CyberSecurity Institute

Upcoming smart phone will feature a mobile version of F-Secure’s antivirus software.

Finnish mobile phone manufacturer Nokia will offer mobile antivirus software through F-Secure as one of the features in its new Nokia 6670 smart phone when it is released in October, the companies announced this week.

The Symbian OS smart phones will provide on-device protection, similar in fashion to antivirus protection programs for PCs, with automatic over-the-air antivirus updates for a monthly fee.

The software will not come loaded into the device, but can be downloaded from the F-Secure Web site, according to Nokia spokesperson Karoliina Lehmusvirta.

The Nokia 6670 will be the first mobile phone in its Series 60 line to offer the mobile virus protection, though users of other Series 60 mobile phones will also be able to purchase the antivirus protection software, “perhaps as early as October,” Lehmusvirta says.

F-Secure is also in talks with other handset manufacturers about offering similar antivirus protection, according to Matias Impivaara, business manager for mobile security services for F-Secure of Helsinki.

“This announcement is a starting point for us and we have been testing the service with a variety of handsets from different vendors and in several operator networks,” Impivaara says.

Nokia, based in Espoo, Finland, already offers antivirus software through F-Secure for its Communicator line of mobile devices, but Impivaara says the protection offered for the Nokia 6670 is a greatly improved version in terms of both features and pricing options.

“The first general offering for the mobile antivirus software came a couple of years ago, but this version has a whole new infrastructure,” Impivaara says.

“For example, it has a patented SMS [short message service] update mechanism and HTTPS [Hypertext Transport Protocol Secure] connections.

Lehmusvirta stresses that there is nothing about the Nokia 6670 that makes it particularly susceptible to viruses and that Nokia knows of no capabilities within any of its devices that a virus might exploit.

After a series of three malicious program targeting wireless devices were discovered in between June and August, security specialists stepped up their warnings of the pending possibility of serious attacks against mobile phones and PDAs.

F-Secure claims its mobile antivirus software service is the first commercially available product for protecting Symbian OS smart phones but IDC analyst Paolo Pescatore says similar programs can be expected in the very near future.

http://www.pcworld.com/news/article/0,aid,117904,pg,1,RSS,RSS,00.asp

The company, which has built a server device that runs several identity protocols at once, announced earlier this week that it has hired Robert Thomas, NetScreen’s former CEO, as its own chief executive.

While at NetScreen, Thomas grew the company from a development-stage start-up with 31 employees to a flourishing public company with 950 employees. He also helped bring the company to a successful initial public offering in 2001. In February 2004, he helped sell the company to Juniper Networks in a deal worth $4 billion. Now Thomas is looking to do it all over again. “I was very fortunate that we were successful at NetScreen,” he said. “I learned lots of lessons that I hope to apply here.”

Infoblox, founded in 1999, has developed a server device that allows companies to run several identity protocols such as DNS, DHCP, Radius and LDAP at once, instead of running them on separate platforms like most companies do today.

Thomas argued that the old approach adds complexity and expense to the network. These standard protocols, some of which have been around for nearly a decade, are used to help large companies and service providers apply security policies to their networks.

Domain Name Service, or DNS, is used in the public Internet and private intranets to translate names of host computers into IP addresses.
Dynamic Host Configuration Protocol, or DHCP, allows computers to get temporary or permanent IP addresses from central servers.
Remote Authentication Dial In User Service, or Radius, is the de facto standard for authenticating users accessing networks remotely.
And finally, Lightweight Directory Access Protocol, or LDAP, is the standard protocol for clients accessing directory servers.

These protocols have become even more important to networking, because companies are now using them as part of an end-to-end security architecture. For example, Cisco and Microsoft plan to use Radius in their architectures, allowing networking devices to check the health of end points before they connect to the network.

Thomas compared today’s identity server market to that of the security market before NetScreen came on the scene. Like the identity market, companies bought point products for every security function, such as firewalls and virtual private networks.

NetScreen was one of the first companies to introduce a product that allowed customers to buy a single device that offered several security functions. Over the past couple of years, sales of these products have risen considerably.

“It’s a natural product evolution in product development to collapse functionality onto a single device to make it easier and simpler to use,” Thomas said. Although he believes Infoblox has an excellent strategy and product, Thomas acknowledged that one can’t build a company hoping that it will simply be acquired.

http://news.com.com/Ex-NetScreen+CEO+takes+on+new+start-up/2100-1033_3-5379059.html?part=rss&tag=5379059&subj=news.1033.5

P-Cube’s IP service control platform allows service providers to identify subscribers, classify applications and offer differentiated service performance. The technology makes it easier for telcos to control and manage advanced IP services such as voice-over-IP, interactive gaming, video-on-demand, or P2P traffic. P-Cube has tweaked this technology to help fight one of the principal causes of spam. A new version of the Engage service application (Engage v2.1) of P-Cube’s Service Control Platform released this week provides ISPs with a tool for network-based detection and protection from spam zombie attacks.

Worms such as MyDoom and Bagle (and Trojans such as Phatbot) surrender the control of infected PCs to hackers. These expanding networks of compromised zombie machines (dubbed ‘botnets’ by the computer underground) can be used for spam distribution or as platforms for DDoS attacks. By using compromised machines – instead of open mail relays or unscrupulous hosts – spammers can bypass IP address blacklists. A great deal of spam (between 40 to 80 per cent depending who you ask) originates from spam zombies. The large number of attacking machines makes it difficult to identify the source of a spam zombie-based attack or to take corrective action in real time without causing massive disruption to network operations and legitimate users.

P-Cube claims to have licked this problem with technology that is both application and subscriber-aware. The approach allows service provider to identify spam zombie activity from a particular subscriber, block their email transmissions and redirect the infected subscriber to a site where the system can be purged of the zombie infection. Engage can perform these functions without introducing latency into the network, P-Cube claims.

The approach is similar to the detect, isolate and cleanse approach Cisco has taken with its Network Admission Control program. The scheme involves a combination of technology from Cisco and AV vendors to combat the spread of computer worms across corporate networks.

P-Cube’s service platform competes with products from companies such as Ellacoya Networks and Sandvine.

As the market evolves its likely that traffic management technology will be increasingly brought into play alongside conventional anti-spam filtering in combating the zombie menace.

http://www.theregister.co.uk/2004/09/22/p-cube_zombie_buster/