Clarity Technology has released Internet Sheriff, a secure content management solution that is designed to protect an organisation from viruses and spam.
The new product lets IT administrators manage a company's Internet access, protect all of the users on the network from online attacks and reduce the impact of spam.
A spokesperson for the company said that the Internet sheriff product helps to reduce the chance of infection and minimises the amount of time that needs to be spent on dealing with unwanted marketing messages.
Thursday, January 18, 2007
Network security sales top $1.1 billion in 2Q06
Worldwide network security appliance and software sales are up 2% to $1.1 billion between the first and second quarter of 2006, and is forecast to grow 30% between 2005 and 2009, when it will reach $5.1 billion, according to Infonetics Research's latest Network Security Appliances and Software report.
"It was a quiet quarter for the network security market once again, with most of the major players showing no or single-digit growth or small declines," said Jeff Wilson, principal analyst for network security at Infonetics Research. "Cisco had a down quarter overall, but posted gains in the secure router segment, which impacted their results in the price-banded appliance categories and in the intrusion detection and prevention categories. The market continues to commoditize as new vendors bring creative, affordable solutions to the table, driving costs down and competition up."
2Q06 Highlights
-- Cisco continues to lead in worldwide network security appliance and
software sales, with 36% of total revenue, a position they have more or
less maintained since 2002
-- For the first time, Juniper passes Check Point and is now in second
place for worldwide revenue at 10%
-- Check Point is now third for worldwide revenue at 9%
-- Integrated security appliances and software make up 85% of worldwide
network security revenue, IDS/IPS 15%
Infonetics' report provides worldwide and regional market size and forecasts and worldwide market share for integrated security appliances in 6 price categories, secure routers, SSL VPN gateways, VPN/firewall software, and host- and network-based IDS/IPS products.
Companies tracked include AEP, Array, Avaya, Aventail, Check Point, CipherOptics, Cisco, Citrix, CA, CyberGuard, D-Link, Enterasys, F5, Fortinet, Intel, Juniper, Lucent, McAfee, NETASQ, Netilla, Nokia, Nortel, Secure Computing, SonicWALL, Symantec, TippingPoint, WatchGuard, Whale, ZyXEL, and others.
"It was a quiet quarter for the network security market once again, with most of the major players showing no or single-digit growth or small declines," said Jeff Wilson, principal analyst for network security at Infonetics Research. "Cisco had a down quarter overall, but posted gains in the secure router segment, which impacted their results in the price-banded appliance categories and in the intrusion detection and prevention categories. The market continues to commoditize as new vendors bring creative, affordable solutions to the table, driving costs down and competition up."
2Q06 Highlights
-- Cisco continues to lead in worldwide network security appliance and
software sales, with 36% of total revenue, a position they have more or
less maintained since 2002
-- For the first time, Juniper passes Check Point and is now in second
place for worldwide revenue at 10%
-- Check Point is now third for worldwide revenue at 9%
-- Integrated security appliances and software make up 85% of worldwide
network security revenue, IDS/IPS 15%
Infonetics' report provides worldwide and regional market size and forecasts and worldwide market share for integrated security appliances in 6 price categories, secure routers, SSL VPN gateways, VPN/firewall software, and host- and network-based IDS/IPS products.
Companies tracked include AEP, Array, Avaya, Aventail, Check Point, CipherOptics, Cisco, Citrix, CA, CyberGuard, D-Link, Enterasys, F5, Fortinet, Intel, Juniper, Lucent, McAfee, NETASQ, Netilla, Nokia, Nortel, Secure Computing, SonicWALL, Symantec, TippingPoint, WatchGuard, Whale, ZyXEL, and others.
Tarari to Speak at the Linley Group's "Embedded Network Security Design" Seminar
Tarari Inc., the award-winning hardware acceleration company, today announced that its CTO and co-founder, Jeff Carmichael has been invited to present during The Linley Group's Security Seminar "Embedded Network Security Design" on September 21, 2006, at the DoubleTree Hotel in San Jose, California. Tarari will present case studies on how to accelerate industry leading security applications such as Anti-Virus from Kaspersky Lab, Anti-Spam from Mail-Filters.com Inc., and Intrusion Prevention (IPS) from Intoto Inc., with Tarari's multi-core Content Processing ASICs. Tarari's "Content Processor" products are ASICs, production boards, and embedded software components that are designed to snap into networking, appliance, blades, and server systems.
Developers can immediately start building their designs using Tarari's silicon since Tarari supports a standard API across all of its software and silicon products. Tarari's Development kits enable customers to immediately develop cost-effective, leading-edge systems with enhanced functionality, proven interoperability and improved time-to-market.
Together Tarari Content Processors provide a scalable and comprehensive content inspection solution with a common application programming interface (API) all the way from 10 Megabits per Second (Mbps) to 10 Gigabits per second (Gbps.)
Tarari's family of T9000 Content Processor ASICs features the ability to concurrently support virus, intrusion, spam and compliance signatures -- while sustaining high line rates and are ideally suited for applications such as Unified Threat Management (UTM) appliances, content-based routing (CBR) and switching, application firewalls and security gateways, web acceleration, application networking, content filtering, anti-virus, regulatory compliance, database interfaces, and digital media.
The Linley Group's Security Seminar is the only dedicated security event for networking OEMs to help system developers who are designing security into routers and other networking equipment. The seminar is targeted at system designers, OEMs, network-equipment vendors, service providers, security vendors, media and the financial community.
Developers can immediately start building their designs using Tarari's silicon since Tarari supports a standard API across all of its software and silicon products. Tarari's Development kits enable customers to immediately develop cost-effective, leading-edge systems with enhanced functionality, proven interoperability and improved time-to-market.
Together Tarari Content Processors provide a scalable and comprehensive content inspection solution with a common application programming interface (API) all the way from 10 Megabits per Second (Mbps) to 10 Gigabits per second (Gbps.)
Tarari's family of T9000 Content Processor ASICs features the ability to concurrently support virus, intrusion, spam and compliance signatures -- while sustaining high line rates and are ideally suited for applications such as Unified Threat Management (UTM) appliances, content-based routing (CBR) and switching, application firewalls and security gateways, web acceleration, application networking, content filtering, anti-virus, regulatory compliance, database interfaces, and digital media.
The Linley Group's Security Seminar is the only dedicated security event for networking OEMs to help system developers who are designing security into routers and other networking equipment. The seminar is targeted at system designers, OEMs, network-equipment vendors, service providers, security vendors, media and the financial community.
F5's BIG-IP® Global Traffic Manager Receives Prestigious Global Product Excellence Award - Customer Trust from Info Security Products Guide; F5 Produc
the global leader in Application Delivery Networking, today announced that BIG-IP(R) Global Traffic Manager (GTM) has won Info Security Products Guide's 2006 Global Product Excellence Award for Customer Trust. More than 18,000 end-users and prospective customers worldwide were invited to vote for the products they trust the most when it comes to protecting their digital resources, and BIG-IP GTM was proclaimed "Winner of Excellence in Disaster Recovery."
The Global Excellence Awards are given to products designated "ahead of the curve" for their features and capabilities. BIG-IP GTM transparently routes end user application requests to the best performing site according to data center and network conditions or business policies to ensure the highest possible availability. Unlike its competition, F5's BIG-IP GTM offers best-in-class management tools. Its unique design helps mitigate the effects of disasters, attacks, and application infrastructure failures, safeguarding against the loss of customer revenue, satisfaction, and productivity. The device's comprehensive health monitoring provides a holistic view into application and data center health from a centralized location.
"We believe this award represents F5's commitment to helping organizations meet their business continuity goals," said Erik Giesa, Vice President of Product Management and Product Marketing at F5. "BIG-IP Global Traffic Manager one-click failover process eliminates the errors and inefficiencies related to manual failover management while giving organizations a unified, cohesive framework to manage all their application services across multiple sites."
BIG-IP GTM is built on F5's unique TMOS architecture that provides enterprises with a holistic way to solve the challenges of keeping their business-critical applications up and running in the event of a disaster or even during routine maintenance without affecting performance or placing an additional burden on administration. F5 is the only vendor in the industry to provide organizations with a programmatic approach for traffic distribution. Using programmable iRules, organizations can implement customized global traffic distribution policies that are more in line with their business goals.
For more about BIG-IP GTM, please visit www.f5.com/products/bigip/gtm/index.html or view its listing as part of the Info Security Products Guide at
The Global Excellence Awards are given to products designated "ahead of the curve" for their features and capabilities. BIG-IP GTM transparently routes end user application requests to the best performing site according to data center and network conditions or business policies to ensure the highest possible availability. Unlike its competition, F5's BIG-IP GTM offers best-in-class management tools. Its unique design helps mitigate the effects of disasters, attacks, and application infrastructure failures, safeguarding against the loss of customer revenue, satisfaction, and productivity. The device's comprehensive health monitoring provides a holistic view into application and data center health from a centralized location.
"We believe this award represents F5's commitment to helping organizations meet their business continuity goals," said Erik Giesa, Vice President of Product Management and Product Marketing at F5. "BIG-IP Global Traffic Manager one-click failover process eliminates the errors and inefficiencies related to manual failover management while giving organizations a unified, cohesive framework to manage all their application services across multiple sites."
BIG-IP GTM is built on F5's unique TMOS architecture that provides enterprises with a holistic way to solve the challenges of keeping their business-critical applications up and running in the event of a disaster or even during routine maintenance without affecting performance or placing an additional burden on administration. F5 is the only vendor in the industry to provide organizations with a programmatic approach for traffic distribution. Using programmable iRules, organizations can implement customized global traffic distribution policies that are more in line with their business goals.
For more about BIG-IP GTM, please visit www.f5.com/products/bigip/gtm/index.html or view its listing as part of the Info Security Products Guide at
Tuesday, January 09, 2007
Info to Go
A powerful office productivity tool that can cut your business chores down to size, Scopeware Small and Medium Business Server is marketed under the label of knowledge management. Certainly, the product facilitates collaboration and sharing of digital assets, but its reach doesn't stop there.
Scopeware organizes, indexes, and structures information that often falls through the cracks of other business applications. All documents, e-mails, spreadsheets, databases, presentations, and graphics files related to a single topic can be found in a keyword search and presented in a graphical stream, complete with thumbnail views.
Do you need to see all memos, purchase orders, and service records related to a single customer? Want to view an individual department's budget history? Simply enter your search criteria, then click on a thumbnail to begin working with the data.
The default install, ideal for small businesses, takes under 10 minutes and requires only a basic knowledge of networks; you must configure users, group rights, and permissions separately. Larger organizations should opt to install the prodOnce installed, Scopeware indexes all files on your network, including metatag information. It creates a Superuser account for a master administrator who can assign administration rights to other users to administer individual departments or groups. Using simple menu selections, administrators write rules to establish security equivalencies and permissions, as well as control the flow of information. Users can also write their own rules and add files to the stream.
Any company that needs a tool to structure its digital assets through an easy-to-use, practical application can count on Scopeware to handle the job. The software is best suited for consultants, resellers, and other IT professionals looking for ways to enhance systems competitively.uct over a directory service to centralize administration.
Scopeware organizes, indexes, and structures information that often falls through the cracks of other business applications. All documents, e-mails, spreadsheets, databases, presentations, and graphics files related to a single topic can be found in a keyword search and presented in a graphical stream, complete with thumbnail views.
Do you need to see all memos, purchase orders, and service records related to a single customer? Want to view an individual department's budget history? Simply enter your search criteria, then click on a thumbnail to begin working with the data.
The default install, ideal for small businesses, takes under 10 minutes and requires only a basic knowledge of networks; you must configure users, group rights, and permissions separately. Larger organizations should opt to install the prodOnce installed, Scopeware indexes all files on your network, including metatag information. It creates a Superuser account for a master administrator who can assign administration rights to other users to administer individual departments or groups. Using simple menu selections, administrators write rules to establish security equivalencies and permissions, as well as control the flow of information. Users can also write their own rules and add files to the stream.
Any company that needs a tool to structure its digital assets through an easy-to-use, practical application can count on Scopeware to handle the job. The software is best suited for consultants, resellers, and other IT professionals looking for ways to enhance systems competitively.uct over a directory service to centralize administration.
Monday, January 08, 2007
GLESEC and Insightix Bring Enterprise and Small-to-Medium Size Organizations Alike with Real-Time Network Knowledge and Security Access Control
GLESEC announces the addition of Network Access Control (NAC) technology to its portfolio of stat-of-the-art security technologies. With the addition of unique offering from Insightix (www.insightix.com) that combines its agentless, real-time element discovery technology with network-wide access controls, GLESEC brings a complete solution that provides organizations with visibility and control over their computer networks.
GLESEC's model provides a turnkey solution combining technology with its professional deployment and on-going support or managed services. This is intended to provide GLESEC Members with a comprehensive solution to their needs for knowing all the elements of a network for inventory/asset management, help-desk and security with network access control. GLESEC Members can focus on the usefulness of the technology while GLESEC focuses on its delivery and operations.
Insightix NAC provides complete contextual IT infrastructure information to serve as the basis of a network access control policy. Insightix NAC constantly monitors the network to provide accurate IT infrastructure information and detect in real-time any new device that connects to the network. Based on the wealth of information discovered on all the IT assets and their associated properties, including element type, MAC address, IP address, operating system, open services, switch and connected switch port, patch information and more, IT professionals can easily baseline their networks and define an enforceable network access control policy. Any device that does not comply with the network access policy is denied connectivity as it attempts to attach itself to the network.
Unlike existing network access control solutions, Insightix NAC simplifies the implementation of network access controls. Insightix NAC does not require network changes, specialized software and hardware or extended deployment efforts. Using Insightix NAC, IT professionals can define and begin enforcing a network access control policy in less then two hours.
"We are very excited to partner with Insightix in a continuous effort to bring the best technologies to the market. GLESEC Member-clients in the US and internationally expect this as a value added service," says Sergio Heker, CEO of GLESEC.
About Insightix
Insightix develops the only complete, real-time and agentless network discovery and network access control solutions. Insightix's solutions provide comprehensive network coverage and deliver an immediate return-on-investment for IT operations, network security and regulation compliance. Insightix solutions are simple to install and overcome the technical limitations of existing solutions.
Insightix's investors include Quest Software (NASDAQ: QSFT), several technology veterans and Blumberg Capital. The company's advisory members include industry leaders from IBM, Computer Associates, Citrix, Check Point, RSA, Comverse, ECI Telecom and AudioCodes.
GLESEC's model provides a turnkey solution combining technology with its professional deployment and on-going support or managed services. This is intended to provide GLESEC Members with a comprehensive solution to their needs for knowing all the elements of a network for inventory/asset management, help-desk and security with network access control. GLESEC Members can focus on the usefulness of the technology while GLESEC focuses on its delivery and operations.
Insightix NAC provides complete contextual IT infrastructure information to serve as the basis of a network access control policy. Insightix NAC constantly monitors the network to provide accurate IT infrastructure information and detect in real-time any new device that connects to the network. Based on the wealth of information discovered on all the IT assets and their associated properties, including element type, MAC address, IP address, operating system, open services, switch and connected switch port, patch information and more, IT professionals can easily baseline their networks and define an enforceable network access control policy. Any device that does not comply with the network access policy is denied connectivity as it attempts to attach itself to the network.
Unlike existing network access control solutions, Insightix NAC simplifies the implementation of network access controls. Insightix NAC does not require network changes, specialized software and hardware or extended deployment efforts. Using Insightix NAC, IT professionals can define and begin enforcing a network access control policy in less then two hours.
"We are very excited to partner with Insightix in a continuous effort to bring the best technologies to the market. GLESEC Member-clients in the US and internationally expect this as a value added service," says Sergio Heker, CEO of GLESEC.
About Insightix
Insightix develops the only complete, real-time and agentless network discovery and network access control solutions. Insightix's solutions provide comprehensive network coverage and deliver an immediate return-on-investment for IT operations, network security and regulation compliance. Insightix solutions are simple to install and overcome the technical limitations of existing solutions.
Insightix's investors include Quest Software (NASDAQ: QSFT), several technology veterans and Blumberg Capital. The company's advisory members include industry leaders from IBM, Computer Associates, Citrix, Check Point, RSA, Comverse, ECI Telecom and AudioCodes.
Sunday, January 07, 2007
New Infoblox Network Services for VoIP Solution Dramatically Increases IP Phone System Reliability, Security and Manageability
Infoblox Inc., a developer of essential infrastructure for identity-driven networks (IDNs), today announced availability of the new Infoblox Network Services for VoIP package, which delivers highly reliable, secure and easy-to-deploy IP address assignment and management (DHCP/IPAM), file transfer (TFTP/HTTP), and network time (NTP) services -- all essential for the operation of an IP phone system.
By eliminating key problems that typically arise in IP telephony deployments and operations, the Infoblox solution -- ideal for mid-to-large distributed enterprise customers -- provides benefits to end users, integrators and VoIP equipment vendors while adding less than 5 percent to the IP phone system cost. It reduces IP phone system implementation effort, operational cost, downtime and security risk for end users. And, it greatly enhances effectiveness -- and profitability -- for VoIP system integrators by differentiating their offerings and enabling faster, easier deployments.
"Many organizations are choosing to implement IP phone systems based on the expectation of cost savings compared to traditional phone systems," said Jon Oltsik, senior analyst, Enterprise Strategy Group. "Unfortunately, many of the cost savings and supposed operational benefits of implementing VoIP are often compromised because customers underestimate the demands that IP telephony will place on their existing systems and personnel that supply and manage network identity services supporting the VoIP application. Enterprises and their VoIP integration partners can benefit greatly from upgrading these key systems as a part of their VoIP rollout."
Infoblox Network Services for VoIP Package
Infoblox appliances with the new Network Services for VoIP package deliver integrated, nonstop DHCP, IPAM, TFTP/HTTP, NTP and RADIUS proxy services. The hardened appliance design delivers these services with higher security and reliability and easier management than the traditional approach -- typically software deployed on general-purpose servers.
Further, the Network Services for VoIP package includes the Infoblox Keystone upgrade that links a group of distributed appliances into a unified, resilient ID grid. This enables customers to centrally manage all appliances and services and automates time-intensive tasks such as distributing IP phone firmware images to TFTP or HTTP servers at remote sites. For example, phone firmware files can be loaded once into a grid master device and automatically distributed to member appliances in each remote location one time over the WAN link. This reduces the need to deploy white-box servers and manage disparate software and operating systems at remote sites. It also greatly increases operational efficiency for firmware upgrades, which may be triggered every time a phone reboots and may also be required to address security vulnerabilities or add new features to phones.
The Network Services for VoIP package also provides diagnostic and troubleshooting capabilities that are especially useful for supporting VoIP deployments at remote sites that may be too small to staff with dedicated IT personnel. For example, file download attempt logging and correlation allows easy identification of failed or missing phone configuration downloads. The solution also provides extensive high-availability services that ensure local survivability and redundancy for enterprise-wide "dial-tone" like VoIP system reliability.
By eliminating key problems that typically arise in IP telephony deployments and operations, the Infoblox solution -- ideal for mid-to-large distributed enterprise customers -- provides benefits to end users, integrators and VoIP equipment vendors while adding less than 5 percent to the IP phone system cost. It reduces IP phone system implementation effort, operational cost, downtime and security risk for end users. And, it greatly enhances effectiveness -- and profitability -- for VoIP system integrators by differentiating their offerings and enabling faster, easier deployments.
"Many organizations are choosing to implement IP phone systems based on the expectation of cost savings compared to traditional phone systems," said Jon Oltsik, senior analyst, Enterprise Strategy Group. "Unfortunately, many of the cost savings and supposed operational benefits of implementing VoIP are often compromised because customers underestimate the demands that IP telephony will place on their existing systems and personnel that supply and manage network identity services supporting the VoIP application. Enterprises and their VoIP integration partners can benefit greatly from upgrading these key systems as a part of their VoIP rollout."
Infoblox Network Services for VoIP Package
Infoblox appliances with the new Network Services for VoIP package deliver integrated, nonstop DHCP, IPAM, TFTP/HTTP, NTP and RADIUS proxy services. The hardened appliance design delivers these services with higher security and reliability and easier management than the traditional approach -- typically software deployed on general-purpose servers.
Further, the Network Services for VoIP package includes the Infoblox Keystone upgrade that links a group of distributed appliances into a unified, resilient ID grid. This enables customers to centrally manage all appliances and services and automates time-intensive tasks such as distributing IP phone firmware images to TFTP or HTTP servers at remote sites. For example, phone firmware files can be loaded once into a grid master device and automatically distributed to member appliances in each remote location one time over the WAN link. This reduces the need to deploy white-box servers and manage disparate software and operating systems at remote sites. It also greatly increases operational efficiency for firmware upgrades, which may be triggered every time a phone reboots and may also be required to address security vulnerabilities or add new features to phones.
The Network Services for VoIP package also provides diagnostic and troubleshooting capabilities that are especially useful for supporting VoIP deployments at remote sites that may be too small to staff with dedicated IT personnel. For example, file download attempt logging and correlation allows easy identification of failed or missing phone configuration downloads. The solution also provides extensive high-availability services that ensure local survivability and redundancy for enterprise-wide "dial-tone" like VoIP system reliability.
Saturday, January 06, 2007
Cisco Systems delivers NAC Appliance 4.0
Cisco Systems Inc (NASDAQ:CSCO), a provider of networking for the Internet, announced on Monday (10 July) the delivery of NAC Appliance 4.0, the latest edition of the company's Network Admission Control solution.
According to the company, the NAC Appliance 4.0 provides policy enforcement at network entry points throughout the enterprise, featuring policy enforcement capabilities for protecting local-area networks (LANs) as well as remote office, VPN, and wireless access points.
The solution is reportedly based on Cisco NAC's four basic elements - authentication/posture assessment, policy enforcement, quarantine/remediation, and centralized management. At each entry point, Cisco's NAC Appliance 4.0 identifies all users and networked devices, from employees, contractors, and guests to end points with various operating systems, PDAs, printers, and IP phones. The NAC Appliance assesses their role in accessing the network, verifies their compliance with corporate security policies, and grants appropriate network privileges, the company claims.
According to the company, the NAC Appliance 4.0 provides policy enforcement at network entry points throughout the enterprise, featuring policy enforcement capabilities for protecting local-area networks (LANs) as well as remote office, VPN, and wireless access points.
The solution is reportedly based on Cisco NAC's four basic elements - authentication/posture assessment, policy enforcement, quarantine/remediation, and centralized management. At each entry point, Cisco's NAC Appliance 4.0 identifies all users and networked devices, from employees, contractors, and guests to end points with various operating systems, PDAs, printers, and IP phones. The NAC Appliance assesses their role in accessing the network, verifies their compliance with corporate security policies, and grants appropriate network privileges, the company claims.
Friday, January 05, 2007
Crisp Thinking introduces Child Protection Gateway for ISPs
A system designed to provide Internet protection for children at the network layer has been introduced by Crisp Thinking Limited, a UK company developing solutions for the ISP marketplace to meet the needs of children, teenagers and parents.
According to Crisp Thinking, the Child Protection Gateway (CPG) enables parents to monitor all Internet traffic in the home and is intended to be installed by ISPs. It said the CPG provides protection at the network layer and claimed it is the first system which cannot be circumvented, resolving the problems presented by PC-based software.
The CPG is available to the entire family, does not need to be installed by the parent, and authenticates every user, recording all traffic including logging for instant messenger services such as AOL, ICQ, MSN and Yahoo. It enables parents to be alerted by text or e-mail when their child enters what might be a dangerous conversation.
The CPG provides a web-based control panel for each customer, enabling parents to set protection levels and view activity for each member of the family, and rates content and alerts for each session. It also offers a 'Dual Key' approach for older children, helping to protect the privacy of the child, and allowing actual content to be viewed by parents only after their child has consented.
According to Crisp Thinking, the Child Protection Gateway (CPG) enables parents to monitor all Internet traffic in the home and is intended to be installed by ISPs. It said the CPG provides protection at the network layer and claimed it is the first system which cannot be circumvented, resolving the problems presented by PC-based software.
The CPG is available to the entire family, does not need to be installed by the parent, and authenticates every user, recording all traffic including logging for instant messenger services such as AOL, ICQ, MSN and Yahoo. It enables parents to be alerted by text or e-mail when their child enters what might be a dangerous conversation.
The CPG provides a web-based control panel for each customer, enabling parents to set protection levels and view activity for each member of the family, and rates content and alerts for each session. It also offers a 'Dual Key' approach for older children, helping to protect the privacy of the child, and allowing actual content to be viewed by parents only after their child has consented.
Thursday, January 04, 2007
Encryption Issues: Moving Toward Higher Performance Network Security Subsystems - Industry Trend or Event
The Internet is an inherently insecure medium. Sensitive data must be encrypted before being dispatched, meaning that all Virtual Private Network (VPN) traffic must be encrypted before it is transmitted. This is particularly important for e-commerce involving credit card numbers, bank statements, corporate proprietary records, and other sensitive data.
The growing popularity of e-commerce and VPNs is making cryptographic security a critical gateway feature. But at the same time, it is creating a major gateway bottleneck. Internet gateways handle enormous volumes of traffic from many simultaneous sessions. Computational demands of security are greater compared to other gateway tasks. Consequently, as secure sessions become more common, the usual gateway architecture is increasingly less suitable.
Security functions are overly burdensome largely due to the nature of algorithms employed and the fact every byte in a packet must be processed. Most other gateway tasks only operate on packet headers. Cryptography works on the premise that an encrypted message is virtually impossible to decode by an unauthorized user, but is merely difficult to the authorized user. The algorithms used to implement security, encryption, compression, and authentication can be performed in software, which is ideal for systems handling small numbers of connections.
The growing popularity of e-commerce and VPNs is making cryptographic security a critical gateway feature. But at the same time, it is creating a major gateway bottleneck. Internet gateways handle enormous volumes of traffic from many simultaneous sessions. Computational demands of security are greater compared to other gateway tasks. Consequently, as secure sessions become more common, the usual gateway architecture is increasingly less suitable.
Security functions are overly burdensome largely due to the nature of algorithms employed and the fact every byte in a packet must be processed. Most other gateway tasks only operate on packet headers. Cryptography works on the premise that an encrypted message is virtually impossible to decode by an unauthorized user, but is merely difficult to the authorized user. The algorithms used to implement security, encryption, compression, and authentication can be performed in software, which is ideal for systems handling small numbers of connections.
Wednesday, January 03, 2007
Network keeps students mobile: University of Georgia project uses authentication servers for security
Networked computers have become as much a part of the university experience as desks and chalkboards, and wireless network access is one of the ways universities keep score of who is best serving the needs of faculty and students. In this environment, the University of Georgia's PAWS Project (Personal Access Wireless/ Walkup System) is a major step toward keeping UGA, with its 33,000 student body, at the forefront of major institutions of higher learning.
The PAWS Project began as a single-site experiment that has grown to encompass the majority of more than 420 access points scattered across the university's Athens, Ga., campus. As the project grew from experiment to deployed infrastructure, administrators realized that several key user interface and security considerations had become requirements.
Security was key, as administrators wanted to be sure that network users were legitimate students and faculty who could authenticate their log-in names against a central database. A consistent user interface was a secondary consideration, as administrators knew that they could not so inconvenience users that they sought ways to circumvent the secure installation.
The PAWS Project began as a single-site experiment that has grown to encompass the majority of more than 420 access points scattered across the university's Athens, Ga., campus. As the project grew from experiment to deployed infrastructure, administrators realized that several key user interface and security considerations had become requirements.
Security was key, as administrators wanted to be sure that network users were legitimate students and faculty who could authenticate their log-in names against a central database. A consistent user interface was a secondary consideration, as administrators knew that they could not so inconvenience users that they sought ways to circumvent the secure installation.
Tuesday, January 02, 2007
Official Rules For The Ziff Davis Media eWEEK Network Security Survey Sweepstakes
Official Rules For The Ziff Davis Media eWEEK Network Security Survey Sweepstakes ELIGIBILITY: Employees, officers, and directors of Ziff Davis Media, Inc., SurveyMonkey.com LLC, their subsidiaries and affiliated companies (collectively "Sponsors"), their immediate families and those living in their households, are not eligible. Employees and principals of the agencies of the Sponsors, their immediate families and those living in their households, are not eligible. Void where prohibited by law and subject to all applicable federal, state and local laws. NO PURCHASE NECESSARY: To enter the Sweepstakes, accept the invitation posted in a Ziff Davis Media publication newsletter to participate in a survey. Completion of the survey will automatically enter you in the Sweepstakes. The registration instructions that are a part of the survey will request you to submit your name, and e-mail address (if you have one) in order to be eligible to receive a prize. Participation in the survey is the only means of entering the Sweepstakes online. You may also enter the Sweepstakes by printing your name, address, daytime telephone number, e-mail address (if you have one) and the name of the Sweepstakes, Ziff Davis Media eWEEK Network Security Survey Sweepstakes, on a 3 x 5 card and mailing it to: Ziff Davis Media, Inc. Attention: Sweepstakes Department, Research Group, 28 East 28th Street, New York, NY 10016. The Ziff Davis Media eWEEK Network Sercurity Survey Sweepstakes begins at 12:00 a.m. Eastern Time (United States) on July 7, 2004 and ends at 11:59 p.m. Eastern Time (United States) on July 28, 2004. Online entries must be received by 11:59 p.m. Eastern Time (United States) on July 28, 2004. Mail-in entries must be postmarked between July 7, 2004 and July 28, 2004, and must be received by August 1, 2004. Only one (1) entry per person per household address is permitted. All entries become the exclusive property of the Sponsors and will not be acknowledged or returned. Sponsors and their agencies shall not be liable for (a) late, lost, damaged, incomplete, illegible, unintelligible, or postage-due entries; (b) telephone, electronic, program, network, Internet, or computer failures of any kind; or (c) failed, incomplete, garbled, unintelligible, or delayed computer messages. PRIZES: One Grand Prize winner will receive a $300 gift check payable in U.S. funds. No substitution or transfer of prizes is permitted by the winners. Sponsors reserve the right to substitute a prize of equal or greater value. Winners are responsible for payment of all federal, state or other tax liabilities (including income taxes) on any prize received, and must furnish Sponsors with his/her social security number. PRIZE DRAWING: The winner of the Ziff Davis Media eWEEK Network Security Survey Sweepstakes will be determined by a random drawing conducted by Ziff Davis Media, Inc. on or about August 1, 2004. The winner will be announced on or about August 5, 2004, and the winner will be notified by e-mail or by phone on or about the same date. The winner will have fourteen (14) days from notification to accept the prize by e-mail or by phone. Sponsors and their agencies shall not be liable for unsuccessful efforts to notify a winner. If a winner does not respond to notification of winner status within fourteen (14) days from notification, or if the winner does not meet qualification criteria, Sponsors reserve the right to select an alternate winner. In the event of a dispute regarding the identify of a person submitting an on-line entry, the entry will be deemed to be submitted by the Authorized Account Holder of the e-mail address at the time of entry. "Authorized Account Holder" is defined as the natural person who is assigned the e-mail address by an Internet access provider, on-line service provider, or other organization (e.g., business, educational institution, etc.) that is responsible for assigning e-mail addresses for the domain associated with the submitted e-mail address.
Monday, January 01, 2007
Yahoo and Symantec unveil joint consumer Internet security service
A joint consumer Internet security service has been unveiled by Internet company Yahoo Inc and security solutions company Symantec Corp.
The two companies will offer the Norton Internet Security product from Symantec to Yahoo's customers, while Symantec will gain access to the customers using Yahoo services. The agreement is expected to help the companies compete against competitors such as software company Microsoft Corp and Internet search engine Google Inc.
The co-branded Norton Internet Security product will be marketed by Yahoo and Symantec through the Yahoo network, which incorporates online services such as Yahoo Search, Yahoo Mail and Yahoo Toolbar. Symantec will offer its anti-virus and online firewall protection on Yahoo's Online Protection for broadband users and provide Norton Spyware scan for the Yahoo Toolbar.
Yahoo customers can sign up for a free 30 day trial of Norton Internet Security, which blocks viruses, spam and adware, and then purchase a USD49.99 12 month subscription, which includes a USD20 discount for Yahoo users.
The two companies will offer the Norton Internet Security product from Symantec to Yahoo's customers, while Symantec will gain access to the customers using Yahoo services. The agreement is expected to help the companies compete against competitors such as software company Microsoft Corp and Internet search engine Google Inc.
The co-branded Norton Internet Security product will be marketed by Yahoo and Symantec through the Yahoo network, which incorporates online services such as Yahoo Search, Yahoo Mail and Yahoo Toolbar. Symantec will offer its anti-virus and online firewall protection on Yahoo's Online Protection for broadband users and provide Norton Spyware scan for the Yahoo Toolbar.
Yahoo customers can sign up for a free 30 day trial of Norton Internet Security, which blocks viruses, spam and adware, and then purchase a USD49.99 12 month subscription, which includes a USD20 discount for Yahoo users.
Subscribe to:
Posts (Atom)