The Bottom Line
		This article will put you In Touch with: · Why it's critical to lock backdoor entries into network environments. · How Symantec Desktop Firewall rounds out existing security measures for solid protection. · How Symantec Desktop Firewall secures virtual private networks (VPNs).

The above account illustrates an all too common scenario today, says Ron Moritz, senior VP and chief technical officer at Symantec.

"Rogue programs are easily introduced in areas that are not typically the focus of corporate IT security, such as desktop PCs," says Ron Moritz. "Simply mandating that employees aren't allowed to open attachments is useless. Almost anyone can be duped into unknowingly accepting malicious programs."

With the growth of mobile and remote systems as a component of networks—where desktops and remote devices exchange information directly—organizations need to lock down and secure their networks. With Symantec Desktop Firewall™ 2.0, Symantec provides customers with a way to fortify all aspects of their network environments.

In the case of the above example, the bank was admittedly lax for not having anti-virus protection installed on all of its desktop computers. However, if the bank had used Desktop Firewall, the program would have blocked and identified a backdoor breach before the hacker could have accessed confidential bank information.

		At a glance:
		Symantec Desktop Firewall 2.0: · Protects networks from intruders. · Reduces risks from remote usage, whether company-owned equipment or home PC. · Saves help desk time and costs. · Deploys and may be updated rapidly via push (log-in scripts, a shared drive, Microsoft System Management Server) or pull (one-click Web-based installation) technology. · Monitors all inbound and outbound communications to and from users' PCs. · Gives users control over cookies, applets and other potential security risks.

Extending protection to users of remote devices
Gartner Group predicts that by 2003, 137 million workers worldwide (about one-third of the U.S. workforce) will occasionally work remotely. With every log-on to the company network using a company-owned device or a home PC, remote workers expose the network to potential invasions from hackers and other unauthorized visitors. Increasingly popular "always on" connections like DSL and cable modems are particularly vulnerable to intrusions.

By providing organizations with manageable, rapidly deployable protection for remote PCs, Symantec Desktop Firewall gives organizations a way to fight back.

"During our development of Symantec Desktop Firewall, system administrators told us they needed to better secure the growing number of remote devices tapping into their networks," says Nat Maple, Symantec group product manager.

While many organizations have deployed a virtual private network (VPN) solutions that secures the connection between remote PCs and the network, Symantec Desktop Firewall secures the remote device itself—an important distinction. And while some desktop products monitor only outbound communications, Symantec Desktop Firewall monitors all communications to and from the remote user's PC.

In addition, it lets users control the amount of confidential information others may pull from their PCs. For example, users specify whether they'll allow their e-mail address, credit card numbers or social security number to be sent online. They also decide whether to exchange cookies and permit or block ActiveX® and Java® applets on a site-by-site basis—a step up from Web browsers that offer only "allow" or "don't allow" functionality.

A true firewall that's non-intrusive to users
Since few end users use their PCs only to connect to the company's network, other online use leaves them vulnerable to hazards, which can be transferred to the company's network. Symantec Desktop Firewall neutralizes this threat without interfering with normal online activities.

Once installed, Symantec Desktop Firewall operates in the background; users won't know it's working unless it identifies a problem. A wizard that lets administrators configure the rules that govern the firewall for their environment makes this unobtrusive operation possible. Administrators are able to identify the products—whether mass market or proprietary—that their organization uses to access the Internet. Symantec Desktop Firewall remembers and recognizes these programs and doesn't interrupt users with unnecessary warnings or permission requests.

When administrators need to update the rules to add new applications, the product's administrative tool lets them easily package and distribute the update as a small, self-extracting file.

VPN-neutral protection
Symantec Desktop Firewall is a component of Symantec Enterprise Security, a comprehensive and modular Internet security solution for enterprise computing environments. As the second generation of Symantec firewall technology, Symantec Desktop Firewall augments Symantec's Norton Personal Firewall™ functionality to meet the needs of VPN users.

VPN technology protects against "wire tapping" while a remote PC is connected to the corporate network. But it can't stop "backdoor" invasions. For example, suppose a remote user logs on to the company network via a VPN connection, giving the authorized name and password. The user is now authenticated behind the corporate firewall. Now any Trojan horse or other hacker tool that may have been planted on the user's PC during another online session is free to access the company network.

Symantec Desktop Firewall closes this back door by constantly monitoring all inbound and outbound communications from the remote user's PC and blocking any hacker or Trojan attacks. Users online are essentially invisible to "ping sweeps" and other identification tactics.

While some security tools work only with a specified VPN provider, Symantec Desktop Firewall was designed to be VPN-neutral and is currently compatible with leading VPN solutions, such as Nortel Networks® and Cisco Systems®.

Adds another layer of security
Loading Symantec Desktop Firewall on in-house PCs, as well as remote devices, gives organizations another layer in their security strategy. Organizations achieve the greatest system protection by securing all points of vulnerability—servers, network connections, gateways and desktop PCs.

		FYI...
		Check out these other articles about products and solutions from Symantec: · Armed and ready : From the Pentagon to Software Spectrum, Symantec Norton AntiVirus Enterprise Solution stands guard. · Symantec's Expert and Retriever products broaden your network's line of defense. · Symantec's Norton Ghost for NetWare helps administrators keep up the pace by cutting rollout time by 90 percent.

"Depth of security is essential. Just as you protect your company with multiple physical barriers to intrusion—an access card to enter the building, a lock on the office door, and another lock on the desk—you need multiple levels of virtual protection as well," concludes Moritz.

For more information about Symantec Desktop Firewall 2.0, contact Software Spectrum at 1-800-858-6896 or intouch@softwarespectrum.com. Or complete the For More Information form.