Stories by Joel Snyder

Joel Snyder's image

Cisco impresses with first crack at next-gen firewall

When we tested next-generation firewalls last May, at least one important security vendor wasn't there: Cisco, because they weren't ready to be tested. Now that the ASA CX next-generation firewall has had a year to mature, we put the product through its paces, using the same methodology as our last NGFW test.

Joel Snyder | 17 Jun | Read more

Splunk explains it all

If there's gold in log files, Splunk, Inc's Splunk will help you to find it. Splunk bridges the gap between simple log management and security information and event management (SIEM) products from vendors such as ArcSight, RSA, Q1 Labs, and Symantec.

Joel Snyder | 26 Sep | Read more

What is a next-generation firewall?

If there is a simple way to describe the difference between a next-generation firewall and a traditional firewall, it is "more detailed controls." In firewall terms, people talk about "widening the 5-tuple."

Joel Snyder | 22 Aug | Read more

Vulnerability analyzers offer Web scanning as an option

Web scanning is different from vulnerability scanning because it looks for bugs in the Web apps themselves, rather than in the software installed on the Web server. For example, all of the vulnerability scanners told us about an old embedded system on our network vulnerable to a cross-site scripting attack because of an old version of PHP. 

Joel Snyder | 20 Jun | Read more

How we tested vulnerability analyzers

We developed a test methodology and evaluation criteria in six main areas, including results reporting, product controls and manageability, scan results, vulnerability workflow features, interoperability, and updates and protocol support.

Joel Snyder | 20 Jun | Read more

Securing endpoints in SSL VPNs

As an avowed IPSec zealot, I generally recommend the technology for remote access. But the SSL VPN vendors have been building such great technology that there are now places where SSL-based remote access is clearly a better choice than IPSec. One of the best places for SSL VPNs is in the ad hoc environment -- places where your employees want to connect but would have to use someone else's computer, such as in an Internet caf‚ or at their brother-in-law's barbecue.

Joel Snyder | 21 Dec | Read more