July 01, 2003
- Ease of Use:
- Value for Money:
- Overall Rating:
Easy-to-use browser-based set-up. Fast installation.
Slow to navigate through. Needs a lot of configuration to work effectively.
Good prevention system suitable for the medium-sized company upwards.
Most of the products tested in the round up for this Group Test have been primarily aimed at the larger enterprise, as they tend to have the largest pockets and more need for protection. Barbedwire Technologies aims at the more modest-sized organization with its STAR Engine intrusion prevention product.
This is not to say that the product cannot handle being in a large network infrastructure environment, just that the relative price and ease of use makes this product a good bet for smaller firms in need of something suitable to defend themselves against attacks.
The package operates on a customized PC running Linux. The system is installed out of the box and we got it running in no time.
After logging into the box via the monitor and keyboard ports to change the password and the network interface values, we fired up a browser on our test server.
The browser-based console is well designed and laid out, and there are lots of things to configure before this system becomes fully operational.
One criticism that can be laid against the system is that it is relatively slow to navigate around the console. Surfing to different pages should really be instantaneous when you consider that the box is on the same network segment as the server from which we were browsing. The company says the bug that caused this particular problem has been fixed in the new version of its full product release.
The STAR Engine comes with a firewall, but our main concern and interest lies with the intrusion detection console. Here there are two sensors at work and both have an initial set of rules pre-configured. While no IP addresses need to be entered for the IDS to work (it uses stealth network sensing), it has to know what network traffic to look out for. This is entered under the network setting tab.
There was quite a lot of pre-configuration to do before the testing took place, such as filtering out false alerts so the system was not flooded with false positives.
Once up and running we scanned the system using Nmap and Nessus. The system detected them both and alerted us. As blocking rules were applied on the system, it shut off any attempt by us to compromise the system.
On the whole this product works well and should be a good starting point for security in the medium-sized enterprise. Although there was virtually no installation needed, the time taken to configure the IDS was longer than anticipated. However, once up it proved its worth.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Microsoft update left Azure Linux virtual machines open to hacking
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry