It is imperative for enterprises to protect themselves from potentially harmful traffic. Network security software helps network administrators keep track and neutralize unauthorized access or denial of network resources through phishing, Trojan horses, spyware, worms and other vendor-specific vulnerabilities.
Network security software suites usually contain a number of different technologies. Traditionally, the two major components were firewalls, which were designed to only permit specific protocols and ports, but were essentially ignorant as to whether websites being accessed were malicious.
Secure web gateways were designed to perform web filtering and to block websites that were on a blacklist. The tools tend to be used independently of each other and are used to secure the periphery of a company’s infrastructure.
Recent developments augment these strategies by sharing data across multiple systems and correlating information to better understand potential threats. Next-generation firewalls are able to sniff out malicious packets through “deep packet inspection” techniques. Secure gateways have also become more sophisticated with a focus on web-based virus signatures, not just forbidden URLs.
Another recent development is the emergence of malware sandboxes creating a safe environment where tests can be run on suspicious data.
The advent of the BYOD era has also brought more reliance on network access control software to protect the network internally by making sure that devices identify themselves on the network which can regulate access rights.
Network security management covers a variety of different technologies making it difficult to make general statements about pricing. Firewall devices have a broad range of costs depending on the complexity of the environment. Firewall appliances start at around $100 or less, while enterprise firewalls can cost over $25,000. Pricing structures vary, but a common approach is tiered pricing by the number of users. Secure web gateway pricing takes a similar approach.
Cisco routers support secure, reliable enterprise connections. These enterprise routers help users implement an intent-based, future-ready WAN that is constantly learning, adapting, and protecting. Deploy routers for the branch, cloud, co-location, or the data center with any type of connectivity...
FireMon's Network Security Policy Management (NSPM) platform gives security and operations teams automated visibility and analysis for network security devices. FireMon's web-based UI allows users to dissect their network security policies, locate compliance failures, and assess security vulnerab...
Metasploit is open source network security software supported by Boston-based Rapid7.
Symantec Advanced Threat Protection is a single unified solution that uncovers, prioritizes, and remediates advanced attacks. The product fuses intelligence from endpoint, network, and email control points, as well as Symantec’s massive global sensor network, to stop threats that evade individual...
Darktrace, from the global UK-headquartered company of the same name, is network security technology.
The Qualys Cloud Platform (formerly Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to prov...
Sourcefire SNORT is network security software, acquired (and now supported) by Cisco, since 2013.
FireEye, from the company of the same name in Milpitas, California, offers the FireEye Security Suite, a threat detection and antivirus application encompassing FireEye Email Security, FireEye Network security, and FireEye Endpoint Security. Finally, the Suite includes FireEye Helix as a security...
ProtectWise, from the Denver-based company of the same name, is network security software.
Qualys Private Cloud Platform is the on-premise version of the Qualys Cloud Platform, from Qualys in Redwood City. The platform is designed for entities with strict data sovereignty rules, to patch and reduce enterprise network vulnerability while providing compliance with data security policy.
IOS Security from Cisco is network security technology.
The Symantec Encrypted Traffic Management solution (formerly from Blue Coat Security) delivers encrypted traffic management solutions providing comprehensive, policy-based visibility and control over encrypted traffic, maximizing its benefits and minimizing its risks. According to the vendor, Blu...
ZeroFOX is a security tool for social media & digital security across social, mobile, web and collaboration platforms.
Indeni aims to make it easy to manage the infrastructure of digital businesses. With Indeni Knowledge and Indeni Crowd companies can create an infrastructure that is adaptable to change. The product offers a deep set of integrations to critical devices, built-in automation, and remediation instru...
Netrounds, from the Swedish company of the same name, is network diagnostic, security, and performance monitoring software.
San Jose-based Vectra Networks offers network security software.
Guardicore from the company of the same name is network security software.
Area 1 Security is network security software, from the company of the same name.
DB Networks DBN 6300 is network security technology, from DB Networks in Carlsbad, California.
Tempered Networks is network security technology from the company of the same name in Seattle, Washington.
vSecurity from software company Catbird in Scotts Valley, California, is a virtualization and network security option.
Savvius Vigil, from Savvius in Walnut Creek, California, is network security software.
DataDome is designed to automatically detect bad bots from human/good bot traffic. Dashboards & real-time alerting allow users to keep an eye on traffic quality, precisely analyse bot activity and define/adjust blocking or filtering actions against bots, so as to regain control over their web...
LANGuardian from Irish company NetFort Technologies is network security and performance monitoring technology.
SecPod Saner endpoint security solution provides continuous visibility and control for all endpoints. It proactively remediates risks and detects and responds to threats. Saner combines endpoint vulnerability, patch and compliance management with endpoint threat detection and response into one ea...