Author: admini

SonicWall Inc. will announce the Pro 4100.  The 10-port, gigabit UTM (unified threat management) appliance offers a wide range of security features, including a “Clean VPN” function that spots malicious traffic in encrypted VPN sessions.  The Pro 4100 appliance from SonicWall will sell for US $6,995 and is a high-speed gateway with built-in antivirus, antispyware, antispam, intrusion prevention, VPN and secure wireless LAN features, said Jon Kuhn, director of product management at SonicWall of Sunnyvale, Calif.

The high number of gigabit ports is designed to support organizations with internal segmentation and a large number of applications that need high-speed Internet access and a port density, SonicWall said.  As opposed to just putting a “brick wall” between corporate networks and the Internet, the 4100 is designed to spot threats originating inside corporate networks, or over wireless network segments, as well as those from the public Internet, Kuhn said.  For example, the Clean VPN feature inspects connections from mobile users and branch offices for malicious code and vulnerabilities.  The idea is to create a “trusted network” across both wired and wireless networks, SonicWall said.

The news follows an announcement from Symantec Corp., which unveiled Symantec Gateway Security 5600 Series, a new line of security appliances that can scale up to 3 Gbps of throughput suitable for campus-sized networks.  The appliances use Symantec’s DDR (Dynamic Document Review) technology that allows administrators to define sensitive words and word relationships.  Customers using existing Symantec Gateway Security 5400 series appliances and Symantec Clientless VPN Gateway 4400 Series can get the 5600 series features with an upgrade to the Symantec Gateway Security Version 3.0 software, Symantec said.

Unified threat management appliances have become very popular with enterprise IT managers in recent years, said Charles Kolodgy, an analyst at IDC.  While companies advertise the speed of their UTM devices, Kolodgy warns that throughput ratings are typically based on configurations with the firewall and intrusion detection features enabled.

http://www.eweek.com/article2/0,1759,1853689,00.asp?kc=EWRSS03119TX1K0000594

Catherine Nelson, security analyst with Cisco’s Security Intelligence team, which manages the site, said Cisco is helping to pioneer this vendor-neutral standard for rating security threats.

“We feel like it helps to streamline security information across the board to our customers — across products and across platforms,” Nelson said.

Nelson said the site is continuously updated by a team of Cisco security analysts who monitor the threat landscape for threats to thousands of products, gleaning information from numerous public and private sources.

Nelson predicted it typically takes between 60 and 90 minutes to go from threat identification to posted alert on the site.

http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci1117595,00.html

The market is forecast to grow by $4 billion in the next four years, thanks in part to federal mandates included in Sarbanes Oxley and HIPPA, according to the report.

Identity fraud and increasingly high standards for privacy and security are also expected drive growth.

IDC states that Web single sign-on, host SSO, user provisioning, advanced authentification, legacy authorization and directory services are key to identity and access management.

CA’s integrated IAM suite allows customers to centrally operate security systems, reducing complexity and costs.

http://www.techweb.com/wire/security/170101470

Cisco said in an advisory that an attacker could use the bug to pretend to be a legitimate Cisco Intrusion Detection Sensor (IDS) or Intrusion Prevention System (IPS), and collect login credentials, submit false data to IDSMC and Secmon or filter what data the two products see.

Cisco also warned, as a separate matter, a bug in its Intrusion Prevention System (IPS) that could allow a local user to gain full administrator privileges.

Although the flaws aren’t highly serious, the fact that Cisco’s products are so widely used gives them more potential impact.

Cisco offered patching instructions for the flaws in its advisories.

http://www.xatrix.org/article4058.html