Windows & .NET Magazine Security UPDATE--May 28, 2003

1. In Focus: Security Tools: Everybody Has Favorites

by Mark Joseph Edwards, News Editor, mark@ntsecurity.net

Handling information security is a tedious task. Having decent tools at your disposal makes the job easier to accomplish. Of course, some tools are more valuable than others, depending on the tasks at hand.

You probably use some of the many security tools available today--to secure cross-network communication links, network borders and segments, servers, workstations, mobile devices, data storage systems, forensics, and more. Tool developers and vendors tout their wares, but what they say about their tools doesn't always provide enough insight into what a hands-on experience with a given tool might be like.

You've probably found choosing which tools to use in a given scenario a challenge. One must review the possibilities, ask for recommendations, then investigate the most suitable tools to see which might meet a given set of needs. Nevertheless, you probably have a few favorites--depending on which tasks you need to perform.

As a publisher of computing-related information, our publications review tools and present information about those tools in as unbiased a fashion as possible. But we can review only a fraction of the many tools available. At the same time, hundreds of thousands of people read our publications, and vast numbers of you have accumulated great hands-on experience with various security-related tools. Because many of you who read this newsletter are probably administrators who deal at some level with information security, I'm asking you what your favorite security tools are.

Given the broad range of security tools available, I plan to leave the question wide open. I've no way of knowing which variables affect your network environment and your work--and thus your choice of tools. Perhaps you depend upon a particularly useful authentication tool, Wi-Fi (the 802.11b wireless standard) tool, encryption tool, Intrusion Detection System (IDS), firewall, packet analyzer, file system analyzer, scanner, Web protection, database protection, log analyzer, or spam prevention technology. Rather than developing a list of possible categories, I'm asking you to nominate the tools that serve you best.

Whether you have one favorite tool or many, you probably like them because they're useful. Your experience can help others who might need such tools.

If you're a security administrator (no developers or vendors, please), I hope you'll take time to send me an email message listing your favorite one or two tools (respond anonymously if you prefer). Prefix the subject of your response with "\[Tools\]" so that I can more easily gather the email messages and tally the results. In the body of the message, please list each of your favorite tools, and for each tool include the tool name; URL for each tool if possible; the platforms it runs on; whether the tool is commercial, shareware, or freeware; and a paragraph about the tasks it handles successfully. After June 12, I'll compile your responses and let you know the results when they're available.