Skybox Security, Inc, a company specialising in Security Risk Management (SRM), launched on Tuesday (25 July) Skybox View Suite version 3.0.
According to the company, Skybox View v3.0 enables security and IT operations teams to use a common platform to automate processes associated with risk exposure assessment, network policy compliance, firewall configuration audit, and change assurance.
Skybox View 3.0 reportedly features automated firewall audit; regulatory compliance reporting; intrusion prevention system (IPS) modelling; application and database vulnerability scanning support; zero-day worm attack simulation; as well as modular and scalable architecture.
No pricing details were disclosed.
Sunday, December 31, 2006
Saturday, December 30, 2006
Travel Security Update
For more safety & security news, data and analysis, please go to: http://www.airguideonline.com/professional.htm Jul 31, 2006
Passports soon to be needed for Canada, Mexico, Caribbean. New laws will require U.S. travelers traveling by air or sea to the Caribbean, Mexico and Canada to have passports starting Jan. 1. The laws are intended to make it harder for terrorists to enter the U.S. Some lawmakers and travel organizations want to delay implementation for a few years and find an alternative system for U.S./Canadian border crossings. Jul 28, 2006
Waste, mismanagement plague DHS contracts, report finds. A bipartisan report has found widespread waste, abuse and mismanagement in many Department of Homeland Security contracts. The House Committee on Government Reform report says contracts were poorly planned and monitored and awarded without competition. It cites one case in which the Border Patrol paid $20 million for camera systems that either malfunctioned or were never installed. Jul 27, 2006
CACI wins DHS technology pact. Technology contractor CACI has landed a contract to provide information technology support to the Department of Homeland Security. The company will provide IT planning, network architecture and enterprise resource management. Jul 27, 2006
Passports soon to be needed for Canada, Mexico, Caribbean. New laws will require U.S. travelers traveling by air or sea to the Caribbean, Mexico and Canada to have passports starting Jan. 1. The laws are intended to make it harder for terrorists to enter the U.S. Some lawmakers and travel organizations want to delay implementation for a few years and find an alternative system for U.S./Canadian border crossings. Jul 28, 2006
Waste, mismanagement plague DHS contracts, report finds. A bipartisan report has found widespread waste, abuse and mismanagement in many Department of Homeland Security contracts. The House Committee on Government Reform report says contracts were poorly planned and monitored and awarded without competition. It cites one case in which the Border Patrol paid $20 million for camera systems that either malfunctioned or were never installed. Jul 27, 2006
CACI wins DHS technology pact. Technology contractor CACI has landed a contract to provide information technology support to the Department of Homeland Security. The company will provide IT planning, network architecture and enterprise resource management. Jul 27, 2006
Friday, December 29, 2006
Homeland Security Briefing on U.K. Terror Arrests; DHS Secretary Michael Chertoff, Attorney General Alberto Gonzales, TSA's Kip Hawley
We'd like to provide you with the latest information we have on recent events in the United Kingdom and an update on the actions that we are taking to protect our citizens and to keep air travel safe and secure.
We want to be as open as possible with the public about the facts. At the same time, it's important, I'm sure you'll understand, that we preserve confidentiality of matters that are necessary in order to complete this investigation. And we also have to respect the demands of the British legal process, which puts certain restrictions on what can be said about ongoing cases.
As I think you're all aware, British authorities have arrested 21 individuals who are now in custody who are alleged to have engaged in a plot to detonate liquid explosives on board multiple commercial aircraft departing from the United Kingdom and bound for the United States.
We want to be as open as possible with the public about the facts. At the same time, it's important, I'm sure you'll understand, that we preserve confidentiality of matters that are necessary in order to complete this investigation. And we also have to respect the demands of the British legal process, which puts certain restrictions on what can be said about ongoing cases.
As I think you're all aware, British authorities have arrested 21 individuals who are now in custody who are alleged to have engaged in a plot to detonate liquid explosives on board multiple commercial aircraft departing from the United Kingdom and bound for the United States.
Thursday, December 28, 2006
Cisco issues security warning
Cisco has issued a security warning about code published on the internet that targets weaknesses in its Internetwork Operating System (IOS).
The code was written by a group of teenagers in Italy calling themselves the Black Angels, and it exploits nine vulnerabilities in IOS, which runs on the Cisco Catalyst Ethernet switch, IP routers and other products.
The new program, called Cisco Global Exploiter, provides simple code streams to make it easier to exploit the weaknesses, most of which have been identified by Cisco over the past four years, and get round the vendor's workarounds.
"Customers should take steps to ensure that they have addressed each of these either via a software upgrade or workarounds in place as appropriate in order to mitigate any risk from this new exploit code," the company said on its web site.
Most of the vulnerabilities make Cisco routers and switches more susceptible to distributed denial of service attacks. These attacks occur when hackers take control of servers and flood the network with millions of packets, which eventually cripple devices like switches and routers that try to process all the packets.
The code was written by a group of teenagers in Italy calling themselves the Black Angels, and it exploits nine vulnerabilities in IOS, which runs on the Cisco Catalyst Ethernet switch, IP routers and other products.
The new program, called Cisco Global Exploiter, provides simple code streams to make it easier to exploit the weaknesses, most of which have been identified by Cisco over the past four years, and get round the vendor's workarounds.
"Customers should take steps to ensure that they have addressed each of these either via a software upgrade or workarounds in place as appropriate in order to mitigate any risk from this new exploit code," the company said on its web site.
Most of the vulnerabilities make Cisco routers and switches more susceptible to distributed denial of service attacks. These attacks occur when hackers take control of servers and flood the network with millions of packets, which eventually cripple devices like switches and routers that try to process all the packets.
Wednesday, December 27, 2006
Moving beyond managed security: providers are using network-based services to build more efficient enterprise productivity models
The face of business is changing, placing new demands on business' communications networks. Today's corporate network must not only reach mobile executives as they travel from city to city, it must also extend to the remote outposts that traditionally were not part of the network at all. Whether it is a 24-hour gas station in Tulsa, a parts supplier in Detroit, or car dealer located in another area of the world, an IT manager must figure out how to equip each remote user or locale with the full resources of the corporate network. Add to this the complexity of securing the entire network from today's myriad threats and you have a situation that is untenable to most enterprises. Faced with stagnant budgets and limited staffs, more and more IT departments are delegating the chore of protecting the corporate assets to their service providers.
Service providers, already tasked with managing some of the world's most complex networks, have the resources and expertise required for servicing the extended enterprise 24X7. For the provider, offering managed security services in addition to basic connectivity increases both revenue and customer penetration. However, many service providers view managed security as an incremental service as opposed to a strategic offering that will solidify the relationship with the enterprise. Services such as managed firewall or DoS (denial of service) protection are implemented in such a way that the provider is vulnerable to being displaced by either a competing carrier or a decision to move the service in-house.
Service providers, already tasked with managing some of the world's most complex networks, have the resources and expertise required for servicing the extended enterprise 24X7. For the provider, offering managed security services in addition to basic connectivity increases both revenue and customer penetration. However, many service providers view managed security as an incremental service as opposed to a strategic offering that will solidify the relationship with the enterprise. Services such as managed firewall or DoS (denial of service) protection are implemented in such a way that the provider is vulnerable to being displaced by either a competing carrier or a decision to move the service in-house.
Tuesday, December 26, 2006
Compact VPN appliance - Security appliances and VPNs - Advantech Network Computing FWA-230 - Brief Article - Product Announcement
The FWA-230 is a VPN/security appliance with three 10/100 Mbps autosensing Fast Ethernet ports in the front panel for WAN, LAN and DMZ connections. Also on the front panel is a nine-pin, RS-232 serial port for local system management, maintenance and diagnostics. The unit is preinstalled with the hardened Linux operating system and the latest Check Point VPN-1/FireWall-1 SmallOffice software. Accessible through a removable cover, a 128-MB compact flash card is used to avoid any potential service disruption caused by a hard disk's mechanical/magnetic failures. Each FWA-230 is equipped with a 566-MHz Intel Celeron processor, 128-MB PC-133/100 SDRAM, and an optional slim-type 2.5", 9.5 mm IDE HDD for storing event log and user data, all housed in a 8.8"x1.5"x6.7" desktop chassis.--Advantech Network Computing
Monday, December 25, 2006
Making security pay: savings generated by improved efficiency should not be offset by security losses - Network Management
Telecom did not need to wake up to security following tragic events last September. Security was a high priority before September 11 and remains so today, yet providers need a comprehensive strategy for proactive network element security. Increased deployment of TCP/IP has created new challenges. Some elements are now more vulnerable to intrusion, resulting in lost revenue, increased maintenance costs and reduced QoS.
The extent of security breaches and the associated costs are difficult to measure. Service providers are reluctant to disclose information about vulnerabilities for fear of encouraging more attacks. In addition, some security costs are not even being captured. Service disruptions or element malfunctions resulting from intrusions may be corrected without ever recognizing the intrusion, while theft of service can go undetected for years. Nevertheless, few knowledgeable professionals would deny that security is costing the industry millions of dollars each year.
Threats to TCP/IP-enabled network elements arise from both inside and outside the service provider organization, Certainly, outside attacks pose a real threat as hackers need only Internet access and an IP address to access unprotected network elements. Whether simply mischievous or truly malicious, hackers can steal or disrupt service and cause serious equipment malfunction.
The extent of security breaches and the associated costs are difficult to measure. Service providers are reluctant to disclose information about vulnerabilities for fear of encouraging more attacks. In addition, some security costs are not even being captured. Service disruptions or element malfunctions resulting from intrusions may be corrected without ever recognizing the intrusion, while theft of service can go undetected for years. Nevertheless, few knowledgeable professionals would deny that security is costing the industry millions of dollars each year.
Threats to TCP/IP-enabled network elements arise from both inside and outside the service provider organization, Certainly, outside attacks pose a real threat as hackers need only Internet access and an IP address to access unprotected network elements. Whether simply mischievous or truly malicious, hackers can steal or disrupt service and cause serious equipment malfunction.
Sunday, December 24, 2006
Securing network infrastructures: meshed topographies simultaneously preserve security and accessibility - Storage Networking
Over the past six years, malicious Internet attacks to corporate networks have increased 87%. This alarming growth of unauthorized network access clearly shows that the initial goal of creating shared, open infrastructures was not accompanied by an equally strong commitment to network security.
Let's take a pragmatic look at network security, while focusing on preventing network violations at the access point and discussing some practical recovery options.
Growing Security Threats
In the past, external security breaches represented a small percentage of violations, with most violations coming from within the network. From 1996 to 2001, the source of network attacks has shifted from internal to external violations.
While the number of intrusions by hackers has increased, internal security breaches--often by disgruntled employees--still represent the greatest number of computer crimes. Over the last two years, growth in the technology industry has slowed dramatically, resulting in large-scale layoffs. This, m turn, has made corporate networks the target of many disgruntled employees. In 2001, for example, technology and manufacturing companies reported $151 million in intellectual property theft, accounting for 41% of the losses related to computer crimes.
Let's take a pragmatic look at network security, while focusing on preventing network violations at the access point and discussing some practical recovery options.
Growing Security Threats
In the past, external security breaches represented a small percentage of violations, with most violations coming from within the network. From 1996 to 2001, the source of network attacks has shifted from internal to external violations.
While the number of intrusions by hackers has increased, internal security breaches--often by disgruntled employees--still represent the greatest number of computer crimes. Over the last two years, growth in the technology industry has slowed dramatically, resulting in large-scale layoffs. This, m turn, has made corporate networks the target of many disgruntled employees. In 2001, for example, technology and manufacturing companies reported $151 million in intellectual property theft, accounting for 41% of the losses related to computer crimes.
Saturday, December 23, 2006
Protect and survive: network monitoring tools, rather than traditional security measures of firewalls and IDSs , provide the strongest protection agai
The issue of network security has never been far from the top of the organisational agenda. However, it is pushed to the forefront when high-profile security attacks occur, such as the denial of service attack suffered by the Computer Emergency Response Team (CERT) last year. This made it clear that determined hackers can damage even the experts, and highlighted the fact that service providers and enterprises that depend on internet connections must take more stringent measures to protect themselves.
The notion that companies need to implement a full security policy is of course nothing new -- experts have been espousing the benefits of firewalls and intrusion detection systems (IDS) for years. However, as the CERT attack shows, anyone can get stung.
The CERT co-ordination centre is a hub of knowledge on internet security vulnerabilities and gives advice and training to improve network security. Last year the organisation was knocked offline for two days by a denial of service attack preventing anyone from accessing the CERT website. A spokesperson for CERT explained that connection to the internet had been totally saturated by the attack. The irony here is that the group was most probably targeted for attack in the first place because of its status as a champion for internet security issues.
The notion that companies need to implement a full security policy is of course nothing new -- experts have been espousing the benefits of firewalls and intrusion detection systems (IDS) for years. However, as the CERT attack shows, anyone can get stung.
The CERT co-ordination centre is a hub of knowledge on internet security vulnerabilities and gives advice and training to improve network security. Last year the organisation was knocked offline for two days by a denial of service attack preventing anyone from accessing the CERT website. A spokesperson for CERT explained that connection to the internet had been totally saturated by the attack. The irony here is that the group was most probably targeted for attack in the first place because of its status as a champion for internet security issues.
Friday, December 22, 2006
Juniper focuses on network security: CEO sees system integrators emerging as key telecom players amid industry evolution
Juniper Networks has realigned its security focus after its acquisition of NetScreen, with a push toward integrated security instead of stand-alone point solutions. Juniper CEO Scott Kriens, in a recent interview with Group Editor Joseph Waring, notes that trusting the network is the key in the drive toward an all-IP, ubiquitous network.
America's Network: There's been a great deal of talk about ubiquity. How important will it be in the near-term?
Scott Kriens: We believe there's going to be a ubiquitous network, it will be a single infrastructure, it will carry multiple services, it will be very intelligent, it will enhance our lives. That will all be true some day. The observation that that it is true is meaningless. The issue is when will what elements within that grand claim be true and what will it mean when they are. It is the path to how one gets there that is where all the real opportunities lie.
One of the reasons for the acquisition of our security portfolio is that we believe that the key enabler to making it all happen faster is that you have to trust the network to use it more. That is one driver. It not only has to be secure, but it also has to be assured, it has to be reliable and has to be able to deliver the quality for the video signal that I'm going to drive across it.
America's Network: There's been a great deal of talk about ubiquity. How important will it be in the near-term?
Scott Kriens: We believe there's going to be a ubiquitous network, it will be a single infrastructure, it will carry multiple services, it will be very intelligent, it will enhance our lives. That will all be true some day. The observation that that it is true is meaningless. The issue is when will what elements within that grand claim be true and what will it mean when they are. It is the path to how one gets there that is where all the real opportunities lie.
One of the reasons for the acquisition of our security portfolio is that we believe that the key enabler to making it all happen faster is that you have to trust the network to use it more. That is one driver. It not only has to be secure, but it also has to be assured, it has to be reliable and has to be able to deliver the quality for the video signal that I'm going to drive across it.
Thursday, December 21, 2006
Intrusion Detector delivers open-source network security
Using proprietary Meta Traffic Processor, MTP-1G wire-speed Gigabit Ethernet Network Intrusion Detection and Prevention System supports open-source network security and monitoring applications. Cards pass Gigabit Ethernet traffic between system's 2 ports with 400 ns latency while performing wire-speed, stateful, packet inspection. When determining whether to capture or block packets, cards can apply up to 1,500 wire-speed stateful policies per packet.
Los Gatos, California - Metanetworks Technologies, Inc. (metanetworks.org), a leading provider of high-speed network security and monitoring hardware, announces its MTP-1G - the world's first wire-speed Gigabit Ethernet Network Intrusion Detection and Prevention System (IDPS) specifically designed to support open-source network security and monitoring applications. The MTP-1G uses Metanetworks' Meta Traffic Processor (MTP), a unique network processor that was partially developed using research grants from the National Science Foundation and the US Air Force Rome Laboratories. The MTP is specifically designed to exploit massive, fine-grain, instruction-level parallelism, which is intrinsic to IDPS processing loads. Livio Ricciulli, Metanetworks Technologies' chief scientist, states that, "our MTP cards offer the lowest IPS filtering latency in the world because of our breakthrough processing architecture."
Metanetworks' MTP-1G cards routinely pass Gigabit Ethernet traffic between its two ports with 400 ns latency while performing wire-speed, stateful, packet inspection. When determining whether to capture or block packets, the cards can apply up to 1500 wire-speed stateful policies per packet. When the MTP-1G captures packets, it presents them to the operating system as a standard NIC in promiscuous mode.
Los Gatos, California - Metanetworks Technologies, Inc. (metanetworks.org), a leading provider of high-speed network security and monitoring hardware, announces its MTP-1G - the world's first wire-speed Gigabit Ethernet Network Intrusion Detection and Prevention System (IDPS) specifically designed to support open-source network security and monitoring applications. The MTP-1G uses Metanetworks' Meta Traffic Processor (MTP), a unique network processor that was partially developed using research grants from the National Science Foundation and the US Air Force Rome Laboratories. The MTP is specifically designed to exploit massive, fine-grain, instruction-level parallelism, which is intrinsic to IDPS processing loads. Livio Ricciulli, Metanetworks Technologies' chief scientist, states that, "our MTP cards offer the lowest IPS filtering latency in the world because of our breakthrough processing architecture."
Metanetworks' MTP-1G cards routinely pass Gigabit Ethernet traffic between its two ports with 400 ns latency while performing wire-speed, stateful, packet inspection. When determining whether to capture or block packets, the cards can apply up to 1500 wire-speed stateful policies per packet. When the MTP-1G captures packets, it presents them to the operating system as a standard NIC in promiscuous mode.
Wednesday, December 20, 2006
Messaging System/Anti-Spam Service offer network security
FortiMail Secure Messaging Platform includes antivirus detection engine for virus and spyware protection and complete email scanning. It uses FortiGuard-Antispam, access policy filtering, content filtering, global and user black/white list filtering, and spam Real-time Blackhole List. FortiGuard-Antispam Service eliminates spam at network perimeter. It checks against known spammer IP addresses and email content with Universal Resource Identifier scanning.
FortiMail(TM) Family and FortiGuard-Antispam Service Offer Enterprises Multi-Layered Protection to Eliminate Spam and Inline Network Viruses
SUNNYVALE, Calif., Feb. 7-- Fortinet -- the confirmed market leader in Unified Threat Management and only provider of ASIC-accelerated, network-based antivirus firewall systems for real-time network protection -- today unveiled two powerful new additions to its network security solutions and services portfolio: FortiMail, a secure messaging system, and FortiGuard-Antispam, a managed antispam service. The FortiMail Secure Messaging Platform and FortiGuard-Antispam Service effectively layer antispam technology to offer antispam defense in-depth at the network perimeter and the mail server -- maximizing mail traffic performance by eliminating global spam at the network gateway, before it enters the corporate network.
Unwanted email or spam continues to present serious security challenges for enterprises and consumers alike. Increasingly, these messages contain spyware, grayware or other malicious attempts to adversely impact a customer's computing and networking resources. While many world governments have been writing legislation and enforcing penalties around spam creation and delivery, spam continues to be difficult to regulate and catch. Industry researchers suggest that 60 to 70 percent of all enterprise email is spam, and recent statistics suggest that a good portion of spam contains viruses or other types of attacks.
FortiMail(TM) Family and FortiGuard-Antispam Service Offer Enterprises Multi-Layered Protection to Eliminate Spam and Inline Network Viruses
SUNNYVALE, Calif., Feb. 7-- Fortinet -- the confirmed market leader in Unified Threat Management and only provider of ASIC-accelerated, network-based antivirus firewall systems for real-time network protection -- today unveiled two powerful new additions to its network security solutions and services portfolio: FortiMail, a secure messaging system, and FortiGuard-Antispam, a managed antispam service. The FortiMail Secure Messaging Platform and FortiGuard-Antispam Service effectively layer antispam technology to offer antispam defense in-depth at the network perimeter and the mail server -- maximizing mail traffic performance by eliminating global spam at the network gateway, before it enters the corporate network.
Unwanted email or spam continues to present serious security challenges for enterprises and consumers alike. Increasingly, these messages contain spyware, grayware or other malicious attempts to adversely impact a customer's computing and networking resources. While many world governments have been writing legislation and enforcing penalties around spam creation and delivery, spam continues to be difficult to regulate and catch. Industry researchers suggest that 60 to 70 percent of all enterprise email is spam, and recent statistics suggest that a good portion of spam contains viruses or other types of attacks.
Tuesday, December 19, 2006
Strong wireless security for the SOHO network
It's likely your home users haven't enabled security on their wireless networks. As the go-to guy you can configure security settings for them and hope those users don't mess those settings up, or add software that lets users add and remove new and visiting users (as for when your teen's friends come over) without much effort (or calling you on the phone).That's the idea behind Interlink Networks' LucidLink, which provides enterprise-level wireless security simply enough to use on the home network.
The software uses encryption based on Wi-Fi Protected Access (WPA), along with advanced authentication techniques to protect network traffic and initial access.lt uses a client/server model to authorize only those clients given specific permission to access the LAN.
WPA provides a higher level of protection than Wired Equivalent Privacy, but it doesn't address user authentication. Granting and revoking access to your wireless network, say, at the beginning and end of a LAN usage cycle, often involves changing the encryption key on every system on the network. LucidLink streamlines this process down to two button clicks.
The software uses encryption based on Wi-Fi Protected Access (WPA), along with advanced authentication techniques to protect network traffic and initial access.lt uses a client/server model to authorize only those clients given specific permission to access the LAN.
WPA provides a higher level of protection than Wired Equivalent Privacy, but it doesn't address user authentication. Granting and revoking access to your wireless network, say, at the beginning and end of a LAN usage cycle, often involves changing the encryption key on every system on the network. LucidLink streamlines this process down to two button clicks.
Monday, December 18, 2006
Evolving Network Demands Improved Security, The
A decade ago, a company could effectively secure its network through perimeter protection such as a firewall. At that time, networks had definitive borders, making it easier to safeguard critical internal assets with perimeter security technology.
However, as organizations recognized the business benefits of extending network access to customers, partners and vendors, the once-distinct perimeter quickly dissolved. With this increase in credentialed users now accessing the network from the outside, safeguarding internal assets with security technology located solely at the perimeter proved insufficient. Nonetheless, within many organizations, internal security still placed second in priority to increasing business process efficiency.
There is an inherent trade-off between security and accessibility, but many organizations have sought to strike a balance between making it easy for people to access the systems they need while still remaining secure. Yet many organizations, including CRM centers, are still exposed to more risk than necessary because they have not addressed the security ramifications associated with extending their network to third parties. For an organization to be truly protected today, it must continue to mind the perimeter, but it must also turn its focus inward and secure the internal network.
However, as organizations recognized the business benefits of extending network access to customers, partners and vendors, the once-distinct perimeter quickly dissolved. With this increase in credentialed users now accessing the network from the outside, safeguarding internal assets with security technology located solely at the perimeter proved insufficient. Nonetheless, within many organizations, internal security still placed second in priority to increasing business process efficiency.
There is an inherent trade-off between security and accessibility, but many organizations have sought to strike a balance between making it easy for people to access the systems they need while still remaining secure. Yet many organizations, including CRM centers, are still exposed to more risk than necessary because they have not addressed the security ramifications associated with extending their network to third parties. For an organization to be truly protected today, it must continue to mind the perimeter, but it must also turn its focus inward and secure the internal network.
Sunday, December 17, 2006
Weathering a Perfect Storm: Protecting your Email Network with a Layered Security Architecture
As an enterprise IT manager, your biggest email headache today is viruses. Yesterday it was Denial of Service attacks. Tomorrow it will be spam and phishing. Or perhaps customer privacy, regulatory compliance or employee misuse of email will consume your time and attention. You've responded to constant threats and risks with a variety of point products, both at your gateway and inside your network. The result: an email infrastructure that is enormously complex, costly to manage and not ready to protect your business when the next email security crisis inevitably hits. The truth is, no single product is a silver bullet. Large enterprises with complex networks need to take an architectural approach to email security. In this informative 50-minute eSeminar, Sendmail will explain the fundamental elements of email security architecture. Based on our experience implementing email systems for the world's largest enterprises, we'll explain: The four basic layers of email security architecture Typical security gaps in complex email networks, and how to fix them Best practices to improve email security in a multi-vendor environment If your email security architecture needs a closer look, join us for this revealing discussion, including an opportunity for live Q&A.
Saturday, December 16, 2006
Movin' On Up: Security Branches Off the Desktop and Onto the Network
Today's hackers are growing in their technological prowess and sophistication. Their extreme coding capabilities have allowed them to penetrate an Internet browser without a user ever opening up a corrupt e-mail file. To try and combat this, corporations are moving their security and antivirus efforts to the network level. This move to intrusion protection has resulted in a slew of new technologies and appliance-based security products that can be loaded on to networks and scan for viruses and other security threats. Whether your company is running a single vendor computing environment or, more commonly, a more complex multi-vendor environment, there are benefits to be realized by this security strategy. Join Larry Seltzer, editor of eWEEK.com's Security Center and a panel of experts as they discuss: The difference between security at the desktop level and at the network level The major benefits derived from securing the network What are the applications involved in this security strategy Should this strategy be managed by internal IT or a managed services company?
Friday, December 15, 2006
Cisco issues security warning
Cisco has issued a security warning about code published on the internet that targets weaknesses in its Internetwork Operating System (IOS).
The code was written by a group of teenagers in Italy calling themselves the Black Angels, and it exploits nine vulnerabilities in IOS, which runs on the Cisco Catalyst Ethernet switch, IP routers and other products.
The new program, called Cisco Global Exploiter, provides simple code streams to make it easier to exploit the weaknesses, most of which have been identified by Cisco over the past four years, and get round the vendor's workarounds.
"Customers should take steps to ensure that they have addressed each of these either via a software upgrade or workarounds in place as appropriate in order to mitigate any risk from this new exploit code," the company said on its web site.
Most of the vulnerabilities make Cisco routers and switches more susceptible to distributed denial of service attacks. These attacks occur when hackers take control of servers and flood the network with millions of packets, which eventually cripple devices like switches and routers that try to process all the packets.
The code was written by a group of teenagers in Italy calling themselves the Black Angels, and it exploits nine vulnerabilities in IOS, which runs on the Cisco Catalyst Ethernet switch, IP routers and other products.
The new program, called Cisco Global Exploiter, provides simple code streams to make it easier to exploit the weaknesses, most of which have been identified by Cisco over the past four years, and get round the vendor's workarounds.
"Customers should take steps to ensure that they have addressed each of these either via a software upgrade or workarounds in place as appropriate in order to mitigate any risk from this new exploit code," the company said on its web site.
Most of the vulnerabilities make Cisco routers and switches more susceptible to distributed denial of service attacks. These attacks occur when hackers take control of servers and flood the network with millions of packets, which eventually cripple devices like switches and routers that try to process all the packets.
Thursday, December 14, 2006
Network Security Services identify site vulnerabilities
Suited for Foxboro I/A Series automation systems, service is designed to protect against cyber attacks and other network intrusions at industrial sites. Site Security Review Service and System Security Hardening Service also help users develop effective security plan, identify specific site vulnerabilities, and protect against potentially catastrophic intrusions.
New services are designed to help identify site vulnerabilities and protect against cyber attacks and other network intrusions at industrial sites
HOUSTON, TEXAS, USA (ISA 2004 Conference and EXPO) - October 5, 2004 - Invensys Process Systems today introduced important new services designed to further enhance the security of the company's Foxboro-brand I/A Series automation systems. In development for more than two years, the new Site Security Review Service and the System Security Hardening Service are both part of Invensys' expanding suite of LifeTime Performance Improvement Services, which now also includes both Loop Management and Alarm Management services. These services work together to enable customers to maximize the performance of their installed automation assets.
"The industrial automation industry has been moving away from proprietary technology to more open and interoperable control systems. As underscored by a recent US government report , this trend clearly increases the potential vulnerability of these systems to cyber attacks via the Internet and from other external and internal network intrusions," said Ernest Rakaczky, director of process control network security at Invensys Process Systems.
New services are designed to help identify site vulnerabilities and protect against cyber attacks and other network intrusions at industrial sites
HOUSTON, TEXAS, USA (ISA 2004 Conference and EXPO) - October 5, 2004 - Invensys Process Systems today introduced important new services designed to further enhance the security of the company's Foxboro-brand I/A Series automation systems. In development for more than two years, the new Site Security Review Service and the System Security Hardening Service are both part of Invensys' expanding suite of LifeTime Performance Improvement Services, which now also includes both Loop Management and Alarm Management services. These services work together to enable customers to maximize the performance of their installed automation assets.
"The industrial automation industry has been moving away from proprietary technology to more open and interoperable control systems. As underscored by a recent US government report , this trend clearly increases the potential vulnerability of these systems to cyber attacks via the Internet and from other external and internal network intrusions," said Ernest Rakaczky, director of process control network security at Invensys Process Systems.
Wednesday, December 13, 2006
Moving beyond managed security: providers are using network-based services to build more efficient enterprise productivity models
The face of business is changing, placing new demands on business' communications networks. Today's corporate network must not only reach mobile executives as they travel from city to city, it must also extend to the remote outposts that traditionally were not part of the network at all. Whether it is a 24-hour gas station in Tulsa, a parts supplier in Detroit, or car dealer located in another area of the world, an IT manager must figure out how to equip each remote user or locale with the full resources of the corporate network. Add to this the complexity of securing the entire network from today's myriad threats and you have a situation that is untenable to most enterprises. Faced with stagnant budgets and limited staffs, more and more IT departments are delegating the chore of protecting the corporate assets to their service providers.
Service providers, already tasked with managing some of the world's most complex networks, have the resources and expertise required for servicing the extended enterprise 24X7. For the provider, offering managed security services in addition to basic connectivity increases both revenue and customer penetration. However, many service providers view managed security as an incremental service as opposed to a strategic offering that will solidify the relationship with the enterprise. Services such as managed firewall or DoS (denial of service) protection are implemented in such a way that the provider is vulnerable to being displaced by either a competing carrier or a decision to move the service in-house.
Service providers, already tasked with managing some of the world's most complex networks, have the resources and expertise required for servicing the extended enterprise 24X7. For the provider, offering managed security services in addition to basic connectivity increases both revenue and customer penetration. However, many service providers view managed security as an incremental service as opposed to a strategic offering that will solidify the relationship with the enterprise. Services such as managed firewall or DoS (denial of service) protection are implemented in such a way that the provider is vulnerable to being displaced by either a competing carrier or a decision to move the service in-house.
Tuesday, December 12, 2006
Security Appliance ensures secure credit card processing
Developed to address Visa USA and MasterCard International's security requirements at application and content level, PCI Risk Assessment program provides visibility into network applications used by employees to transmit data such as credit card numbers. PacketSure PCI security appliance performs deep packet analysis at packet level to determine what communication protocol is being used and only allows authorized protocols to be used to transfer corporate data.
Risk Assessment Program Will Use Palisade's PacketSure PCI Appliance to Analyze Network Applications Being Used by Employees to Transmit Credit Card Data
AMES, Iowa, Aug. 8 -- Palisade Systems, a leading provider of content and network security appliances, announced today a PCI Risk Assessment program for organizations processing and/or storing credit card information. Palisade's PacketSure PCI security appliance was developed specifically to address Visa USA and MasterCard International's soon to be unveiled security requirements at the application and content level. The first of its kind program is being offered to companies on a seven day risk assessment period. PacketSure PCI provides the visibility into the network applications being used by employees to transmit data including credit card numbers.
PacketSure PCI performs deep packet analysis at the packet level, not port level, to determine what communication protocol is being used. PacketSure eliminates unwanted applications being used on an organization's network allowing only authorized protocols to be used to transfer corporate data. PacketSure provides an additional layer of security on the authorized protocols by analyzing the data within the packets traveling across the network giving unprecedented security and compliance to Visa and MasterCard's PCI standards. PacketSure has been used as an assessment tool before, acting as a test monitor for simulations and cyber competitions by the U.S. Department of Justice funded Internet-Simulation Event and Attack Generation Environment cyber security lab.
Risk Assessment Program Will Use Palisade's PacketSure PCI Appliance to Analyze Network Applications Being Used by Employees to Transmit Credit Card Data
AMES, Iowa, Aug. 8 -- Palisade Systems, a leading provider of content and network security appliances, announced today a PCI Risk Assessment program for organizations processing and/or storing credit card information. Palisade's PacketSure PCI security appliance was developed specifically to address Visa USA and MasterCard International's soon to be unveiled security requirements at the application and content level. The first of its kind program is being offered to companies on a seven day risk assessment period. PacketSure PCI provides the visibility into the network applications being used by employees to transmit data including credit card numbers.
PacketSure PCI performs deep packet analysis at the packet level, not port level, to determine what communication protocol is being used. PacketSure eliminates unwanted applications being used on an organization's network allowing only authorized protocols to be used to transfer corporate data. PacketSure provides an additional layer of security on the authorized protocols by analyzing the data within the packets traveling across the network giving unprecedented security and compliance to Visa and MasterCard's PCI standards. PacketSure has been used as an assessment tool before, acting as a test monitor for simulations and cyber competitions by the U.S. Department of Justice funded Internet-Simulation Event and Attack Generation Environment cyber security lab.
Monday, December 11, 2006
Trend Micro unveils 2007 Internet Security
Antivirus and content security firm Trend Micro Inc (NASDAQ: TMIC) announced on Wednesday (20 September) the 2007 version of its Internet security suite.
According to the company, the 2007 Internet Security release will incorporate Trend Micro's PC-cillin engine and anti-malware protection, as well as TrendSecure, Trend Micro's new online security services. The suite is reportedly designed to identify, block and automatically remove viruses, trojans and spyware; filter spam; warn about unauthorized wireless access to the network; block objectionable content; identify fraudulent phishing scams; and provide users with real-time defence against online and offline identity and data theft.
Trend Micro Internet Security comes with a household license for up to three PCs for one year at GBP49.95, including free email and online support and the TrendSecure online services
According to the company, the 2007 Internet Security release will incorporate Trend Micro's PC-cillin engine and anti-malware protection, as well as TrendSecure, Trend Micro's new online security services. The suite is reportedly designed to identify, block and automatically remove viruses, trojans and spyware; filter spam; warn about unauthorized wireless access to the network; block objectionable content; identify fraudulent phishing scams; and provide users with real-time defence against online and offline identity and data theft.
Trend Micro Internet Security comes with a household license for up to three PCs for one year at GBP49.95, including free email and online support and the TrendSecure online services
Sunday, December 10, 2006
Research center plugs physical security into its network
Keeping its huge data center humming is vital at NASA Ames Research Center, where 4,000 scientists are working on aeronautics and biotechnology projects. When a new custom-built air conditioning system couldn't keep the research outfit's network equipment at the right temperature, it was the IT department's equivalent of a space mission gone wrong.
"It failed miserably? says George Alger, assistant division chief of the applied information technologies division and IT services manager. He worried that the A/C fluctuations threatened to disrupt or even damage the 50 racks of servers and .switches housed in the Moffett Field,Calif.,data center.
"The air conditioning should have maintained 68 degrees to 70 degrees in the room, but it didn't," Alger says about the custom-built system, which cost about $800,000.
NASA Ames became aware of the high and low temperature spikes because two physical- security sensors from NetBotz continuously monitor the data center's environment.
"It failed miserably? says George Alger, assistant division chief of the applied information technologies division and IT services manager. He worried that the A/C fluctuations threatened to disrupt or even damage the 50 racks of servers and .switches housed in the Moffett Field,Calif.,data center.
"The air conditioning should have maintained 68 degrees to 70 degrees in the room, but it didn't," Alger says about the custom-built system, which cost about $800,000.
NASA Ames became aware of the high and low temperature spikes because two physical- security sensors from NetBotz continuously monitor the data center's environment.
Saturday, December 09, 2006
Security System strengthens phone authentication processes
With ability to automate and strengthen call center authentication to help financial institutions meet FFIEC guidance, RSA[R] Adaptive Authentication for Phone provides multifactor authentication for retail and commercial banking. It analyzes various phone channel-specific risk parameters, from phone number itself to biometric voiceprint and user behavior profiles. System generates risk and authentication score for every call received and every high-risk transaction conducted.
Leverages RSA's proven risk-based authentication expertise and live voice biometrics technology
Automates and strengthens call center authentication to help financial institutions meet FFIEC guidance
BEDFORD, Mass., Oct. 24 / - RSA, The Security Division of EMC (NYSE:EMC), today announced RSA[R] Adaptive Authentication for Phone. The product is designed to meet the financial industry's need for strong, automated and convenient caller authentication for telephone banking, given the nature of fraud migration and the regulatory requirements stated in the FFIEC's Authentication in an Internet Banking Environment guidance.
Designed with a focus on the end-user experience and strengthening phone authentication processes, RSA Adaptive Authentication for Phone leverages the core concept and expertise used in RSA Adaptive Authentication for Web, currently used by more than 35 of the top 100 US financial institutions and some of the largest banks in Europe. The new solution also incorporates RSA's voice biometric solution, based on the previously-acquired Vocent technology and integrated with the market-leading voiceprint engine from Nuance; the Vocent-Nuance solution is in production at several large banks in the United States today, with consumer-facing deployments planned for Q1 2007.
Leverages RSA's proven risk-based authentication expertise and live voice biometrics technology
Automates and strengthens call center authentication to help financial institutions meet FFIEC guidance
BEDFORD, Mass., Oct. 24 / - RSA, The Security Division of EMC (NYSE:EMC), today announced RSA[R] Adaptive Authentication for Phone. The product is designed to meet the financial industry's need for strong, automated and convenient caller authentication for telephone banking, given the nature of fraud migration and the regulatory requirements stated in the FFIEC's Authentication in an Internet Banking Environment guidance.
Designed with a focus on the end-user experience and strengthening phone authentication processes, RSA Adaptive Authentication for Phone leverages the core concept and expertise used in RSA Adaptive Authentication for Web, currently used by more than 35 of the top 100 US financial institutions and some of the largest banks in Europe. The new solution also incorporates RSA's voice biometric solution, based on the previously-acquired Vocent technology and integrated with the market-leading voiceprint engine from Nuance; the Vocent-Nuance solution is in production at several large banks in the United States today, with consumer-facing deployments planned for Q1 2007.
Friday, December 08, 2006
Keeping America out of harm's way: from a national health-surveillance network to better whistle-blower protection, security experts provide their com
U.S. leaders and our allies have made great strides in fighting terrorism and increasing homeland security. During the last seven months they have ousted the Taliban, frozen substantial assets used to fund Osama bin Laden and his associates, rounded up hundreds of likely terrorist "sleepers" and enacted a host of measures to try to stop the next attack before it happens.
This all comes at a price: The war on terrorism not only has cost billions of dollars, but precious lives as well. And every step along the way has required expenditure of political capital and high-level maneuvering of the sort that accompanies every initiative originating inside the Washington Beltway. The controversial USA PATRIOT Act, an attempt to balance security with concerns about civil liberties, and continued bickering about screening at the nation's airports show that the war on terrorism has been as divisive as many another war. Even when the United States is united, as polls indicate it is now, concerns about politics and money tend to slow the drive for reform.
Meanwhile, say Capitol Hill insiders, many of the nation's most vital structures remain vulnerable to attack, and measures to reform key institutions such as the Immigration and Naturalization Service still are being battered in bureaucratic turf wars. Does this mean the quest for a secure America has stalled? Not necessarily.
This all comes at a price: The war on terrorism not only has cost billions of dollars, but precious lives as well. And every step along the way has required expenditure of political capital and high-level maneuvering of the sort that accompanies every initiative originating inside the Washington Beltway. The controversial USA PATRIOT Act, an attempt to balance security with concerns about civil liberties, and continued bickering about screening at the nation's airports show that the war on terrorism has been as divisive as many another war. Even when the United States is united, as polls indicate it is now, concerns about politics and money tend to slow the drive for reform.
Meanwhile, say Capitol Hill insiders, many of the nation's most vital structures remain vulnerable to attack, and measures to reform key institutions such as the Immigration and Naturalization Service still are being battered in bureaucratic turf wars. Does this mean the quest for a secure America has stalled? Not necessarily.
Thursday, December 07, 2006
Securing the network: Juniper Networks has realigned its security focus after its acquisition of NetScreen, with a push toward integrated security ins
Telecom Asia: There's been a great deal of talk about ubiquity. How important will it be in the near term?
Scott Kriens: We believe there's going to be a ubiquitous network, it will be a single infrastructure, it will carry multiple services, it will be very intelligent, it will enhance our lives. That will all be true some day. The observation that that it is true is meaningless. The issue is when will what elements within that grand claim be true and what will it mean when they are. It is the path to how one gets there that is where all the real opportunities lie.
One of the reasons for the acquisition of our security portfolio is that we believe that the key enabler to making it all happen faster is that you have to trust the network to use it more. That is one driver. It not only has to be secure, but it also has to be assured--it has to be reliable and has to be able to deliver the quality for the video signal that I'm going to drive across it.
How will it happen? The way the Internet got to scale was simply by dividing everywhere--that way it didn't have to happen in any one place. Ubiquity will happen in the same way. Pockets [of IP infrastructure build-outs] are popping up and establishing themselves and they will all look to connect. Major commitments to rolling out IP infrastructure already include moves by China Telecom, NTT East and West, Deutsche Telecom, MCI and Verizon. This peer-to-peer nature of the arrival of the Internet is going to be exactly the way the next generation of applications that will build on top of it will come into existence. Then we can create some standards to put some order to the chaos.
Scott Kriens: We believe there's going to be a ubiquitous network, it will be a single infrastructure, it will carry multiple services, it will be very intelligent, it will enhance our lives. That will all be true some day. The observation that that it is true is meaningless. The issue is when will what elements within that grand claim be true and what will it mean when they are. It is the path to how one gets there that is where all the real opportunities lie.
One of the reasons for the acquisition of our security portfolio is that we believe that the key enabler to making it all happen faster is that you have to trust the network to use it more. That is one driver. It not only has to be secure, but it also has to be assured--it has to be reliable and has to be able to deliver the quality for the video signal that I'm going to drive across it.
How will it happen? The way the Internet got to scale was simply by dividing everywhere--that way it didn't have to happen in any one place. Ubiquity will happen in the same way. Pockets [of IP infrastructure build-outs] are popping up and establishing themselves and they will all look to connect. Major commitments to rolling out IP infrastructure already include moves by China Telecom, NTT East and West, Deutsche Telecom, MCI and Verizon. This peer-to-peer nature of the arrival of the Internet is going to be exactly the way the next generation of applications that will build on top of it will come into existence. Then we can create some standards to put some order to the chaos.
Wednesday, December 06, 2006
Technical advances expand the options available: urban rail operators face increased demands for greater security and safety. Advances in technology n
IF safety is seen as the guarantee of proper performance without accident, efficient signalling is the way to provide safe train organisation. If security is intended to defend against intentional and unlawful aggressions, closed-circuit television (CCTV) is a very useful tool to provide video surveillance.
Alcatel has used similar transmission technologies to combine fixed optical fibre networks and high-speed radio solutions to enhance both safety and security for urban rail. This is part of an integrated communication concept whereby a single multi-service platform supports the deployment of new advanced applications for a wide range of uses.
New digital systems have extended video surveillance from station platforms and concourses to trains on the move. Onboard equipment includes CCTV cameras, a digital video recorder (DVR), a mobile radio, and antennas. Access points at the wayside collect the video and interface it through the fixed backbone to the control centre. Thereby, on-board video is successively:
Alcatel has used similar transmission technologies to combine fixed optical fibre networks and high-speed radio solutions to enhance both safety and security for urban rail. This is part of an integrated communication concept whereby a single multi-service platform supports the deployment of new advanced applications for a wide range of uses.
New digital systems have extended video surveillance from station platforms and concourses to trains on the move. Onboard equipment includes CCTV cameras, a digital video recorder (DVR), a mobile radio, and antennas. Access points at the wayside collect the video and interface it through the fixed backbone to the control centre. Thereby, on-board video is successively:
Tuesday, December 05, 2006
VoIP industry moves to bolster network security: new group to define requirements
Looking a decade ahead, the VoIP industry has taken its first steps towards foiling future attempts by Internet-style hackers to bring down a major IP phone service. A new group, the VoIP Security Alliance, or VOIPSA, recently launched two projects aimed at developing industrial-grade VoIP security methods.
VOIPSA members include manufacturers, service providers, research institutions and consultancies. The first two projects of the organization, which was formed in February, aim to develop a "threat taxonomy" and to define security requirements.
VOIPSA's efforts will be of particular interest to manufacturers of session border controllers, or SBCs, which will for a long time to come play a crucial role in defending VoIP networks from attack.
SBCs, which typically sit between the softswitches that control VoIP services and the public Internet, have a number of functions. One of the most important is firewall traversal. When a VoIP call has to go through a firewall, as most do, it can easily fail. Firewalls don't know how to deal with VoIP, which can involve as many as five separate data streams. SBCs know how to manuever both VoIP and video traffic through them.
VOIPSA members include manufacturers, service providers, research institutions and consultancies. The first two projects of the organization, which was formed in February, aim to develop a "threat taxonomy" and to define security requirements.
VOIPSA's efforts will be of particular interest to manufacturers of session border controllers, or SBCs, which will for a long time to come play a crucial role in defending VoIP networks from attack.
SBCs, which typically sit between the softswitches that control VoIP services and the public Internet, have a number of functions. One of the most important is firewall traversal. When a VoIP call has to go through a firewall, as most do, it can easily fail. Firewalls don't know how to deal with VoIP, which can involve as many as five separate data streams. SBCs know how to manuever both VoIP and video traffic through them.
Monday, December 04, 2006
Network security drives value
Many valuable business models depend vitally on secure networking. These business models include:
* Delivery of content (music, movies, TV, radio and interactive games);
* IP Network-enabled virtual enterprises, including work-at-home;
* E-commerce (retail, financial services, travel services and many transaction-oriented activities); and
* Messaging services such as e-mail and instant messaging.
Each model imposes its own unique security and performance requirements that influence economic success. Content delivery went nowhere until the RIAA (Recording Industry Association of America) was satisfied that the technology existed for secure content distribution. Network-enabled enterprise models are gaining favor now that IP traffic can be handled securely and privately in conformance with federal laws such as Gramm-Leach-Bliley and HIPPA.
Network security challenges include going beyond perimeter-based security, bad behavior by authorized applications, SPAM, patching, content filtering, vulnerability analysis and application traffic management.
* Delivery of content (music, movies, TV, radio and interactive games);
* IP Network-enabled virtual enterprises, including work-at-home;
* E-commerce (retail, financial services, travel services and many transaction-oriented activities); and
* Messaging services such as e-mail and instant messaging.
Each model imposes its own unique security and performance requirements that influence economic success. Content delivery went nowhere until the RIAA (Recording Industry Association of America) was satisfied that the technology existed for secure content distribution. Network-enabled enterprise models are gaining favor now that IP traffic can be handled securely and privately in conformance with federal laws such as Gramm-Leach-Bliley and HIPPA.
Network security challenges include going beyond perimeter-based security, bad behavior by authorized applications, SPAM, patching, content filtering, vulnerability analysis and application traffic management.
Sunday, December 03, 2006
The coast is clear: security software lets you know who's on the network
Getting your Wi-Fi equipment set up for security isn't as troublesome as it once was, but it can still be a headache. That's where software like Interlink Networks' LucidLink (www.lucidlink.com) comes in, offering enterprise-strength security for small and midsize businesses.
Ease of use is a must, and LucidLink gets good marks in that area. The only major hardware requirement is a computer wired to your router to run the authentication server part of the package. That computer has to be on whenever you want to use the software, but it doesn't have to be dedicated to the task. A small client program is then installed and configured on each computer you want to connect to your wireless network. The administrator authorizes users and can keep track of who is accessing the network.
LucidLink supports automatic access-point configuration for some devices. For other devices, you might have to manually configure your access point or router following instructions available online. Check the website to see if your hardware is supported. LucidLink is free for three or fewer users. Otherwise, pricing starts at $549 for four to 10 users.
Ease of use is a must, and LucidLink gets good marks in that area. The only major hardware requirement is a computer wired to your router to run the authentication server part of the package. That computer has to be on whenever you want to use the software, but it doesn't have to be dedicated to the task. A small client program is then installed and configured on each computer you want to connect to your wireless network. The administrator authorizes users and can keep track of who is accessing the network.
LucidLink supports automatic access-point configuration for some devices. For other devices, you might have to manually configure your access point or router following instructions available online. Check the website to see if your hardware is supported. LucidLink is free for three or fewer users. Otherwise, pricing starts at $549 for four to 10 users.
Saturday, December 02, 2006
Intrusion Detector delivers open-source network security
Using proprietary Meta Traffic Processor, MTP-1G wire-speed Gigabit Ethernet Network Intrusion Detection and Prevention System supports open-source network security and monitoring applications. Cards pass Gigabit Ethernet traffic between system's 2 ports with 400 ns latency while performing wire-speed, stateful, packet inspection. When determining whether to capture or block packets, cards can apply up to 1,500 wire-speed stateful policies per packet.
Los Gatos, California - Metanetworks Technologies, Inc. (metanetworks.org), a leading provider of high-speed network security and monitoring hardware, announces its MTP-1G - the world's first wire-speed Gigabit Ethernet Network Intrusion Detection and Prevention System (IDPS) specifically designed to support open-source network security and monitoring applications. The MTP-1G uses Metanetworks' Meta Traffic Processor (MTP), a unique network processor that was partially developed using research grants from the National Science Foundation and the US Air Force Rome Laboratories. The MTP is specifically designed to exploit massive, fine-grain, instruction-level parallelism, which is intrinsic to IDPS processing loads. Livio Ricciulli, Metanetworks Technologies' chief scientist, states that, "our MTP cards offer the lowest IPS filtering latency in the world because of our breakthrough processing architecture."
Metanetworks' MTP-1G cards routinely pass Gigabit Ethernet traffic between its two ports with 400 ns latency while performing wire-speed, stateful, packet inspection. When determining whether to capture or block packets, the cards can apply up to 1500 wire-speed stateful policies per packet. When the MTP-1G captures packets, it presents them to the operating system as a standard NIC in promiscuous mode.
The MTP-1G cards support existing, open-source network security and monitoring applications. They accomplish this by specifying capture and filtering policies using public-domain IDS signatures or standard network monitoring libraries. Metanetworks' MTP technology also provides developers a rich API for creating custom network security and monitoring applications.
Because the MTP-1G cards interface with the host operating system as standard NICs, they can seamlessly run a variety of standard application software at much faster speeds. For example, open-source Snort IDS software can monitor a few hundred megabits of traffic with a standard NIC. With the MTP-1G card, Snort can monitor a full gigabit of traffic without modification. The MTP-1G cards are also compatible with other popular libpcap-based network monitoring applications such as tcpdump.
The University of California, Santa Cruz (UCSC) will present the impressive capabilities of the MTP-1G PCI cards at the upcoming North American Network Operators' Group (NANOG) Conference from January 30th to February 1st in Las Vegas, Nevada. UCSC integrated a Metanetworks MTP into one of its production networks and has confirmed that it greatly enhanced their existing IDS capabilities. "The MTP enables a whole range of open source security applications that were not possible before," says Paul Tartarsky, the UCSC consultant network security engineer in charge of integrating the MTP-1G. "As far as I can tell, the MTP has eliminated a huge roadblock to developing high performance IDPS applications at a low cost."
Los Gatos, California - Metanetworks Technologies, Inc. (metanetworks.org), a leading provider of high-speed network security and monitoring hardware, announces its MTP-1G - the world's first wire-speed Gigabit Ethernet Network Intrusion Detection and Prevention System (IDPS) specifically designed to support open-source network security and monitoring applications. The MTP-1G uses Metanetworks' Meta Traffic Processor (MTP), a unique network processor that was partially developed using research grants from the National Science Foundation and the US Air Force Rome Laboratories. The MTP is specifically designed to exploit massive, fine-grain, instruction-level parallelism, which is intrinsic to IDPS processing loads. Livio Ricciulli, Metanetworks Technologies' chief scientist, states that, "our MTP cards offer the lowest IPS filtering latency in the world because of our breakthrough processing architecture."
Metanetworks' MTP-1G cards routinely pass Gigabit Ethernet traffic between its two ports with 400 ns latency while performing wire-speed, stateful, packet inspection. When determining whether to capture or block packets, the cards can apply up to 1500 wire-speed stateful policies per packet. When the MTP-1G captures packets, it presents them to the operating system as a standard NIC in promiscuous mode.
The MTP-1G cards support existing, open-source network security and monitoring applications. They accomplish this by specifying capture and filtering policies using public-domain IDS signatures or standard network monitoring libraries. Metanetworks' MTP technology also provides developers a rich API for creating custom network security and monitoring applications.
Because the MTP-1G cards interface with the host operating system as standard NICs, they can seamlessly run a variety of standard application software at much faster speeds. For example, open-source Snort IDS software can monitor a few hundred megabits of traffic with a standard NIC. With the MTP-1G card, Snort can monitor a full gigabit of traffic without modification. The MTP-1G cards are also compatible with other popular libpcap-based network monitoring applications such as tcpdump.
The University of California, Santa Cruz (UCSC) will present the impressive capabilities of the MTP-1G PCI cards at the upcoming North American Network Operators' Group (NANOG) Conference from January 30th to February 1st in Las Vegas, Nevada. UCSC integrated a Metanetworks MTP into one of its production networks and has confirmed that it greatly enhanced their existing IDS capabilities. "The MTP enables a whole range of open source security applications that were not possible before," says Paul Tartarsky, the UCSC consultant network security engineer in charge of integrating the MTP-1G. "As far as I can tell, the MTP has eliminated a huge roadblock to developing high performance IDPS applications at a low cost."
Friday, December 01, 2006
Messaging System/Anti-Spam Service offer network security
FortiMail Secure Messaging Platform includes antivirus detection engine for virus and spyware protection and complete email scanning. It uses FortiGuard-Antispam, access policy filtering, content filtering, global and user black/white list filtering, and spam Real-time Blackhole List. FortiGuard-Antispam Service eliminates spam at network perimeter. It checks against known spammer IP addresses and email content with Universal Resource Identifier scanning.
Fortinet -- the confirmed market leader in Unified Threat Management and only provider of ASIC-accelerated, network-based antivirus firewall systems for real-time network protection -- today unveiled two powerful new additions to its network security solutions and services portfolio: FortiMail, a secure messaging system, and FortiGuard-Antispam, a managed antispam service. The FortiMail Secure Messaging Platform and FortiGuard-Antispam Service effectively layer antispam technology to offer antispam defense in-depth at the network perimeter and the mail server -- maximizing mail traffic performance by eliminating global spam at the network gateway, before it enters the corporate network.
Unwanted email or spam continues to present serious security challenges for enterprises and consumers alike. Increasingly, these messages contain spyware, grayware or other malicious attempts to adversely impact a customer's computing and networking resources. While many world governments have been writing legislation and enforcing penalties around spam creation and delivery, spam continues to be difficult to regulate and catch. Industry researchers suggest that 60 to 70 percent of all enterprise email is spam, and recent statistics suggest that a good portion of spam contains viruses or other types of attacks.
"As an industry leader in the design and manufacture of advanced semiconductors, we have many daily demands on our network and cannot sacrifice network performance due to spam, viruses or other unwanted network traffic," said Edward Huang, corporate IT infrastructure manager for Atmel. "Solutions such as Fortinet's network security platforms and FortiGuard-Antispam Service help to minimize unwanted and malicious network traffic, without network performance degradation or a lot of administrative overhead, which is essential for ensuring a productive business."
FortiMail Secure Messaging Platform
The FortiMail Secure Messaging Platform is a dedicated system based on Fortinet's award winning FortiOS technology and includes an antivirus detection engine for virus and spyware protection and complete email scanning. FortiMail uses advanced spam detection and filtering methods such as FortiGuard-Antispam, access policy filtering, content filtering, global and user black/white list filtering, spam Real-time Blackhole List (RBL), per user Bayesian filtering so that individual users can set their own profiles, heuristics filtering and denial-of-service.
The FortiMail-400 system is the first in a family of secure messaging platforms and is designed for medium to large enterprises and remote branch offices. Future FortiMail systems will be available to secure messaging for high-volume, mission-critical infrastructures such as large enterprises, universities and managed security service providers (MSSPs).
The FortiMail Secure Messaging Platform offers users three protective modes of operation:
-- Transparent mode: FortiMail platform is placed in front of the existing email server without any changes to the existing email topology to provide seamless integration into existing network environments.
-- Gateway mode: FortiMail platform is placed in front of the existing email server providing in-bound and out-bound email relay services, which allows for scanning of both in-bound and out-bound email messages.
-- Server mode: FortMail platform provides complete email server functionality in addition to antivirus and antispam functionality, which is ideal for medium sized companies and remote branch office locations.
FortiGuard-Antispam Service
FortiGuard-Antispam Service is a new fully managed service that helps companies of all sizes reduce the amount of spam by eliminating it at the network perimeter. Fortinet developed this service internally and optimized it for operation on Fortinet's FortiGate network security platforms and the new FortiMail system family. On either system deployment, FortiGuard-Antispam can significantly reduce the amount of unwanted and possibly malicious spam messages passing through corporate email servers.
Using Fortinet's "dual pass" scanning technology in either the FortiMail or FortiGate systems, the FortiGuard-Antispam Service checks against known spammer IP addresses and email content with Universal Resource Identifier (URI) scanning. URI scanning looks deep into each email message to scan for well-known spam content such as spam URL links. The pairing of this new service with Fortinet security systems will help increase spam detection rates, as spammers get more creative and use infected PCs to deliver spam.
Fortinet -- the confirmed market leader in Unified Threat Management and only provider of ASIC-accelerated, network-based antivirus firewall systems for real-time network protection -- today unveiled two powerful new additions to its network security solutions and services portfolio: FortiMail, a secure messaging system, and FortiGuard-Antispam, a managed antispam service. The FortiMail Secure Messaging Platform and FortiGuard-Antispam Service effectively layer antispam technology to offer antispam defense in-depth at the network perimeter and the mail server -- maximizing mail traffic performance by eliminating global spam at the network gateway, before it enters the corporate network.
Unwanted email or spam continues to present serious security challenges for enterprises and consumers alike. Increasingly, these messages contain spyware, grayware or other malicious attempts to adversely impact a customer's computing and networking resources. While many world governments have been writing legislation and enforcing penalties around spam creation and delivery, spam continues to be difficult to regulate and catch. Industry researchers suggest that 60 to 70 percent of all enterprise email is spam, and recent statistics suggest that a good portion of spam contains viruses or other types of attacks.
"As an industry leader in the design and manufacture of advanced semiconductors, we have many daily demands on our network and cannot sacrifice network performance due to spam, viruses or other unwanted network traffic," said Edward Huang, corporate IT infrastructure manager for Atmel. "Solutions such as Fortinet's network security platforms and FortiGuard-Antispam Service help to minimize unwanted and malicious network traffic, without network performance degradation or a lot of administrative overhead, which is essential for ensuring a productive business."
FortiMail Secure Messaging Platform
The FortiMail Secure Messaging Platform is a dedicated system based on Fortinet's award winning FortiOS technology and includes an antivirus detection engine for virus and spyware protection and complete email scanning. FortiMail uses advanced spam detection and filtering methods such as FortiGuard-Antispam, access policy filtering, content filtering, global and user black/white list filtering, spam Real-time Blackhole List (RBL), per user Bayesian filtering so that individual users can set their own profiles, heuristics filtering and denial-of-service.
The FortiMail-400 system is the first in a family of secure messaging platforms and is designed for medium to large enterprises and remote branch offices. Future FortiMail systems will be available to secure messaging for high-volume, mission-critical infrastructures such as large enterprises, universities and managed security service providers (MSSPs).
The FortiMail Secure Messaging Platform offers users three protective modes of operation:
-- Transparent mode: FortiMail platform is placed in front of the existing email server without any changes to the existing email topology to provide seamless integration into existing network environments.
-- Gateway mode: FortiMail platform is placed in front of the existing email server providing in-bound and out-bound email relay services, which allows for scanning of both in-bound and out-bound email messages.
-- Server mode: FortMail platform provides complete email server functionality in addition to antivirus and antispam functionality, which is ideal for medium sized companies and remote branch office locations.
FortiGuard-Antispam Service
FortiGuard-Antispam Service is a new fully managed service that helps companies of all sizes reduce the amount of spam by eliminating it at the network perimeter. Fortinet developed this service internally and optimized it for operation on Fortinet's FortiGate network security platforms and the new FortiMail system family. On either system deployment, FortiGuard-Antispam can significantly reduce the amount of unwanted and possibly malicious spam messages passing through corporate email servers.
Using Fortinet's "dual pass" scanning technology in either the FortiMail or FortiGate systems, the FortiGuard-Antispam Service checks against known spammer IP addresses and email content with Universal Resource Identifier (URI) scanning. URI scanning looks deep into each email message to scan for well-known spam content such as spam URL links. The pairing of this new service with Fortinet security systems will help increase spam detection rates, as spammers get more creative and use infected PCs to deliver spam.
Subscribe to:
Posts (Atom)