Wednesday, October 31, 2007
Protect Your Windows Network: From Perimeter to Data Book Review
by Jesper M. Johansson and Steve Riley
Addison-Wesley Microsoft Technology Series (2005)
As the title should tell you, this is an unabashedly Windows-oriented book. It's no surprise, considering the authors are both employees of Microsoft. Jesper Johansson is the Senior Program Manager for Security Policy, and Steve Riley is the Senior Program Manager in the Security Business and Technology unit. Both authors are extremely knowledgeable, and participate in speaking engagements around the world on a regular basis.
Microsoft-centric view aside, I deal primarily with Windows-based networks, so I found this book to be extremely informative in my security continuing education. The authors attempt to cover a great deal of ground, so by necessity, some areas are covered in more depth than others. The areas covered are divided into 6 parts: "Introduction and Fundamentals," "Policies, Procedures, and User Awareness," "Physical and Perimeter Security: The First Line of Defense," Protecting Your Network Inside the Perimeter," "Protecting Hosts," and "Protecting Applications."
The book is filled with practical, common sense analysis of security, both with respect to genuinely securing systems, and avoiding practices of "Security Theater." Each chapter ends with a section entitled "What You Should Do Today," reinforcing the action items suggested throughout the chapter. The book also includes a CD containing a few helpful tools. These include a password generator, a HOSTS file that blocks known spyware sites, and a script to revoke SQL Server PUBLIC permissions.
The writing style is at times humorous, and very down-to-earth. This book is valuable both as a casual read, and a comprehensive reference for securing networks. I highly recommend it to anyone in the Information Security field, as well as anyone looking for a place to start educating themselves about network security.
Current Internet Network Security Policies Are Nonsense!
Gary suggests that the use of external consultants for the entire internet network security policy framework is not a great idea since the external consultants will find it difficult to grasp the intricacies and business drivers for the network security decisions.
Also, in terms of implementation, the internet network security policy should be disseminated to each and every employee of the company through seminars , handouts and quizzes rather than an innocuous email that no one reads.
The network security policy should capture the latest trends in the network security industry rather than playing catch up. One of the network security aspects that Internet network security policy makers should be worried about now is access to corporate data through a Blackberry or a mobile phone.
New ways of accessing internet cause internet security policy nightmares for CIOs. For example, most companies allow employees to access the corporate intranet mails thru Blackberrys. Also, some companies allow VPN access to the entire corporate intranet. All this is usually actually in violation of the existing corporate internet security policy which has to be rewritten.
In conclusion, internet network security policy implementors should focus on internal buy in among employees and proper dissemination to the entire IT work force,including contractors.This will ensure that the internet network security policy doesnt end up as a useless binder in your boss's cabin!
Monday, October 29, 2007
Computer Security Training
As all other IT programs, computer security training programs also start with foundation classes. Fundamental programs offer students a comprehensive knowledge about the tools and techniques to manage risks, and to detect and prevent computer attacks. Some of the major concepts discussed are hackers, software piracy, viruses, identity theft, stalking and credit card fraud. Students learn the latest technologies for protecting systems such as securing the operating systems, audit techniques, identification and authentication, cryptography and other network security mechanisms. The security training also encompasses sessions in threat assessment, incident investigation, system security administration, risk management and online security testing. Those who look for a career in computer security technology development get advanced training in system security engineering, software design, development and testing, secure operating system design, and design and application of network security techniques.
A computer security professional has a good idea about the planning, co-ordination and implementation of security techniques to protect computers from illegal attacks. They are also trained in educating users on computer security, monitoring the network for security breaches, installing safety software and taking instant action against cyber attacks.
Online computer security training is a new trend that teaches the latest technologies to save computers from online attacks. Online certificate and degree programs are available. Recognized online training programs help to attain credentials in security training. These valuable skills are useful for marketing yourself to computer security firms.
Network Performance Management - The 6 Pillars Of Network Management System
In order to understand network management better, we have to look at the ISO (International Organization for Standardization) which looks at security management, fault management, configuration management, accounting management and performance management.
Security Management
Security Management looks at alerting the personnel when resources are accessed. An example would be emailing or calling the network personnel that a resource is down and needed his attention or sending messages when certain files is accessed.
Fault Management
Fault Management is to log, find, and alert the network personnel of problems that will effect the systems operations.
Configuration Management Configuration Management is to identify effects on network's operation after tracking the software plus the hardware on the network.
Accounting Management
This is to watch and determine the usage of information or resources for billing purposes. A typical company such as a mobile company or internet service provider would need these features in their business operations to bill their customer.
Performance Management
Monitoring, assessing, and adjusting the available bandwidth and network resource usage are tasks that are performed by network personnel as part of performance management system. This is to make the network run more efficiently.
In order to have a good network management system, the 6 pillars of network management need to be implemented by the network personnel in their companies.
Thursday, October 25, 2007
Your Guide to Cisco Certification Success
Network security is one of the most crucial parts of being an Information Technology expert. The network administrator should be capable of implementing and maintaining security solutions in a networking system. A network security professional is one who develops business solutions, and one who monitors, designs and implements network security from all levels. Among the wide array world-recognized technical certifications issued by Cisco Systems, Incorporated is the professional and expert level of security certification. First, there is Cisco Certified Security Professional or the CCSP. A CCSP certified individual has an advanced knowledge when it comes to the technology implemented and the Cisco products used to provide security solutions on networks from all levels.
To be a Cisco Certified Security Professional, an IT professional should first pass either the Cisco Certified Network Professional (CCNP), or the Cisco Certified Internetwork Professional (CCIP) certification examination. Next, there is the highest level of security certifications issued by Cisco which is the expert level. This is called the Cisco Certified Internetwork Expert. For this expert level of certification issued by Cisco, an IT professional can take an examination for different fields of specialization such as routing and switching, security, service provider, voice technology and storage networking.
"The Cisco Security Examination"
To obtain a CCSP or a CCIE Security certification, an IT professional needs to undergo a written and a laboratory examination. The Security written exam is made up of multiple choice questions about security protocols, application protocols, general networking, security technologies, Cisco security applications, network security in general and general Cisco security information.
To have a CCSP certification, a candidate must pass a two-hour qualifying examination. The aforementioned topics are covered, which will mainly include networking concepts as well as equipment commands. Once the candidate passes the written Cisco Security exam, that is when the candidate will be eligible to take the lab exam. After the candidate has passed the two hour written qualifying exam, the next step is to undergo the CCIE security laboratory examination. The exam has an eight-hour duration and the main purpose is to test the candidate’s ability to get a secure network running at a particular time.
Prior to taking the Cisco security examination, either for the professional or the expert level, a candidate should undergo several security trainings. This includes the Cisco security training as well as the Cisco Secure SAFE Implementation. The Cisco Secure SAFE Implementation is laboratory intensive, which will help a candidate successfully pass the laboratory part of the Cisco Security examination. Be it an examination for the professional or expert level of the Cisco Security certification examination, a candidate needs enough preparation to pass the written and laboratory tests. This way, the IT professional will have sufficient knowledge about the specific Cisco security protocols and components, to protect the entire network.
MCSE Certification Tests
The exams under MCSE on Microsoft 2000 are Exam 70-217, about Implementing and administering a Microsoft Windows 2000 Directory Services Infrastructure, exam 70-216, implementing and administering a Microsoft Windows 2000 network infrastructure, exam 70-219, designing a Microsoft Windows 2000 directory Services Infrastructure, exam 70-221, designing a Microsoft Windows 2000 Network Infrastructure, and exam 70-220 for designing Security for a Microsoft Windows 2000 Network.
The subjects offered under the exam 70-216 are implementing, administering of files and folders, advanced files and folders management, hardware configuration and optimization, events and backup, recovery and installation. Other subjects such as implementing an active directory installation, replication and DNS, installation and configuration, and security and optimization come under exam 70-217. Directory services infrastructure and security are part of exam-70-219. IP routing, security addressing and naming services come under exam-70-216. Exam 70-220 verifies the candidate's knowledge about security design, communication, network services, PKI and security solution.
Exams for MCSE on Microsoft server 2003 are, exam 70-270, on installing, configuring, and administering Microsoft Windows XP Professional, exam 70-2902 verifies the knowledge of managing and maintaining a Microsoft Windows Server 2003 environment, Exam 70-2912, for Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Exam 70-293 for Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Exam 70-294 for Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 active directory Infrastructure, exam 70-298 has subjects such as Designing Security for a Microsoft Windows Server 2003 Network, exam 70-299, Implementing and Administering Security in a Microsoft Windows Server 2003 network, exam 70-227 is on Installing, configuring, and administering Microsoft Internet Security and Acceleration (ISA) Server 2000, Enterprise Edition, Exam 70-350, Implementing Microsoft Internet Security and Acceleration (ISA) Server 2004.
Wednesday, October 24, 2007
The Benefits of Internet Security on the Education Front
A college education is mandatory in today’s job market. Because of this, many workers find themselves pursuing a higher education while they are employed. One way colleges are making access to education more convenient for workers is by offering a wide range of their curriculum via online courses. This growing trend brings with it all the advantages and disadvantages associated with Internet connectivity.
One of the main advantages to students is easy access to their coursework at all hours of the day and night. In fact, online classes can usually accommodate any work schedule. The ease of communication with the instructor is another reason online courses are so popular. Still another important advantage is that online courses can be accessed easily from any public commuter with an Internet connection, like those you might find at universities or in public libraries.
Colleges and universities support this trend toward online classes because they can attract more students and increase revenue without incurring the overhead associated with a classroom full of students.
However, as with any trend, there is a downside to this rapid increase in online education. Chief among the challenges institutions face is the need to defend against Internet-based threats. These threats are inherent in Web access and include instant messaging and peer-to-peer file sharing, spyware and phishing attacks, a wide-range of objectionable Web content and human nature itself.
MySpace.com
Examples of human corruption as a source of Internet-based threats are everywhere. The Internet is rife with everything from the criminality of hacking and phishing attacks to the irritation of surreptitious spyware agents. The most dangerous threat is from predators who often target young people, the very ones who are likely using computers at schools and libraries. In a recent scandal involving MySpace.com, a predator was tracking the movements of teenaged girls via their myspace.com postings. Predators on the Internet have been present since the beginning of Internet technology. They fish in chat rooms, message boards and e-mail. Even if the unsuspecting public is aware of the dangers posed by predators, the need for Internet security is essential in any strategy for defending against Web-based threats. This becomes even more critical when an educational site is vulnerable to attack.
Colleges provide their own websites, message boards, blogs and email addresses. When a phisher or hacker or a predator with hacking skills is able to breach the unsecured network of a college, it leaves more than just intellectual property open for perusal. And if external threats to the students and the network were not enough, a system administrator at a college also has to deal with the actions of the students as well.
The Hazards of Downloading
Computer access in the college library is very common even on the smallest of community college campuses. Students unaware of security threats can easily surf a number of questionable websites, downloading objectionable material and leaving a network vulnerable by visiting a chat room or opening an instant message with a skillful hacker on the other end.
Through any of these means an unprotected network can be at risk for backdoor programs, viruses and hackers. Defending against these threats is important for network security, student safety and the college’s reputation. An unsecured network is easy prey for an experienced hacker and the last thing a college can afford is to have a student’s personal information or worse, financial information compromised.
Reputation and Integrity
Colleges rely on their reputations and integrity to distinguish their institutions in a crowded field. Their reputation is comprised of many elements including student success rates and faculty expertise. The integrity of a college’s network security can directly impact student enrollment because any decline in a school’s good reputation can spread like wildfire. Schools with diminished reputations can see enrollment fall off as parents and students alike find other schools with better reputations.
This situation doesn’t just affect colleges, it also applies to local schools and school districts where networks, computers in classroom and wireless connections are becoming more common. Even more compelling, protecting young children is more critical for schools than even their reputations.
Utilizing proper filtering hardware and software can protect the integrity of the educational institution as well as their security and by extension, the security of the students. Filtering hardware can prevent students from accessing unsafe websites or questionable ones. It can prevent downloading of materials, backdoor programs and worms.
The Obvious Solution
With the use of filtering hardware, schools can protect ports into their network exploited by instant messaging programs and more. When it comes right down to it, educational institutions are negligent if they do not employ the right network security. With so many potential problems waiting to prey on the unsuspecting and unsecured network, filtering hardware is the obvious answer.
Wireless Network Security: How to Use Kismet
First you need to proceed to remote-exploit.org and download and burn their Auditor CD. (IF you don’t know how to burn an ISO image, go to Google). This version of Linux doesn’t install or modify your hard drive; it will boot from the CD and use a Ram Drive (On your Memory).
Auditor is not only a great tool for testing wireless network security with kismet but it also has many other computer security tools on it as well.
Client Window
Next, to start Kismet proceed to the Linux version of the start menu, and press Auditor. Now proceed to the wireless /scanning/kismet tools/kismet.
Once you click on Kismet it will ask you for a default location to place the Kismet log files for analyzing later, just press the desktop or temp file.
Now I will show you how to use Kismet. When kismet initially opens you will see a greenish box with numbers and network names (If any are near you) clicking away don’t be overwhelmed. (Also I can’t show you how to use kismet if you don’t have the correct wireless adapter, get an ORINICO Gold Classic Card off EBAY.) The Orninco gold classic card will be automaticly detected by auditor linux.
The Kismet columns will show the wireless networks SSID (Name), Type of device (Access point, gateway) Encryption or no Encryption, an IP range and number of packets. Kismet will pick up hidden networks with SSID broadcast Disabled also, Netstumbler will not.
Now Press H, to bring up the Help Menu. This will give the nuts and bolts on how to use kismet. If you tab down to the network you are auditing and press “C”, Kismet will show you all the computers that are using that wireless access point / gateway. This Kismet screen will show you the clients MAC address, Manufacture of Wireless Adapter, IP address range and traffic.
Kismet: Help Menue
Now to get out of that screen press “Q”. Tab Down on the Main Kismet Screen to another SSID and press “I”. This Kismet window will show detailed information about the wireless network. The Kismet detail screen will show the type of network (Infrastructrure / Adhoc), signal strength, channel, encryption type, and much more.
Kismet will also give you sound alerts when new wireless networks are discovered or security alerts or suspicious clients are in range. Suspicious clients would be people like you who are using Kismet or Networkstumbler. Unlike you these could be Wardrivers looking for venerable networks to hack into.
Kismet Alert Page
You can prevent War drivers from discovering your wireless network by performing a proper site survey which will help limit signal bleed off to unneeded areas. You should write down the suspicious MAC address and keep an eye on your access logs. If the War Drivers are really stupid just look out your window and look for cars with weird antennas.HA HA HA.
Kismet is more than just a tool to discover wireless networks; it can be used in conjunction with other tools to crack WEP/WPA. Many websites will claim that WEP can be cracked in less that five minutes. This is only half the truth because it could take many hours,days,months to gather enough packets to crack. Good luck and have fun learning the more advanced applications of kismet.
Tuesday, October 23, 2007
Wireless Security Workshop
In this three day, wireless security workshop, we will examine the cutting edge of wireless technologies. The purpose of the course is to give you a full understanding of what wireless (802.11) networks are, how they work, how people find them and exploit them, and how they can be secured. This hands-on course is based on real world examples, solutions, and deployments. In this course we will actually set up and use wireless networks, determine the tools to uncover wireless networks, and also look at how to defeat the attempts to secure wireless networks.
Course Completion
Upon the completion of our CISM course, students will have:
Constructed a wireless network architecture
Install and configure 802.1x authentication using Microsoft Windows IAS and Server 2000
Install a wireless access point
Distinguish between 802.11x standards
Defeat Wired Equivalent Privacy
Key Take Aways:
An understanding of wireless networks
A CD of common tools and documentation
An ability to search the internet for updates and more information on wireless networks
Detail of Course Content The following topics will be covered:
Wireless History
Radio Frequency (RF) Fundamentals
WLAN Infrastructure
802.11 Network Architecture
802.1X Authentication
Extensible Authentication Protocol (EAP)/(LEAP)/(PEAP)
Detection Platforms
WLAN Discovery Tools
Kismet
Wireless Sniffers
Conventional Detection
Antennas
Exploiting WLANs
Securing WLANs
Other Wireless Options
Legal Issues including GLBA and ISO-17799
Future
Resources
Network Security - All About Firewalls
Most networks should have a firewall in place before they are up and running. A firewall is the most common form of network security employed by companies large and small. If you own a personal computer your anti-virus software company may at one time or another have offered you firewall protection.
A firewall on a home network is just as important as one on a corporate network. Why? Most smaller networks have as many security issues that larger corporate networks have. A firewall helps protect a network against potential data loss, corruption and hackers.
What Is A Firewall
A firewall is nothing more than a fancy term used to describe a blockade that prevents outside forces from accessing your network. It is called a firewall because it prevent information or data loss from one place to another. Typically a firewall is some program or hardware that you have to install in your computer that helps filter information coming from the Web to your computer network. A firewall provides a series of filters that screens information allowing only safe information to pass through to your network.
In a large company, multiple computers are often linked using network cards. Companies usually provide multiple connections to the Internet. In order to protect all of these computers a firewall is necessary so that only certain people can access corporate computers through the Web (those that are authorized to do so). While a firewall is not foolproof it basically does a good job of protecting computers from Internet threats at their connection points.
Thursday, October 18, 2007
How to Secure Your Network?
Network Security Tips
Use Virus Protection Software
Don’t open unknown email attachments
Use regular backup of your critical data
Make boot disk
Use Firewall program
Authenticate users
Implement Security Policy in your network
Keep an inventory of your software and hardware and make a list of all the devices.
SCAN TCP/UDP services
Don’t provide more rights to the system resources than necessary.
Perform the network security testing and find the holes and fix them.
Place your server at very safe place.
Prepare an Assistant Network Administrator and train him/her about all the security related matters so that he/she can control the network in your absence.
Monitor the user’s activities on the internet and block all the unwanted websites, web applications which have security risks.
If you have wireless network then the following methods are very helpful in securing your wireless network.
Wireless Network Security
SSID (Service Set Identifier) –
WPA (Wi-Fi Protected Access)
WEP (Wired Equivalent Privacy)
TKIP (Temporal Key Integrity Protocol)
MAC Addressing (Media Access Control)
DHCP (Dynamic Host Configuration Protocol)
Encryption
Current Internet Network Security Policies Are Nonsense!
Gary suggests that the use of external consultants for the entire internet network security policy framework is not a great idea since the external consultants will find it difficult to grasp the intricacies and business drivers for the network security decisions.
Also, in terms of implementation, the internet network security policy should be disseminated to each and every employee of the company through seminars , handouts and quizzes rather than an innocuous email that no one reads.
The network security policy should capture the latest trends in the network security industry rather than playing catch up. One of the network security aspects that Internet network security policy makers should be worried about now is access to corporate data through a Blackberry or a mobile phone.
New ways of accessing internet cause internet security policy nightmares for CIOs. For example, most companies allow employees to access the corporate intranet mails thru Blackberrys. Also, some companies allow VPN access to the entire corporate intranet. All this is usually actually in violation of the existing corporate internet security policy which has to be rewritten.
In conclusion, internet network security policy implementors should focus on internal buy in among employees and proper dissemination to the entire IT work force,including contractors.This will ensure that the internet network security policy doesnt end up as a useless binder in your boss's cabin!
Sunday, October 14, 2007
Wifi - Wireless Network Security
Speed is of the essence. Typically, one thing matters to new users of wireless, getting connected and browsing that first website. While wireless connectivity can accomplish this, it’s best to set up your wireless connection securely before venturing out into cyberspace. Below are some tips to help secure your wireless network.
Change the default admin password. Admin passwords are easily figured out by attackers when they are left as the default. Not changing your wireless admin password opens your network to attack and can lead to many problems depending on the attacker’s agenda.
Another wireless security measure you will need to take is turning on encryption. Enabling WEP encryption on your wireless network will help you protect your privacy and all your info won’t be floating around outside your home waiting to be picked up by a passerby. It’s important to remember that all your devices on the wireless network will need to have the same encryption. So find the strongest encryption possible that will work on all devices of the wireless network.
Stop the auto-connect feature. Do not allow your devices to auto-connect. Allowing auto-connect may connect to a network that you don’t particularly want. Example, you don’t want your laptop connecting to your neighbor’s network and sending info.
It’s also a good idea that you install firewalls on all devices that connect to the wireless network. Even if the wireless router is firewalled, it’s important to also install firewalls on all computers that are connected to the wifi network. It’s important that these firewalls be set up correctly and block any intrusions that may compromise your wifi network.
Position your wireless router close to the center of your home. Although the reach of wifi networks can vary greatly, it’s important to not allow the signal to float around great distances from the main access point. It virtually impossible to stop all leakage from exiting your home. But minimizing the risk to your wifi network will help to protect it.
Another good idea for wifi network security is to not allow broadcast of the SSID. Your router may have SSID broadcasting set up by default; however you should be able to change this setting in the configuration. This feature is only useful for mobile environments, and is not needed in home wifi networks.
These are just a few tips to securing your wifi network. It’s always a good idea to check for firmware updates to your router as new exploits and vulnerabilities arise. Some routers will have an auto update feature and it’s important to use it. Using auto update will help keep your wifi network secure without the need of remembering to check for updates.
Network Security Software
Network security software is used to protect sensitive data and information on your company's system. It also works wonders in securing your system, and ensures that it functions effectively and at maximum capacity. Some types of network security software are network security software scanners, network monitoring software and network-wide software used for monitoring an event log.
The network security software scanner is used to check your computer system for possible security vulnerabilities by scanning the entire network for missing security areas, service packs, open shares, open ports and user accounts that are unused. When this software detects all this information, you can lock down your computer system against intruders and hackers.
Another type of network security software is network-monitoring software. This is used to monitor your server and the entire computer system for failures, and to allow administrators to fix and identify these failures before the computer users report them. If there is a failure, the user can be alerted via email, SMS or pager. After this, the software reboots the machine, restarts a service or automatically runs a script.
Lastly, the software used for monitoring an event log is used to detect intrusion on the event log and management. What this software does is analyzes and archives the event logs of all machines in the computer system, at the same time sending alerts of attacks, critical events and other issues on security.
All these are necessary to secure your company's computer system. But keep in mind that one of the most important features that your network security software should have is ease of use. So, you must take time and carefully select the software that you will use in managing your network and keeping it secured.
Saturday, October 13, 2007
Network Security - Little Known Threats
There are a number of common network security threats that can damage your network. Some prime examples include remote login capability, SMTP hijacking and backdoor entry to a computer network. There are however dozens of other ways someone can inadvertedly access your network and steal or damage your data. Here are just a few network security threats you should be aware of, whether you operate a private or corporate network.
DNS – DNS or denial of service involves a major attack on Websites. Usually this threat is reserved for large computer networks. When a denial of service attack occurs there is often little a company can do immediately to recover from the attack. When this happens a hacker connects to the server multiple times purposefully even though the hacker is denied access. Over time these repeated requests cause the system to slow and crash.
Macros – This is an application that allows someone to create a script of commands that can run on your network. These macros are capable of crashing computers and destroying data.
Virus – A computer virus is one of the most common threats any private or corporate network user faces. Fortunately viruses can usually be prevented using modern anti-viral software.
OS bugs – Operating system bugs occur when backdoors are accessed to operating systems. Usually a backdoor is left open to attacks when inadequate network security systems are in place. Fortunately adequate network security including use of firewalls can help limit ones exposure to this security threat.
Friday, October 12, 2007
Intrusion Detection Guide
The large number of computers accessing internet and the valuable information they contain has made it the quintessential task to ensure network security before establishing any kind of network. Hackers can adopt different methods to breach the network security. Most common of them is by gaining unauthorized access to the information that is primarily private and confidential. This is very dangerous for a network as this information can be misused or can be modified by the hacker, which is also known as data diddling. This kind of modification of data can render all the data stored on the computers that are connected to a network, to become useless. Thus, it can result in total chaos and disorder for any organization or individual. Some hackers may even delete the data totally or may release a virus in the network that can corrupt all the files on the computers including those of the operating system, which can render a computer to be totally useless. Some other forms of network security threats are remote login capability, SMTP hijacking, DNS, Macros and OS bugs.
Because of these multiplying threats the Intrusion Detection Systems are gaining popularity and have become an integral part of the overall business strategy of an enterprise. The main purpose of an Intrusion Detection System is to identify any passive or active and any internal or external activity that is hostile to a network and then to alert the concerned system administrator and also block it as it happens. Thus, it detects any unauthorized access or misuse of a computer system and acts like a burglar alarm for a computer. Eventually many different Intrusion Detection Systems have been developed, however, the detection schemes generally fall into one of the two categories, anomaly detection or misuse detection. Anomaly detectors sort out the behavior that deviates from the normal system use. While on the other hand, misuse detectors look for the behavior that matches a known attack scenario. Another sub-category of Intrusion Detection Systems is Network Intrusion Detection Systems (NIDS). These systems look out for suspicious activity and monitor the packets. Network Intrusion Detection Systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.
Usually it is assumed that the people outside the networks try to break into them and gain access to the private and confidential information. However, the truth may be different for the big corporate houses. Here, the insiders pose a greater threat to the information and the overall security of the network. This is because they have the insider’s knowledge of the workings of the company.
Hence, though the network security threats are multiplying with the size of the network, we can still secure our networks by acting judiciously and by having the necessary Intrusion Detection Systems on our networks.
Computer Network Securities
As more people turn to computers for simplifying their day-to-day activities and jobs, the need for general users to understand the concepts of network security has become important. One should know the risks involved in using the computer without the security systems, and learn how to deal with them successfully both at home and at work.
There are two popular types of network security systems: transit security and traffic regulation systems. When both of these join forces you can be assured of the delivery of important information to the right person without any network pilferage problems. The receiver should also ensure that the information received should be carefully processed using a computer which is loaded and protected with latest protection software.
The simplest form of ensuring security on the net is to keep a close watch on the type of data packets moving between the networks. If an infected packet does not reach the recipient, the host may have nothing to worry about. Traffic regulation systems serve as a protective screen between the receiver and remote sites. These tools generally guards three basic regions of the network: the routers, firewalls and hosts.
The three ‘guards’ deliver similar service at various points in the network, and it is difficult to draw a differentiating line between them. The truth is that there are no foolproof systems which offer a guaranteed secure system for data transferred in the public network. With the increasing use of the Internet, network security is fast becoming crucial for the safe use of the systems, and therefore computer network security is all set to be an important part of our regular computer usage.
Thursday, October 11, 2007
OPEN Acquires NerveCenter from VERITAS Software, Becomes Network Security Management Leader
Under the terms of the agreement, OPEN acquires the NerveCenter event correlation and root-cause analysis technology, gains a Fortune 500 customer base and an established reseller channel, and captures a valuable revenue stream. VERITAS Software will actively assist in the transition of the product to OPEN by providing support and development resources.
"OPEN is well positioned to continue developing the NerveCenter technology to grow and enhance the product, and to meet the support needs of our customers and channel partners," said Kris Hagerman, senior vice president of strategic operations, VERITAS Software.
"We are dedicated to supporting our customers and to extending both the NerveCenter and SystemWatch product families," said Brad Hebert, OPEN's president and CEO. "We are well equipped to immediately answer the challenging business needs of our customers by delivering a better way to proactively and securely manage their mission-critical security and network assets."
"NerveCenter's SNMP event correlation and root-cause analysis capability, along with SystemWatch's intelligent agent technology, is a powerful and unique offering that delivers an out-of-the-box implementation providing a superior platform for enterprise security event management," adds Matthew Kovar of The Yankee Group. "This advanced system functionality will now enable all enterprises to regain control of their network security exposure in real time."
Both NerveCenter and SystemWatch collect and consolidate events, filtering to illuminate and forward only the significant events to management consoles, allowing enterprises to leverage existing management software investments.
"EMA views integrated security and infrastructure management as a high growth area over the next two to five years," says Dennis Drogseth, a vice president with Enterprise Management Associates, a technology analyst firm. "This trend will enable a more systemic approach to security management, as well as integrate security events, such as DoS, more effectively into broader infrastructure availability and performance. OPEN's acquisition of NerveCenter will bring compelling and distinctive advantages to users seeking a more integrated and systemic approach to security and infrastructure control."
About NerveCenter
NerveCenter is the industry's leading root-cause analysis and event correlation solution, enabling network professionals to focus on truly important network problems. NerveCenter helps maximize network availability and performance by using sophisticated behavior models to filter through voluminous network, systems and applications information, pinpointing critical problems and automatically launching appropriate corrective actions based on customer-defined policies.
Through NerveCenter's integration with leading enterprise management platforms from CA, HP, Micromuse and Tivoli, events from many diverse sources can now be correlated to identify the root cause of problems that previously required operator analysis. Typical installations range from $30,000 for mid-size businesses to $100,000 for larger businesses.
About SystemWatch
SystemWatch is a complete solution that fully automates the management of security applications and appliances from security vendors such as Check Point, Nokia, ISS, Cisco, Symantec and Nortel. The SystemWatch products enable leading Managed Security Service Providers and enterprises to collect and consolidate heterogeneous security events. SystemWatch has achieved OPSEC (Open Platform for Secure Enterprise Connectivity) Certification from Check Point Software Technologies, Ltd. Typical installations range from $30,000 for mid-size businesses to $100,000 for larger businesses.
About OPEN
OPEN (OpenService, Inc.) is the premier provider of network security management solutions that anticipate potential security breaches and proactively ensure network availability and performance. This allows enterprises and service providers to continuously protect and manage mission-critical business information. As a privately held company, OPEN has received venture funding from Zesiger Capital Group, 1to1 Venture Partners, Hudson Venture Partners, LibertyView Equity Partners, Blue Rock Capital, First Albany Corporation and the New York State Science and Technology Foundation. Based in Westborough, Massachusetts, OPEN has offices in California, Georgia, Michigan and New York, and distributors in the United Kingdom and Germany.
Perfisans Networks Announces Development of New Wireless Security Product for Wireless Broadband Communications
After its recent LOI merger announcement with FSP Holdings Limited (FSP) [ www.fsp.com.cn ], a VoIP and Wireless Broadband Access (WBA) solutions provider focusing on the China WiMax and Wi-Fi networks, PFNH immediately began extensive market research, which indicated extremely strong market demand for a cost efficient "wireless security" product. Currently security related products in this sector are very expensive to implement and thus restrict barriers of entry into the WBA market by most companies. PFNH and FSP has formed a team to utilize PFNH's unique chip architecture already in place to develop and market a low cost product for the wireless communication and network security markets.
Today's Broadband Access industry is dominated by Cable and DSL technology. The deployment is costly and performance is limited by the physical distance between the user and the provider. WBA is the newest approach that has the lowest barrier of entry for ISP's and the lowest implementation cost. Most of today's notebook computers already come with Wi-Fi (802.11x) support. One of the biggest hurdles for Wireless ISP (WISP) is to protect customer's data from the shared wireless networks.
In addition, the research has found that the most vulnerable data is that data at rest (i.e. data on the hard disk). Dynamic data under transportation is seldom hacked and difficult to be captured and decoded.
With market data from the FSP's distribution channel and PFNH's expertise in the storage and network arena, PFNH's first step to this market will be to build a Security Processor, which combines wireless protocol and security encoding in one chip. PFNH's road map will integrate the storage protocol with its Systems On Chip modular design methodology, proving how easily adaptable the Company's technology is to producing new and exciting products at relatively low costs that is "light years" faster than any competitor in getting those products to market.
Wireless Broadband Access (WBA) and VoIP markets are growing rapidly worldwide and as such, data security is already one of the major concerns in deploying WBA and VoIP services. Today, only the most expensive WBA products are implemented with hardware data security features; most other WBA products only offer software data security features that significantly lower system performance outputs and increases product costs. PFNH's first step to enter this market will be by integrating a wireless broadband communication and data security functionality into their new product line for this emerging market. This will be a single chip semiconductor ASIC (Application Specific Integrated Circuit) containing Wi-Fi, WiMax, 3DES, and IPSec capabilities. With this powerful arsenal of functionality, PFNH's new Wireless Security (WiSec) products will deliver high data throughput performance with exceptional high security, thereby alleviating security concerns.
High performance and high efficiency components are critical for large-scale and application-specific WBA and VoIP deployment. Today WBA and VoIP equipment manufacturers only have available to them very expensive semiconductor ASIC components to build their products. PFNH will play an important role to change this and to provide high performance ASIC components at a very low cost in this fast-growing WBA and VoIP market, as well as to satisfy customer needs in the Telecommunications and VoIP sectors.
Target markets for the new wireless security products will be WBA and VoIP equipment and solution providers such as Cisco, Redline Communications, Huawei (China's largest network equipment provider), ZTE, UTStarcom and FSP. This new product line will be tailored for both long range wireless broadband access (WiMax-802.16) and short range wireless broadband access (WiFi-802.11), VoIP (Voice over Internet Protocol), video and internet access. Products under development will conform to both International and China standards. The ability to adapt, make changes, and put out new products so quickly is a testament to PFNH's unique "scalable" architecture.
According to the research report published by WinterGreen Research Inc. in November 2005, the worldwide WiMAX switch market forecasts at $34.5 million dollars in 2005 and anticipated to reach $19.9 billion by 2011. Normally, more than 20% of switch costs are in Semiconductor ASIC components. This estimation gives PFNH a Total Available Market (TAM) of around $4B by 2011, which is a significant market size for PFNH to focus future development. The report also indicates WiMAX is an opportunity for Wireless Internet Service Provider (WISP) operators to take broadband access and VoIP market share away from proprietary wireless operators or those using wire-line technologies. Significant opportunities are presented by the mobile version of WiMAX 802.16e. It has been indicated that WiMAX networks will be able to support revenue-generating multimedia services better than existing 3G networks. This new technology enables operators to provide more services at lower costs in order to compete with the traditional mobile operators using GSM, CDMA and 3G networks.
Monday, October 08, 2007
Mirage Networks Expands Full-Cycle Network Access Control Product Family to Protect Large and Small Networks
Mirage Networks, Inc., developers of award-winning Full-Cycle Network Access Control(TM) (NAC) technology, today announced the release of a new member of its Mirage NAC appliance product family, the C-125.
The C-125 was designed to address market demand for an easy-to-deploy solution that is cost-effective for small networks, yet easy to manage as part of a larger network. The company's partners have welcomed this addition to the product family, as it opens up greater opportunities, while direct customers look forward to the higher level of control this appliance will provide.
"Mirage Networks is committed to its channel, as this product release illustrates," said Tom Duffy, president and CEO, igxglobal. "This new appliance is an ideal fit both for large enterprises and for the lucrative small-to-midsize enterprise market. And, as the security market grows increasingly crowded, companies like Mirage become a valuable competitive differentiator."
This product family addition enhances the company's already strong enterprise support. The new C-125 appliance is intended for small networks of 50 or less users, an ideal complement to its C-245 and C-145 appliances, designed for 2000-user networks and 500-user networks, respectively. The Mirage Operations Console, or MOC, continues to afford customers the ability to centrally manage all appliances on their networks, regardless of geographic location.
Specifications for CounterPoint C125:
--VLANs protected: 2
--Users monitored: up to 50
--Throughput: 100Mb/s
Availability
The Mirage Networks CounterPoint C-125 appliance has been available as of November 30, 2005, through Mirage Networks ChannelFirst and MSSP partners. Contact info@miragenetworks.com to be connected with Mirage Networks partners.
About igxglobal
igxglobal offerings are built upon three pillars of security that enable our clients to develop, deploy and sustain an effective long term security practice. Those pillars are the Intelligence required to make informed decisions, the Tools that provide insight and enforcement and the Operations to sustain that desired state of predictability. Our core competency is focused in four practice areas: Threat Mitigation Services, Security Products, Professional Integration Services, and Security Operations Services.
About Mirage Networks
Mirage helps enterprises defend their networks from day-zero threats and policy violations with full-cycle Network Access Control technology. The patent-pending software behind the Mirage NAC appliance product family uniquely protects the network interior, controlling network access for any endpoint, no matter the operating system or device, without agents, signatures, rearchitecture, or high overhead.
Thin Client Terminal functions in harsh working conditions
A leading global retailer is experiencing first hand the reliability that the Neoware e900 delivers. The Neoware e900 works with barcode scanners to read and transmit data quickly and effectively on thousands of pieces of products, inventory, supplies, etc. daily. The Neoware e900 is designed to work in varying environments, such as a freezer, open warehouse, tractor-trailers, dust, and outdoor lots. The Neoware e900 is designed to sustain falls and be exposed to moisture without being damaged.
In addition to providing sophisticated technical features, the Neoware e900 delivers user-friendly and ruggedized construction. The thin client provides a 12-inch, TFT active LCD screen that allows users to adjust brightness, providing optimum visibility even in bright sunlight. Unlike fragile personal computers, the heavy-duty Neoware e900 will function in adverse environmental conditions.
The Neoware e900 complements Neoware's existing line of thin clients and software, and can be managed using the same management software. By deploying the Neoware e900, global retailers, transportation companies, health care providers and manufacturers can now achieve the benefits of thin client computing, even in harsh environments.
"The Neoware e900 sets a new standard for rugged thin clients as it provides the enhanced security and central management of Neoware's software in a very durable and reliable device," said Roy Zatcoff, Neoware's Executive Vice President of Marketing and Product Development. "The Neoware e900 delivers the benefits of thin client computing over a wireless network, and under extremely harsh working conditions, so customers can get the job done efficiently and productively."
Saturday, October 06, 2007
Info Security Products Guide Names SSL VPN-Plus a Multiple Global Excellence Award Winner
"Security products have continued to evolve rapidly in the past few years and advanced technologies are now making it possible to take a pro-active approach to most security scenarios," said Rake Narang, Managing Editor of Info Security Products Guide. "End-users or consumers of these products have to deal with real-life threats which may differ vastly from lab simulated environments. These users build a strong 'Customer Trust' for products that best meet their requirements and therefore also play a key role in the security evolution cycle."
NeoAccel's SSL VPN-Plus is the only VPN solution that combines the ease of use and low management overhead of SSL-based VPN products with the performance of IPSec VPN products. The SGX-4800 gateway leads the market with the ability to support up to 10,000 concurrent users with up to 8,200 transactions per second.
"Industry recognition of SSL VPN-Plus is further proof that we have significantly advanced the state of the art in SSL VPN security," said Michel Susai, president and CEO of NeoAccel. "As enterprises of all kinds learn the benefits of SSL VPN-Plus products through industry publications such as Info Security Product Guide, they are abandoning other IPSec and SSL VPN solutions in favor of ours."
About Info Security Products Guide Awards
Info Security Products Guide, published by Silicon Valley Communications, plays a vital role in keeping end-users informed of the choices they can make when it comes to protecting their digital resources. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. You will discover a wealth of information in this guide including tomorrow's technology today, best deployment scenarios, people and technologies shaping info security and independent product evaluations that facilitate in making the most pertinent security decisions. The Info Security Products Guide Awards recognize and honor excellence in all areas of information security. To learn more, visit www.infosecurityproductsguide.com and stay secured.
Info Security Products Guide Names Tizor's Mantra Winner of the 2007 Global Product Excellence in Auditing Award
More than 18,000 end-users and prospective customers were invited to vote for the products that they trust the most when it comes to protecting their digital assets. Tizor Mantra was chosen because it reduces business risk and lowers IT costs by enabling the highest level of compliance assurance, data protection and data privacy available today.
"This recognition by Tizor customers and the market further validates Mantra as the leading enterprise data auditing and protection solution," said Joel Rosen, president and CEO of Tizor. "Customer trust is of the utmost importance to every member of the Tizor team and we appreciate the confidence that they have in our company and our Mantra solution."
A new class of network-based, enterprise data auditing and protection solution, Mantra provides real-time monitoring, reporting, theft detection and alerting on all critical data assets in the enterprise. A passive, non-inline appliance that is transparent to existing data infrastructure, Mantra plugs into to the network with no performance impact on the network, applications, systems or processes.
Mantra Highlights:
-- Scalability - Scales to meet the needs of the largest global enterprise, without affecting the performance of data servers or associated applications.
-- Performance - Analyzes vast volumes of application and data activity in real-time and in accordance with business goals, security needs and compliance with regulations such as Sarbanes Oxley and PCI (Payment Card Industry Standard).
-- Intelligent Analytics - Identifies anomalous user behavior, even by privileged users, as it happens by leveraging patent-pending Behavioral Fingerprinting® technology.
-- Coverage - Incorporates a variety of structured and unstructured data server specific adaptors through a modular design. Supports data auditing across Oracle, Microsoft SQL Server, IBM DB2 (open systems and mainframes), Sybase and Windows-based file servers.
"Security products have continued to evolve rapidly in the past few years and advanced technologies are now making it possible to take a pro-active approach to most security scenarios," said Rake Narang, Managing Editor of Info Security Products Guide. "End-users or consumers of these products have to deal with real-live threats which may differ vastly from lab simulated environments. These users build a strong 'Customer Trust' for products that best meet their requirements and therefore also play a key role in the security evolution cycle."
To read more about Mantra visit http://www.tizor.com . To see the full list of Info Security Products Guide winners visit http://www.infosecurityproductsguide.com/buyers/index.php .
About Info Security Products Guide Awards
Info Security Products Guide, published by Silicon Valley Communications, plays a vital role in keeping end-users informed of the choices they can make when it comes to protecting their digital resources. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. You will discover a wealth of information in this guide including tomorrow's technology today, best deployment scenarios, people and technologies shaping info security and independent product evaluations that facilitate in making the most pertinent security decisions. The Info Security Products Guide Awards recognize and honor excellence in all areas of information security. To learn more, visit www.infosecurityproductsguide.com and stay secured.
Friday, October 05, 2007
Info Security Products Guide Names Kazeon Winner of the 2007 Tomorrow's Technology Today Award
To help healthcare organizations meet the growing challenges of eDiscovery and manage electronically stored information, the IS1200-ECS ensures information residing on desktops, networked storage systems and devices (scanners, film digitizers, etc) can be discovered, searched and managed in order to improve productivity, decrease risk and increase regulatory compliance. Kazeon also provides integrated support for the DICOM standard, which enables healthcare providers to discover, search and manage files based on one or many DICOM file attributes. The IS1200-ECS integrates into existing healthcare provider networks and interfaces with existing networked storage and servers to search, classify and act on files in hundreds of file formats and all files that comply with the DICOM standard.
"Companies that have been honoured with the prestigious 2007 Tomorrow's Technology Today award have each made deep-rooted commitment to solving security issues," says Rake Narang, editor-in-chief, Info Security Products Guide. "Probably nothing differentiates a product or solution more than the superior technologies behind it making them suitable for today's needs while pro-actively being ready for tomorrow too."
"Healthcare organizations are challenged by rigorous eDiscovery, regulatory compliance and governance requirements, " said Sudhakar Muddu, CEO of Kazeon. "The Kazeon Information Server IS1200-ECS makes it easier for these organizations to increase regulatory compliance and decrease risk. Complying with the DICOM standard is an extra step that Kazeon has taken to improve the IS1200-ECS to help better manage and protect patient information."
Info Security Products Guide, a founding member of the Technology Industry Leadership Council sponsors leading conferences and expos worldwide and plays a vital role in keeping end-users informed of the choices they can make when it comes to protecting their digital resources. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. You will discover a wealth of information in this guide including tomorrow's technology today, best deployment scenarios, people and technologies shaping info security and independent product evaluations that facilitate in making the most pertinent security decisions. The Info Security Products Guide Awards recognize and honor excellence in all areas of information security.
Kazeon is a leading provider of enterprise information access solutions that revolutionize the way companies search, classify and act on information. The Kazeon Information Server(TM) platform dramatically reduces the cost of searching the massive amounts of incompatible content distributed across the enterprise. Proven solutions for Legal eDiscovery, Information Security & Privacy, Governance Risk & Compliance, and Storage Optimization have been adopted by leading global organizations, including Bosch, Cisco, General Electric, ING Group, INVESCO, Philips, and SAP. Through the development of unique indexing, tagging, and automation technology, Kazeon has established partnerships with leading companies such as, Network Appliance, BearingPoint, Google, and Oracle. Kazeon's award-winning products are helping an increasing number of companies find and organize their information and to reduce the cost and risk associated with its explosive growth.
Info Security Products Guide Names RedSeal Systems as Winner of Tomorrow's Technology Today and Shaping Info Security Awards
"RedSeal is honored to win this award," said Joel Evanier, CEO of RedSeal Systems. "RedSeal consistently strives to provide enterprises with security risk management and assessment solutions that allow businesses to take a proactive approach to securing their networks. Info Security's recognition of our solutions and leadership in the industry validates our efforts and the approach we've taken to enterprise risk management."
RedSeal Systems' Security Risk Management solution automates the process of threat and risk management with network mapping, router and firewall auditing, threat identification and prioritization, and comprehensive risk and compliance reporting. By converging networking topology and access policies with security and vulnerability data, the RedSeal SRM identifies exposures and prioritizes which should be fixed first based on the business value of the resources affected.
"We are pleased to honor RedSeal with both the Tomorrow's Technology Today and 2007 Shaping Info Security awards," says Rake Narang, editor-in-chief, Info Security Products Guide. "There were some excellent entrants this year, and each company being recognized has made a deep-rooted commitment to solving security issues with superior thought leadership and technologies. RedSeal's technology advancements and thought leadership in the area of security risk management will prove a valuable tool for assessing the network security of enterprises."
About Info Security Products Guide Awards
Info Security Products Guide, a founding member of the Technology Industry Leadership Council sponsors leading conferences and expos worldwide and plays a vital role in keeping end-users informed of the choices they can make when it comes to protecting their digital resources. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. You will discover a wealth of information in this guide including tomorrow's technology today, best deployment scenarios, people and technologies shaping info security and independent product evaluations that facilitate in making the most pertinent security decisions. The Info Security Products Guide Awards recognize and honor excellence in all areas of information security.
Info Security Products Guide Names Archer Technologies Winner of Three 2007 Tomorrow's Technology Today Awards
These esteemed awards recognize security vendors with advanced, ground-breaking network security solutions that are helping set the bar higher for others in all areas of information security. The Archer Risk and Policy Management solutions and the Archer SmartSuite Framework were selected by the editors of Info Security Products Guide based on technologies that are making the most positive impact on security in today's highly sophisticated and blended attacks environment.
"Companies that have been honored with the prestigious 2007 Tomorrow's Technology Today award have each made deep-rooted commitment to solving security issues," said Rake Narang, editor-in-chief of Info Security Products Guide. "Probably nothing differentiates a product or solution more than the superior technologies behind it making them suitable for today's needs while pro-actively being ready for tomorrow too."
With more than five million licensed users, Archer Technologies provides enterprise risk and compliance management solutions to 35 of the top 40 financial institutions, seven of the largest telecommunications firms and prominent healthcare, pharmaceutical, technology and energy companies in the United States. Archer solutions facilitate the seven core processes involved in effective enterprise risk and compliance management, including Policy, Threat, Asset, Risk, Incident, Vendor and Sarbanes-Oxley Compliance Management. With Archer, Fortune 1000 companies and government agencies can automate and manage these processes through a set of robust, fully integrated solutions with powerful reporting and measurement capabilities.
"We continue to stay close to our customers and deliver the solutions they need to strengthen their risk and compliance management programs. Winning three prestigious awards from Info Security Products Guide reaffirms our commitment to excellence and exceeding our customers' expectations," said Jon Darbyshire, president and CEO of Archer Technologies. "These awards further motivate our team to deliver innovative, quality solutions backed by the highest level of customer service."
About Archer Technologies
Archer Technologies is a leading provider of automated enterprise risk and compliance management solutions. With more than five million licensed users, Archer enables Fortune 1000 organizations and government agencies to reduce enterprise risks, manage and demonstrate compliance, automate business processes, and gain visibility into corporate risk and security controls. Archer is the only vendor that delivers highly flexible out-of-the-box solutions built on the Archer SmartSuite Framework that can be easily tailored to meet an organization's unique risk and compliance requirements for total IT governance. For more information, visit www.archer.com .
About Info Security Products Guide Awards
Info Security Products Guide, a founding member of the Technology Industry Leadership Council sponsors leading conferences and expos worldwide and plays a vital role in keeping end-users informed of the choices they can make when it comes to protecting their digital resources. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. You will discover a wealth of information in this guide including tomorrow's technology today, best deployment scenarios, people and technologies shaping info security and independent product evaluations that facilitate in making the most pertinent security decisions. The Info Security Products Guide Awards recognize and honor excellence in all areas of information security.
Wednesday, October 03, 2007
CyberGuard ships sVPN product
CyberGuard Corporation (Nasdaq: CGFW), a provider of network security, has developed a custom mobile security appliance, referred to as sVPN, or single virtual private network.
The sVPN is intended for remote employees working for an electronic commerce business. CyberGuard has said that it has started deploying the product.
The company has said that the sVPN provides remote users with securely encrypted data transfer via any Internet connection and that the device isolates and protects the user from any internal threats that may reside on a local network.
CyberGuard has said that the mobile security appliance connects directly to the user's laptop via Ethernet, drawing power from the USB port, and when the unit boots up the sVPN authenticates the user and creates an IPsec tunnel that secures all traffic. The sVPN can reportedly connect to both wired and wireless networks.
AutoCorp —Homeland Security Network, Inc.— Signs Distribution Agreement For SaTrac Security Tracking System; MRI To Distribute In The Northeastern Uni
MRI, a transportation industry aftermarket distributor, spent more than two years and invested hundreds of thousands of dollars in research and development of GPS technology, before consummating an agreement with HSNi. MRI believes that the new SaTrac GPS hardware and software is the most technologically advanced GPS system for tracking and monitoring of assets available anywhere in the world. It will immediately replace the widely used and antiquated radio frequency (RF) tracking and recovery systems marketed as LoJack(R), ForceTracker and others that require specialized equipment and have only limited coverage areas. MRI, through its direct sales organization and their existing national network of sub-distributors, intends to capture the tracking and recovery market, which currently exceeds $250 million in annual sales.
Blaise Zampetti, Chief Operating Officer of MRI, who is an experienced executive in the automobile industry, said, "This new SaTrac system is the most exciting product introduced to the aftermarket auto sales venue in over twenty years. I believe dealers will view this item as one of the finest value-added products ever made available to their consumers. Dealers will now have a much needed revenue source previously unavailable to them."
Peter Ubaldi, the CFO of HSNi adds, "This national coverage and immediate market penetration will give the company a head start on reaching its projected revenue for this year. Each sale not only creates immediate income but also establishes a future revenue stream by virtue of the ongoing service fees that are part of every sale. It is the classic 'razor/razor blade' model."
About Auto Corp Equities, Inc.
AutoCorp Equities, Inc. (ACOR), a publicly-traded holding company, has entered into acquisition agreements with Rodwell Software Systems and ComTrak Solutions. These companies, brought to AutoCorp by some of its major shareholders, produce and market revolutionary new GPS tracking devices and software. AutoCorp will change its name to Homeland Security Network, Inc. (HSN) on or about February 28th, 2005 to reflect the direction of its new course of business. The company will capitalize on rapidly-emerging, largely under-served, GPS tracking markets. These markets, whose scope was dramatically accelerated by the increased need for Homeland Security, have a potential demand in excess of 100 million units-plus in the United States, Canada and Mexico over the next decade. HSN plans to lead the GPS tracking industry through the combined assets of its newly acquired companies' propriety software and market distribution capabilities. The re-structured company is also completing negotiations with a major international electronics manufacturer that will give it the ability to quickly and economically expand its sales efforts to all of its targeted markets. HSN expects to capture a dominant share of the GPS market with its ability to provide, in large quantities, the lowest cost tracking hardware, and to offer the most cost-effective data transmission fees (wireless airtime consumer costs) in the industry. Airtime costs, which largely inhibit the current GPS market's product sales and deployments, will be nearly 2000% lower for HSN than those of its nearest competitor for comparable data transmissions. The company's GPS products will incorporate state-of-the-art map tracking and trailing, geo-fencing alerts for designated parameter infringements, and the ability to uniquely control all vehicle functions from its customer's web-enabled mobile phones or personal computers, via the company's proprietary Internet website system software.
Monday, October 01, 2007
New networking products available now from 3Com - Brief Article
The 3Com Router 3000, 3Com OfficeConnect VPN Firewall and OfficeConnect Secure Router solutions are intended to provide a small office with secure Internet access.
The OfficeConnect VPN Firewall provides security from unauthorised user access and blocks denial of service attacks or other online attacks. The 3Com Router 3000 family protects data in transit, provides Internet connectivity and supports a number of services such as traffic prioritisation, IP routing, IPX routing and filtering.
A networking Swiss Army knife
NetScanTools Pro (NSTP) is remarkable. In one interface you get network setup and configuration exploration functions, security testing services, information-gathering tools, and network and service diagnostics. Northwest positions the software for general network diagnosis and exploration, as well as for forensic use.
The features of NSTP are divided into a Welcome section, which provides introductory help, bug reporting, Northwest contact information and the ability to check for a new version.
The next section leads you through a sequence of steps to gather information about a remote machine. The first step asks what kind of contact you want with the remote computer (no contact, some contact or maximum contact). The idea is that for certain types of analysis, such as tracking down a hacker, you might want to restrict which tools are used to those that don't connect directly to a target machine: This will avoid setting off alarms. If you are a little braver, you can opt for "minimal" testing that uses nonaggressive techniques, such as connecting to one or two ports to determine the existence of services or attempting to "fingerprint" the host's operating system.
The next step asks for basic information about the target system - the name, IP address, e-mail address or URL. The third step, research, runs the NSTP tools and creates a report that is opened as a Web page in your default Web browser.
A no-contact report simply lists the IP address associated with the target, the DNS servers responsible for the domain and DNS data, geolocation (IP to country mapping), the major spam real-time blacklists the target is on, and the Whois data for the domain.
With a most-contact version, not only do you get all the no-contact data, you also get a list of host names found within the domain, a traceroute to the target with geolocations for each hop and a list of open TCP ports.
There also is a fourth step in this section, which allows you to view or delete any of the past reports.
The next section, Tools, provides access to the individual functions of NSTP. This is a big list, offering some 46 tools.
A number of tools, such as OS Fingerprinting, which attempts to determine the operating system in use on the target, warn you that using them may be detected by the target and interpreted as a threat, so require you to accept the disclaimer and agree that you are on your own.
The Online section provides links to Northwest news, support and bug-reporting Web pages and an update checker. Finally, the Program Info section includes an About option, an End User License viewer, and access to the Set Preferences window where you set global preferences that affect all tools.
Of particular interest in forensics and diagnostics are the URL Cache Viewer, which lets you view the Internet Explorer cache, and the Protected Storage Viewer, which lets you view auto-complete information, password-protected site logon, and usernames and passwords for Microsoft e-mail applications.
We had only two issues with NSTP: First, some tools can't be interrupted - with these, NSTP stops responding until the service completes or times out, but there's no indication that NSTP is still working. The second issue is that, with the exception of a couple of tools that launch separate programs, you can't work with multiple tools simultaneously.