hits about 2.8Mbits. By offering a 100-Mbit product, we're making anti-reconnaissance, anomaly and behavior-based attack prevention affordable for small businesses."
Lauren Simonds is the managing editor of SmallBusinessComputing.com
|Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!|