 Due to the nature of new security threats, more offices are getting infected with malware. Malware programs generally can bypass regular anti-virus and enter the systems through user intervention. Once installed they are difficult to remove and can cause extensive damage to data and systems in a short period of time. This is why we no longer support the deployment or management of networks without a proper seurity gateway.
Background:
The viruses/threats I am referring to are forms of malware/adware/extorsionware/spyware/etc that are generally installed by the user - unknowingly. No matter what anti-virus your un (TrendMicro/Kaspersky/Norton/McAffee/AVG/etc) most cannot stop and clean the infections because they are user initiated. They can alert and try to contain them, but generally it is too late. The result is a few hours in billable time spent on clean-up.
What is different now?
New threats, like the XP Antivirus 2008, will hurt your organization with just one infection. Once a user - inadvertently - installs the malicious program it will begin spamming. Whether you catch it immediately or not, the software will get a chance to broadcast spam messages which WILL be intercepted by spam traps. Spam traps are designed to weed out distributors of spam and stop their mail-servers from delivering mail. As a result, your mail server will become blacklisted within 24 hours and your office communications with the rest of the world will be crippled. After the infection is contained you will be able to de-list but it is a manual process and can take up to 7 days to complete with some spam-lists.
What can I do about it?
In my view it is no longer an option to risk exposing a network to such threats. Each outbreak can easily cost a firm $375 (3 hours at $125) of networking time to resolve. The key to stopping these from spreading is to intercept the malicious code at the internet gateway, and prevent the packets from ever reaching computers inside. Business-class routers with deep packet inspection can do just that. Your existing antivirus is still important, but it will not handle these threats effectively.
Business-class routers/Deep Packet Inspection?
They are popular and come in all sorts of prices and flavors. My approach is simple: affordable and complete protection. For me, this means a SonicWall TZ190 TotalSecure. They are easy to deploy, cost $995 with a 1 year subscription and $295 each year after that in maintenance. They will check traffic as it flows into your network and stop packets with malicious code before reaching your computers. However, if you have more than 25 users, you will need a bigger router, the TZ190's will be working hard to keep your office safe, and going past 25 users will slow them down drastically.
What should I do now?
You saved about $1000 a few years ago by buying a basic router. Hopefully that $1000 helped you do other things, maybe even made some cash for you in the process. Now it is time to invest it into some hardware. Odds are you will surrender a chunk of it to a malware infection; get a head start and buy something tangible with it. Give us a call today and we'll order, configure, and deliver your network security appliance.
What are my Choices?
There are many solutions on the market, but we've narrowed our preference to TWO: Calyptix Access Enforcer and SonicWall TZ190 TotalSecure. Both offer similar levels of protection with minor differences. Costs are as follows:
| Item |
Price w/ 1Year |
Annual Mainteannce |
| SonicWall TZ190 Total Secure |
$995.00* |
$ 295.00 |
| AccessEnforcer 10 User |
$995.00 |
$ 495.00 |
We prefer the Calyptix AccessEnforcer on many levels but recognize that some firms can benefit from the SonicWall TZ190 and save a few hundred dollars each year. They are both exceptionally good products with minor differences. Moreover, because of different distribution channels, SonicWall devices tend to have discounts.
However, here is a breakdown of features:
AccessEnforcer:
AccessEnforcer™ is a scalable foundation for the patent pending process that Calyptix Security calls its Internet Defense Force™. The Internet Defense Force leverages the real timedetection and analysis of distributed network data to provide scalable Internet security without signatures.
AccessEnforcer™ protects the data on your network from spying eyes by blocking harmful websites and content. Most spyware enters a network via non-work related web downloads or Peer2Peer connections made by employees. Now you can safely and effectively restrict web surfing to strictly business-only content and avoid the costly downtime associated with web browser related cleanups.
AccessEnforcer™ employs a stateful deep-packet inspection firewall to analyze both incoming and outgoing traffic. It examines multiple layers (layers 3-7) of data traffic at a company's gateway for all malicious attacks and blocks even the most insidious attacks (including stealth fragmentation attacks) before they reach the company's internal network. Prevent Denial-of-Service Attacks, Distributed Denial-of-Service Attacks, Spoofing, and Scans at the gateway level.
AccessEnforcer™ provides a web filtering solution that will not only fulfill your business needs, but will also fit your budget. Increase the productivity of your personnel, improve work habits of your team and enhance the performance of your network by reclaiming your bandwidth.
AccessEnforcer™ provides a web filtering solution that will not only fulfill your business needs, but will also fit your budget. Increase the productivity of your personnel, improve work habits of your team and enhance the performance of your network by reclaiming your bandwidth.
AccessEnforcer™ comes complete with a powerful network Intrusion Prevention and Intrusion Detection system - using the same technology currently being utilized by government and military organizations. Backed by the powerful OpenBSD PF firewall and Snort®, the AccessEnforcer IPS/IDS is dedicated to stopping intruders before they compromise your data. Within minutes of installing AccessEnforcer, our customers report stopping attacks their older firewall could not even detect.
AccessEnforcer™ gives you the ability to block all incoming and outgoing Instant Messages on your network. You can block all or one of the following with the click of a checkbox. It's that simple.
AccessEnforcer™ makes setting up a dynamic or static key VPN a breeze. Our extremely easy to use web interface even has a built in VPN wizard to make setup as simple as possible.
 Additional info about the TZ190 TotalSecure:
The TZ190 TotalSecure is a series of routers with new SKU's for almost ever year they have been around. We currently offer the latest release of the product. The all-in-one solutions remove the complexity associated with choosing between a host of point products and add-on services by integrating everything you need into a convenient, affordable package.
SonicWall TotalSecure combines a high-performance deep packet inspection firewall and dynamic security services to keep your network safe from viruses, spyware, worms, Trojans and more. Even before new threats are identified, TotalSecure solutions are automatically updated with signatures that stop attacks before they can enter your network, ensuring around-the clock protection.
The SonicWall TotalSecure 3G Wireless is a complete high-performance network security platform delivering multi-threat protection and secure 3G broadband network access in an easy-to-use, low cost solution. Combining a deep packet inspection firewall, integrated gateway anti-virus, anti-spyware, intrusion prevention, content filtering and 802.11b/g Wireless LAN access along with type II PC card based 3G wireless broadband support, the TotalSecure 3G Wireless delivers comprehensive security for wired and wireless networks. The foundation of the TotalSecure 3G Wireless is the TZ 190 Wireless which enables organizations to establish secure 3G wireless broadband network access instantly without the need for a fixed Internet connection.
Included with the TotalSecure 3G Wireless is a SonicWall deep packet inspection network security appliance, a one-year subscription to SonicWall Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, a one-year subscription to SonicWall Content Filtering Service Standard Edition, a one-year subscription to SonicWall Dynamic Support 24x7 and a license to use Sonic Wall's ViewPoint reporting software. |
Networking for Small Business 
