admini – Page 232 – CyberSecurity Institute

UTM – Preparing for New Generation of Security Threats

Posted on June 5, 2006December 30, 2021 by admini

Unfortunately, purchasing and deploying a full range of best-of-breed security solutions can be daunting for small-mid sized businesses that typically have only have a fraction of the resources and budgets of larger enterprises. These customers are typically willing to sacrifice best-in-class security, performance and features for simplicity, ease-of-use, and low price. To better serve this segment of the market where simplicity and low cost are top priorities, Unified Threat Management (UTM) products have emerged.

UTM is the evolution of the traditional Firewall into a Swiss Army product that not only includes a firewall but also content inspection and filtering, spam filtering, intrusion detection and anti-virus. The biggest value with UTM platforms is simplicity and lower price given its “all-in-one” footprint. While UTM solutions provide significant benefits, especially for SMBs, the design of many UTM appliances on the market today is a compromise of performance, functionality, price and simplicity.

Performance: The practical performance of a UTM appliance is often not obvious from reading the appliance specifications, since they typically depict just the performance of the firewall with the other security applications disabled or providing minimal functionality. The anti-virus performance of a UTM is typically limited to a small set of in-the-wild viruses, supported by a limited virus signature database. When simultaneously running another scanning application such as anti-spyware, UTMs will become less accurate as the scanning coverage is scaled down in an attempt to maintain speed throughput, or a combination of reduced accuracy and lower speed.

Scalability: With limited throughput and system performance, first-generation UTMs are expected to quickly run out of horsepower to keep up with the broadband speeds enterprises are demanding. Additionally, since many security platforms today utilize signature-based technologies, being able to flexibly reconfigure the platform and update the signature databases, in response to new variants and threats, has become essential. Utilizing a high-performance acceleration engine that can be easily integrated into an existing appliance and operate in conjunction with the appliance’s core CPU/NPU, UTM performance can be accelerated by as much as 70X.

Designed to accelerate bottleneck operations associated with supporting multiple simultaneous applications, high-speed packet process and content inspection, a security acceleration engine can provides CPU/NPU offload and ensure multiple application support with full content coverage and accuracy while maintaining throughout performance.

http://www.it-observer.com/articles/1151/utm_preparing_new_generation_security_threats/

Identity Management – The Growing Challenge

Posted on June 2, 2006December 30, 2021 by admini

The DTI 2006 survey found that some 96% of large companies and 93% of all companies are still using single factor authentication to authenticate users.

There is one thing, however, which is certain – single factor authentication (passwords) is not enough. There are a number of authentication options: single sign-on is a step forward, but requires superior identity management, two-factor authentication is much better and involves the user of authentication tokens, biometric devices, etc. three factor authentication is far superior and involves something you know (e.g. password), something you have (e.g. authentication token) and something you use (e.g. device authentication) You need to be sure the device is free of any unauthorised applications such as IM, peer-to-peer or Skype, and that it is secured against current threats.

With growing numbers of remote and mobile users, EPS systems can secure those accessing the network and ensure, for example, that security policies are actually implemented on individual devices.

These are all steps on the longer road to identity trust management, where the overall level of access that you provide is based on trust in the authentication and the current level of security, of both the user and the device, coupled with location-based rules.

http://www.it-observer.com/articles/1148/identity_management_growing_challenge/

Security Spending Shifts

Posted on June 2, 2006December 30, 2021 by admini

Merrill, however, paints a relatively rosy security picture, with execs predicting growth of 4.8 percent in their security spending this year. American CIOs, on the other hand, seem more willing to open their wallets than European execs, envisaging a 5 percent spending hike, compared to just 4.1 percent on the other side of the Atlantic.

But even with healthy security spending levels, there is a shift underway in what users are buying, according to Richard Stiennon, chief research analyst at IT-Harvest. “Probably the biggest shift has been toward compliance technologies for things like reporting, storing, and archiving,” explains Stiennon, with users still feeling the strain of legislation such as the Sarbanes-Oxley Act, and the Health Insurance Portability and Accountability Act (HIPAA).

Yesterday, analyst firm Infonetics also reported that many users are looking deeper into network access and content security solutions, which is delaying some core security purchasing until later in 2006.

Users and analysts have identified uncertainty in the U.S. economic climate as a key factor in the overall spending slowdown. “The end of 2005 was slow, then it picked up in the spring, but now it has slowed down again,” explains Dan Tanner, a member of the Storage Networking User Group of New England (SNUGNE) and founder of consulting firm ProgresSmart.

http://www.darkreading.com/document.asp?doc_id=96276&WT.svl=news1_4

Network security revenue up in 1Q06

Posted on June 2, 2006December 30, 2021 by admini

Cisco remains the revenue leader overall, with 35% of total network security appliances and software; strong router sales helped Cisco increase share this quarter.

http://www.it-observer.com/news/6399/network_security_revenue_up_1q06/

Protecting the Wired from the Wireless

Posted on June 1, 2006December 30, 2021 by admini

“If you look at the problems people want to solve, where the most pain is, it revolves around locating and remediating rogue APs and peer connections on the network,” says Brian de Haaff, Vice President of Product Management and Marketing at Network Chemistry.

The company is also planning to release quarterly information called the Network Chemistry Wireless Threat Index, based on information gathered by its products and the Wireless Vulnerabilities & Exploits (WVE) database it launched last year to catalog potential attacks on WLANs. He says it will be the industry’s first ongoing index of enterprise WLAN threats.

http://www.wi-fiplanet.com/news/article.php/3608381

Vista hides from hackers

Posted on June 1, 2006December 30, 2021 by admini

Several open-source security systems use it already, including OpenBSD, and the PaX and Exec Shield patches for Linux.

Certain attacks attempt to call Windows system functions, such as the “socket()” function in “wsock32.dll,” to open a network socket.

Randomization seems to have served open-source systems fairly well, said Russ Cooper, senior scientist at Cybertrust, a security vendor in Herndon, Va. “I suspect this will be the first thing looked for–something which tells you which of the locations has been chosen, or anything that provides you with a pointer,” Cooper said. Attackers could also create malicious software that tries to poke at all 256 memory locations.

http://ct.zdnet.com/clicks?t=2480243-800b8f382c23b3407752a20ab3416b11-bf&s=5&fs=0