Firewalls no longer a barrier to hackers

The firewall is losing ground as the ultimate hacker shield, and network managers are turning towards monitoring traffic to protect their networks from external and internal attacks.

The firewall is losing ground as the ultimate hacker shield, and network managers are turning towards monitoring traffic to protect their networks from external and internal attacks.

A modern intrusion detection system (IDS) monitors traffic inside networks, stops anything that fits an intrusion signature and logs unusual database investigations.

Security companies CyberSafe and Network ICE have launched CentraxICE, a hybrid of their host-based and network IDS systems. The product uses protocol analysis techniques instead of simple packet comparing, offering sensitive host sensors and flexible auditing functions.

IT security company Artican Integralis have tested CentraxICE, and Richard Walters, product manager for intrusion detection at the company, said: "At full load, a third of packets are missed in IDS systems from Internet Security Systems and Cisco. At 100 per cent load, CentraxICE still counts all packages."