All about Networking 2007-12-02T08:01:00-08:00 ExpressionEngine Copyright (c) 2008, Heather Ailara Sophos Strengthens Next-Generation Web Security with WS1000 tag:all-about-networking.com,2008:index.php/1.134 2008-01-23T18:40:35-08:00 2007-12-02T08:01:00-08:00 IT security and control firm Sophos today announced the latest version of its WS1000 web appliance, which brings together enterprise-grade policy and URL filtering with trusted real-time security filtering–all managed on one easy-to-use platform. The new Sophos solution enables businesses to effectively protect against growing web threats at the gateway, which are not adequately protected by current market offerings. The WS1000 also offers network administrators improved oversight and reporting of web browsing behaviors in their organization. 2008-01-23T18:40:35-08:00 Heather Ailara hailara@racepointgroup.com Network Security Enterprises are increasingly at risk as cybercriminals seek to exploit the popularity of Web 2.0 applications to penetrate the network. Hackers have refined their attacks to defeat existing web filters that are ill-equipped to keep pace with today’s fast moving, rapidly evolving threats. Sophos’s latest security threat report revealed that there are on average 6,000 new infected web pages identified daily with a growth in infections of well trafficked and trusted websites. This startling trend demonstrates the need for an intelligent, comprehensive web security solution to prevent these attacks from crippling corporate networks.

The WS1000 adds critical value to any organization’s security approach by providing the following:

* Enterprise-Grade URL and Security Filtering – The WS1000 is the only appliance that scans and filters in-bound and out-bound requests, while also scanning active content for signs of malicious intent, including the introduction of spyware and adware. The WS1000 also conducts detailed productivity filtering, scanning billions of websites every day.
* Industry-Leading Behavioral Genotyping – Sophos’s industry leading Genotype® technology delivers proactive detection of new threats. Genotype’s powerful predictive capability stops nine out of every 10 new outbreaks without having to issue a new threat update. This offers organizations faster, more comprehensive protection than anyone else in the industry.
* Simplified Appliance Management – More than 50 on-board system monitors ensure that hardware, software and traffic are fully operational and up-to-date. In the event of an exception, administrators are notified via email or phone instead of relying on a manual maintenance routine.
* Flexible, Guided Policy Management – This simple, step-by-step approach to policy management empowers businesses to control access to websites and date categories through several different groupings including user type, machine type and specific time periods throughout the day.

“Current URL filters are cumbersome to manage and ineffective at addressing the growing threat from malicious web content,” said Steve Munford, CEO of Sophos. “As web threats propagate quickly, organizations need a solution that takes the guess work out of security by automatically identifying and protecting against threats before they impact operations. The Sophos web appliance meets that need more effectively than any other in the industry.”

“Sophos is the only vendor I trust with network security - its products always set the bar high, and the Sophos web appliance is no exception,” said Brian Meeks, network administrator at The Paideia School. “On the first day of installation, I saw a noticeable difference in how well WS1000 filters unwanted web traffic. Sophos has started what I believe to be the “smart” web filter. The web appliance is easy-to-setup, easy-to-use and works extremely well in my Windows/Mac environment.”

]]> Lancope Predicts Increased Adoption of NetFlow(TM) and sFlow(R) in 2008 tag:all-about-networking.com,2007:index.php/1.133 2007-12-04T18:05:37-08:00 2006-11-02T14:01:00-08:00 Lancope(R), Inc., the provider of the StealthWatch(TM) System, the most widely used network behavior analysis (NBA) and response solution, today announced its prediction that flow data, including Cisco IOS NetFlow(TM) and sFlow(R), will continue strong adoption in 2008 due to its extensive network operations and security benefits for newer, more complex technologies such as Multi-Protocol Label Switching (MPLS), quality of service (QoS) for Voice over Internet Protocol (VoIP), Internet Protocol version 6 (IPv6) and Wide Area Network (WAN) optimization. Moreover, Lancope recently released its 2007 customer survey results which validate this assertion, revealing that over 50 percent of its customers currently enable NetFlow or sFlow and another 36 percent are planning to enable at least one type of flow data, whether NetFlow, sFlow or IPFIX, in the coming year. 2007-12-04T18:05:37-08:00 Editor tarcip@sales-masters-world.com Network Analysis Enterprises that leverage flow-based technologies can cost-effectively obtain critical information about traffic flowing across their WANs. NBA technologies analyze this network traffic in real-time, providing immediate, end-to-end visibility into suspicious network activities and network performance issues. By utilizing NetFlow and sFlow-based NBA solutions, security and network operations teams gain the intelligence they need to protect critical information assets and ensure network performance by preventing costly downtime, repair and loss of reputation.

In 2008, Lancope predicts significantly more organizations will enable NetFlow and sFlow as they roll out the following technologies:

—IPv6 - There are many benefits associated with IPv6, including improved and more flexible connectivity, an easier way for devices to auto-configure their own addresses, expanded IP address space and improved security. Because the federal government must implement next generation Internet Protocols by June 2008, many vendors are rapidly working to incorporate IPv6 into their technologies and service offerings. The key challenge facing security and network operations teams is that current IP network configurations and many of theapplications running on the network are designed to support IPv4, not necessarily IPv6. By analyzing flow data, IT teams can gain detailed network visibility to mitigate potential pitfalls of IPv6 migrations.

—MPLS - Adoption of MPLS services has significantly increased in recent years. While the benefits of rolling out MPLS-based networks are obvious - reduced congestion due to added flow path control, easier creation of VPN tunnels, improved QoS and reduced network complexity - there are many security implications to consider.  Often, these networks render ineffective the traditional technologies used to monitor and secure the network, resulting in loss of visibility into network performance and difficulty securing each location within the MPLS cloud. One way to regain visibility throughout the network is by enabling, collecting and analyzing flow data. NBA technologies that consume NetFlow and sFlow provide full visibility to help manage network performance, availability, and scurity for all remote sites.

—WAN Optimization - Recent research from the Aberdeen Group found that companies that have implemented WAN acceleration and optimization have achieved a 1,158% average improvement in response times for business critical applications. Enhancing the benefits of WAN optimization, flow-based NBA technologies provide detailed WAN visibility, identifying candidates for acceleration and analyzing WAN traffic by or between sites. By leveraging NetFlow or sFlow, NBA represents another opportunity to reclaim network traffic visibility that is lost when data is compressed, enabling rapid incident resolution and better management of infrastructure costs.

—QoS for VoIP - With newer, faster and cheaper technologies such as VOIP rapidly being deployed, it is increasingly important to ensure sufficient bandwidth for high priority network traffic, including VoIP calls and live media streams, which must be processed quickly and in real time. In traffic bottlenecks, flow-based NBA technologies provide preferential treatment for priority network traffic while maximizing network throughput and capacity utilization, thereby minimizing packet loss and delay.

“Until recently, many organizations have been unaware of the inherent advantages of turning on NetFlow or sFlow, which already exist in their network infrastructure,” said Adam Powers, CTO of Lancope. “In 2007 alone Lancope saw a dramatic increase in adoption of flow data among our customers and we anticipate additional uptick in 2008. Not only is flow data virtually transparent to the network, but it also yields numerous benefits for security and network operations by solving many collective issues associated with IPv6, MPLS, WAN optimization and QoS. It’s a cost-effective and efficient way to help our customers truly know what’s happening on their networks.”

Powers added, “Lancope believes so strongly in the power of flow data that we will be delivering several new and exciting NetFlow-based technologies in 2008.”

]]> Orange Business Services Announces IPVPN Protected tag:all-about-networking.com,2007:index.php/1.132 2007-10-15T17:06:02-08:00 2006-11-01T01:01:00-08:00 Orange Business Services announces the worldwide availability of IPVPN Protected. Branch and remote offices can be secured using IPVPN Protected, a new managed security offer integrated in the Cisco Integrated Service Router and encompassing a firewall and intrusion prevention system. In today’s business environment, companies routinely need to open their corporate networks to external users, mobile employees, distributed workforces, customers and business partners. With this flexibility comes the need for an appropriate level of security. Employees today do not have a clear separation of work and life. They tend to mix personal and work time; sometimes working at home at other times doing personal computing at work. This way of working creates new network security challenges that IPVPN Protected solves. Additionally, regulations – such as Sarbanes-Oxley, HIPAA or Basel II – result in more traceability and data exchange increases in volume and criticality (USB, peer-to-peer).  2007-10-15T17:06:02-08:00 Elizabeth Mayeri elizabeth.mayeri@orange-ftgroup.com Network Security IPVPN Protected provides customers four key benefits:

effective security: IPVPN Protected embeds effective security capabilities such as a bi-directional zone-based Firewall and an intrusion prevention system (IPS) to protect against internal and external threats,

low costs: to address the volume associated to branch and remote sites, we propose an affordable security solution with a pricing structure based simply on installation fees plus monthly recurring charges,

integrated simplicity: the firewall and intrusion prevention options rely on the Cisco Integrated Service Router IOS functionalities and do not require deployment of additional equipment or need customer resources. This security is then integrated into our managed network services including IP VPN, Internet Direct and Small Office Services and inherits the SLAs selected by the customer. The service reacts automatically in case of attack, working as long as the router is on. The security policy, or filtering rules, can be customized as specifically as needed to meet the customer unique needs for each site or can be defined globally,

managed service: Orange Business Services manages IPVPN Protected, delivering, maintaining and supporting the firewall and intrusion prevention options. For the firewall, the customer defines its security policy through flexible and adaptable filtering rules that can be defined globally or per site. The intrusion prevention mechanism inspects the incoming and outgoing traffic and then blocks any traffic matching one of the loaded attack signatures such as a virus downloaded on a remote computer that is trying to enter the intranet. 

]]> NetWitness Launches Next Generation Network Monitoring Solution tag:all-about-networking.com,2007:index.php/1.131 2007-09-10T19:58:26-08:00 2006-12-09T21:01:03-08:00 NetWitness Corporation, the leading provider of technology solutions focused on identification, investigation, and analysis of complex network threats, today announced the immediate availability of NetWitness NextGen™. For the first time, a single solution captures all network traffic and re-uses the same data to solve a broad range of business and security problems such as insider threat management, data leakage, malware activity detection, network performance management, compliance verification and e-discovery. With ten years of development invested in the core, patented technology, and proven experience in network monitoring and threat analysis with the most demanding government and private sector clients, NetWitness NextGen offers an extensible application platform and distributed architecture that scales to meet enterprise needs and an emerging class of sophisticated cyber threats.  2007-09-10T19:58:26-08:00 Chris Leach chris@w2comm.com Network Monitoring “In a world in which managing sensitive and valuable corporate data has become more challenging and critical than ever, businesses require a data protection solution that spans a wide and complex range of problem sets,” says Michael Montecillo, Analyst with Enterprise Management Associates. “NetWitness NextGen is not a CMF, SIM, IDS or some other stand alone security technology – it is the next generation of enterprise security infrastructure and network monitoring.”

NetWitness NextGen is an enterprise network monitoring solution that provides organizations the ability to perform fully automated analyses of immense volumes of reconstructed network, application, and user traffic via the NetWitness Informer application. Informer is specifically designed to provide specific and accurate threat alerts and in depth policy and regulatory compliance reports on a wide variety of categories. Informer distills highly sophisticated sets of complex network data and quickly highlights common business concerns such as insider threats, data leakage, covert activities/channels, compromised hosts and malware activities.

NextGen also delivers the NetWitness Investigator application that delivers a highly interactive, real-time view into the same network traffic sets collected and reconstructed via the NextGen infrastructure. Investigator enables security personnel to access multi-terabyte data sets and pivot them instantly in numerous dimensions based on network, application and user-level criteria. Users of Investigator can view this data cube on a continual and real-time basis to zero in on traffic of greatest interest and impact to the organization.

Both NetWitness Informer and Investigator leverage a common NextGen enterprise infrastructure of data recording and reconstruction components, which scale up to 225 terabytes of online storage.

The NetWitness technology has an unparalleled track record of success identifying threat activities and sensitive data within the Federal government, including intelligence, military and civilian agencies, as well as within the law enforcement community. With this launch, NetWitness NextGen allows any organization, not just government and law enforcement, to leverage these powerful software applications and infrastructure to address a wide variety of security challenges. Specific industry functionality has been included to support financial services, energy, transportation, and telecommunications needs, as well needs of broader market that handle highly sensitive personally identifiable information (PII) or research and development (R&D) information such as retail, healthcare or pharmaceuticals.

“With ever increasing threats from both well-funded private and state-sponsored adversaries, commercial and government organizations can no longer afford the inefficiencies and gaps associated with treating each security problem as a singular, unrelated issue,” said Amit Yoran, CEO of NetWitness and former National Cyber Security Director. “Network traffic has always contained critical data needed to resolve a variety of corporate security unknowns. While high-speed data recording and session reconstruction has existed for some time, the necessary analytics, reporting and ease of use to make benefit of this functionality has been absent. NetWitness NextGen leapfrogs current security monitoring practices by enabling enterprises to capture and analyze their traffic cost-effectively, and re-use the data repeatedly using multiple analytic applications to answer a wide variety of questions. The NetWitness NextGen approach enables both governments and the private sector to better address today’s security, threat, and risk management challenges—and to keep pace with the unknown threats, designer malware and custom zero day exploits facing them on a daily basis.”

]]> Endace Adds Netflow Generation Capability to NinjaProbe Appliance Family tag:all-about-networking.com,2007:index.php/1.130 2007-09-10T19:49:12-08:00 2006-12-09T21:01:02-08:00 Endace Limited (LSE/AIM: EDA), a world leader in network traffic monitoring solutions, today announced that its NinjaProbe appliances can now generate and export NetFlow statistics. By building upon technology licensed from Sprint Nextel Applied Research & Advanced Technology Labs (AR&ATL) Endace application-independent monitoring probes have the ability to produce granular NetFlow statistics independent of the network infrastructure, removing overhead on key transport devices. This latest enhancement enables network operators’ to increase return on monitoring infrastructure investments by using the same probes for a larger range of monitoring applications, integrating with existing NetFlow tools. 2007-09-10T19:49:12-08:00 Editor tarcip@sales-masters-world.com Cisco Netflow “At Sprint AR&ATL we continue to drive new areas of innovation in next-generation networks, working with industry leaders such as Endace to commercialize our technology, “ said Tim Kelley, Director, Sprint Nextel AR&ATL. “NetFlow records are widely used as the source of traffic statistics for many different networking security and operational tools. The ability to optimize statistics for each application is key in analyzing high-volume network traffic”

NetFlow statistics have historically been generated by the switching and routing infrastructure within the network however as network speeds and performance demands increase, moving NetFlow generation to the NinjaProbe removes this performance and real estate overhead from the infrastructure. Since NinjaProbe systems are independent from the network infrastructure, operators can monitor complex multi-vendor networks where needed and generate granular statistics under all network conditions.

“Adding NetFlow generation and export capabilities to NinjaProbe appliances is a significant advance in our strategy to provide flexible, application-independent network monitoring infrastructure,” said Stuart Wilson, Chief Technology Officer for Endace. “By integrating with the extensive range of existing NetFlow collectors and analysers, NinjaProbe systems can be used for many more monitoring applications, including real-time security and billing.”

With the Endace hardware-accelerated NinjaFlow application, NinjaProbe appliances analyse every packet to selectively distribute NetFlow records to multiple collectors or analysers. Flexible control of the flow exports enables network operators to maximise the benefits of their existing solutions by tailoring NinjaProbe outputs to meet the needs of each NetFlow analysis application. 

]]> New Secure64 Product Enhancement Dramatically Simplifies Deployments of ‘Anycast’ DNS Servers tag:all-about-networking.com,2007:index.php/1.129 2007-09-05T17:38:20-08:00 2006-12-09T14:01:00-08:00 Secure64 Software Corporation, a software developer with the only Genuinely Secure™ software technology and server applications, today announced it has incorporated two key new features into Secure64 DNS. The latest product features make it easier for IT managers to administer anycast DNS servers and obtain network attack characteristics that can be used to mitigate attacks upstream from the DNS servers. “By incorporating these customer-driven features into Secure64 DNS, we have strengthened our leadership position in providing highly secure, self-protecting DNS server applications,” stated Mark Beckett, Vice President of Marketing, Secure64. “Secure64 DNS now extends its protection features beyond the DNS server itself, providing our customers with an even greater ability to implement more resilient infrastructures, increase their uptime and ensure greater business continuity.” 2007-09-05T17:38:20-08:00 Rich Miller rmiller@trippecompany.com Network Security The new anycast feature in Secure64 DNS greatly simplifies the process of administering anycast DNS servers, especially where upstream routers are not under an administrator’s control. By eliminating the need to make router changes when anycast DNS servers need to be switched off for maintenance or taken offline completely, the anycast feature reduces administrative costs and headaches.

Anycast is a network addressing and routing scheme that allows multiple servers to share a common IP address, with data being routed to the nearest server as viewed by the routing topology. This technique improves performance and resiliency of many applications by routing requests to the nearest server, and by limiting the detrimental effects of a large network attack to a subset of the servers sharing an anycast IP address. The anycast approach is widely used by the Internet’s root server operators to provide extra DDoS resiliency and improve DNS performance.

The new attack notification feature in Secure64 DNS uses Syslog and SNMP traps to provide real-time network attack characteristics that can be used to set filters on upstream networking and routing equipment. This allows organizations to respond faster to DNS attacks and keep their network connections from congesting with attack traffic. With the new attack notification feature, Secure64 DNS now helps to safeguard network bandwidth in addition to protecting the DNS server itself.

In addition to these two new features, Secure64 DNS now directly reads BIND configuration files, simplifying the deployment of the Secure DNS product into existing infrastructures by eliminating the need to convert configuration files.

By making it easy for organizations to adopt best practices like anycast, react quickly in the event of an attack, and deploy new technologies with minimal disruption to existing infrastructure, Secure64 greatly simplifies the task of creating a secure, highly available DNS infrastructure, which is viewed as an increasingly critical component of an organization’s network infrastructure.

“Transitioning to a utility-grade network means that the emphasis is no longer on layers 1 though 4 in the OSI stack. DNS is the new black art of networking, not routing,” wrote Robert Whiteley, Senior Analyst, Forrester Research, in the May 2007 report Taking IT From a Commodity to a Utility. “Few companies do it well, and even fewer have the skill set to scale it; best practices are rarely documented, never mind automated.”

]]> Pingtel Launches New Line of SIP IP PBX Appliances tag:all-about-networking.com,2007:index.php/1.128 2007-08-28T15:59:05-08:00 2006-12-09T14:00:09-08:00 Pingtel, a Bluesocket Company and the leading provider of SIP-based Enterprise Communications Systems (ECS), today introduced a new line of turn-key SIP IP PBX appliances. The product family combines Pingtel’s award-winning SIPxchange™ SIP PBX unified communications software for Linux with best-of-breed Intel® servers, AudioCodes® gateways, and phones from Polycom®, LG-Nortel and Snom®, for overall VoIP ease of use and scalability. “Our new certified SIPxchange product line merges function with value, giving customers a choice of true turn-key appliances that are architected to scale from small deployments of less than 50 users, all the way to deployments that exceed several thousand users and include high-availability,” said Martin Steinmann, vice president of product management at Bluesocket. “The new appliances provide our customers the redundancy, interoperability, scalability, support and plug-and-play benefits they need in an enterprise voice solution.” 2007-08-28T15:59:05-08:00 Ken Lynch klynch@bluesocket.com Wireless Networks The new Pingtel products are 100-percent SIP, enterprise-grade and full-featured turnkey appliances that include integrated voice mail, automated call distribution, multiple auto attendants, a built-in presence server, and a Web-based plug & play system configuration and management tool for industry-leading ease of use. Each has a fully-integrated PSTN gateway and caters to a specific enterprise type, as follows:

* SIPxchange SE – Serves as a cost-efficient VoIP solution for small enterprises with up to 100 users;
* SIPxchange ME - For medium enterprises of up to 1,000 users; and
* SIPxchange LE – For large enterprises that can scale up to several thousand.

Both the ME and LE models are also available in redundant high-availability mode, with the option of having the high-availability servers geographically distributed. The appliances integrate seamlessly into an existing IT environment, allowing users to convert to VoIP at their own pace while following already established best practices within their IT organization. And, with Pingtel’s SIPxchange installation wizard, a full enterprise system can be deployed in under 30 minutes with only a few mouse clicks.

“As open source VoIP solutions become an integrated component of an organization’s mobility strategy, a robust and enterprise-grade architecture that facilitates scaling, redundancy, and ease of use is extremely important,” said Mads Lillelund, president and CEO of Bluesocket. “Our family of Pingtel SIPxchange appliances sets a new industry benchmark for delivering VoIP communications services, enabling enterprises of all sizes to realize immediate benefits of higher voice quality, improved scalability and significant cost savings.”

The entire turn-key voice solution product line is supported through Pingtel’s global technical assistance center. For more information on the new appliances, please visit http://www.pingtel.com/appliances.

Pingtel was acquired by Bluesocket in July 2007. By combining the strengths of the companies, Bluesocket is now positioned to be among the first WLAN/Mobility companies to offer turnkey unified mobile communication solutions – meeting the demands of today’s mobile enterprise. 

]]> WatchGuard Announces Updates to Firebox X Security Appliance Family tag:all-about-networking.com,2007:index.php/1.127 2007-08-23T17:54:49-08:00 2006-12-09T11:01:00-08:00 WatchGuard® Technologies, Inc., a leading provider of firewall appliances and unified threat management (UTM) solutions, announced today that it has released appliance software updates that will give a boost to its Firebox® X e-Series product family, geared toward fortifying their reliability and enhancing their ease of use. Customers of WatchGuard’s Firebox® X Core™ and Peak™ security appliances will benefit from the release of Fireware® 9.1, providing features such as a spam quarantine, a new POP3 proxy, anti-virus scanning, and inbound server load balancing. Customers of the WatchGuard Firebox X Edge e-Series line of UTM network appliances will benefit from the release of the Edge 8.6 appliance software, providing a host of upgrades including such features as enhanced wireless security, WAN failover to a serial modem, PPTP remote user support, SMTP support, and enhanced centralized management and reporting. 2007-08-23T17:54:49-08:00 Isaac Lopez isaac@taborcommunications.com Network Security “WatchGuard is committed to providing our customers with industry-leading security appliances that are impenetrable and provide the highest reliability along with the best ease of use in their class,” said Joe Wang, CEO of WatchGuard Technologies. “Through these latest updates, WatchGuard customers will benefit by gaining access to new features aimed at improving overall performance, increasing reliability while enhancing the ease of use in our products’ management capabilities. WatchGuard will continue to deliver products aimed at giving our customers strong, reliable UTM security appliances.”

The Firebox® X Core™ and Firebox® X Peak™ Updates

Designed to provide the best in business security for mid- to large-sized businesses, the Firebox X Core and Firebox X Peak appliances are receiving a boost to their appliance software, adding new capabilities that increase the performance and reliability of the appliances. WatchGuard’s Fireware 9.1 introduces a robust set of function enhancements and management features to give network administrators more options for managing the security of their installations.

Fireware 9.1 adds to an already robust UTM solution. With an all-new quarantine capability for spamBlocker, virus scanning for FTP and POP3 traffic, and unlimited file size scanning for AV, WatchGuard’s UTM appliances deliver robust best-of-breed functionality. The release of Fireware 9.1 for the Firebox X Core and Firebox X Peak appliances enables the following features:

* Spam Quarantine – Users of the spamBlocker security service subscription can create a safe, full-featured quarantine for spam, bulk mail, and suspect email messages. Granular control allows the system administrator to configure preferences for mail disposition, storage allocations, and other parameters.
* New POP3 Proxy – Fireware 9.1 introduces a POP3 proxy, protecting POP3 users against multitudes of email-borne threats. The proxy delivers true zero day protection against new and unknown threats.
* Unlimited File Size Scanning for AntiVirus – A new anti-virus scanning engine eliminates limits on the size of attachments and downloads scanned for viruses with the optional Gateway AV/IPS subscription.
* AV Scanning for FTP – WatchGuard users running Fireware 9.1 and the optional Gateway AV/IPS security service subscription can now apply AV scanning to all inbound and outbound files transferred via FTP, adding granular defense against many different types of malware to the true zero day protection already present in the FTP proxy.
* Inbound Server Load Balancing – Many companies use multiple internal servers to host a web or e-commerce site. Server load balancing allows the Firebox to distribute requests for a company’s URL or other public-facing content to a “server farm” or group of servers. Multiple algorithms offer tailored traffic distribution to the specific server environment. Fireware 9.1 also detects server outages and automatically routes requests to the remaining servers until the offline server is back online.
* Firebox X550e Model Upgradeability – Upgrade the capacity and performance on the Firebox X550e via a license key to equal the capacity and performance of the standard 750e and 1250e models, but with 4 Ethernet ports rather than 8. This allows an organization to adapt and expand, scaling their security needs upwards as their business grows.

Firebox X Core appliances are ideal for medium-sized businesses and are capable of 300+ Mbps firewall throughput. Firebox X Peak appliances can support larger enterprise solutions with 2.0 Gbps firewall throughput. Both appliance lines and their associated security service subscriptions offer complete UTM solutions including anti-virus, anti-spyware, anti-spam, intrusion prevention, and URL filtering.

Firebox® X Edge Update

Designed for branch offices and businesses with up to 50 users, the Firebox X Edge is receiving a significant boost with the Edge 8.6 appliance software release. The Edge 8.6 update includes a bevy of new features that increase business reliability, improve network security management, and increase security. The release of Edge 8.6 appliance software for the Firebox X Edge enables the following features:

* Enhanced Default Threat Protection – New protocols have been added to the proactive intrusion prevention engine allowing Edge 8.6 to detect and block attacks such as Syn Flood, Distributed Denial of Service (DDoS), and the attack known as the “Ping of Death,” aimed at crashing the target computer and/or subsequent network.
* Robust VPN Failover – Edge 8.6 provides complete VPN failover functionality, providing constant connectivity to remote networks via VPN tunnels. In the event of a primary remote gateway failure, VPN connections will seamlessly switch to secondary gateway connection and remain up between the two connection points. Once the primary gateway connection becomes available again, VPN traffic will automatically switch back to the primary connection.
* WAN Failover with Serial Modem – When the Firebox Edge 8.6 can utilize an external modem through the serial port for failover to a dial-up connection. Now networks like a retail store or POS location can temporarily fail over to a dial-up connection in the event that their main broadband connection is down and immediately switch back to the faster connection as soon as it is available again.
* Enhance QoS Support – Responding to the demands of the increasing adoption of time-sensitive services such as Voice over IP (VoIP) and video conferencing, the Edge 8.6 gives system administrators the ability to prioritize traffic to provide maximum throughput to more critical traffic and mark the priority of outgoing traffic to ensure prioritization by other upstream systems.
* Enhanced Security for Business Mail Servers – Edge 8.6 expands on its POP3 traffic scanning ability by adding an SMTP proxy to scan inbound email traffic for customers who host their own email with internal SMTP servers. Administrators can control attachment types, hide internal domain information, and deploy optional spamBlocker and Gateway AV/IPS to protect internally hosted email from spam, spyware, viruses, and many other threats and nuisances.
* WPA2 Wireless Encryption – Edge 8.6 is now compatible with the WPA2 wireless encryption standard in addition to WEP and WPA standards already supported for greater interoperability and security on the customer’s wireless network.
* Secure Remote User Access over PPTP – Edge 8.6 appliance software now supports up to 10 remote PPTP client connections, providing an inexpensive alternative to the IPSec protocol for Microsoft® Windows® users, for a secure connection for remote users to a corporate network.
* MAC Address Lockdown – Edge 8.6 now allows administrators to grant or deny wired and wireless network access based on Ethernet MAC (Media Access Control) addresses, to bar users with unauthorized devices from gaining access to network resources.
* Custom Proxy Configuration – Edge 8.6 offers enhanced flexibility by allowing users to inspect and secure outgoing HTTP and POP3 traffic on non-standards ports.
* Enhanced Security for IPSec Tunnels – Firebox Edge 8.6 now supports IKE (Internet Key Exchange) peers using AES 128, 192, and 256 bit encryption and DH Group 5 key transaction, for enhanced security and interoperability in communication-sensitive business information over IPSec and VPN tunnels.
* 3rd Party Certificate-based Authentication – Now Edge 8.6 administrators can use digital certificates from popular sources such as RSA®, VeriSign®, Entrust®, Microsoft, and others, for authentication of VPN tunnels or for general Internet access, or administrative access to the Edge management user interface.
* WSM Reporting Enhancements –The Firebox X Edge 8.6 now provides rich historical reporting for administrators who use WatchGuard System Manager, offering statistics on threats processed and blocked through Gateway AV/IPS, WebBlocker, and spamBlocker, and providing summary and detail visibility into network and security events, user behaviors, and more.
* Edge Web GUI Reporting – New intuitive ways to monitor viruses, spam, intrusions, and content filtering are now available through the Firebox X Edge Web Manager 8.6. For users who subscribe to any WatchGuard optional security subscriptions detailed statistics of threats processed and blocked are automatically recorded. Easy access is available under new tabs in the interface and the data is displayed in easily understood tables and graphs.
* SNMP Monitoring – Support for SNMP (Simple Network Management Protocol) monitoring has been added in Edge 8.6, giving users the ability to monitor various system parameters from popular SNMP applications such as HP OpenView, IBM Tivoli, or open source packages. Edge 8.6 supports SNMP v2 and v3, for enhanced security and functionality.

Firebox X Edge appliances are aimed at businesses with up to 50 users, and are ideal for branch offices, as well as single-site businesses. 

]]> Centennial Discovery 2007 Eases Management of IT Hardware and Software Assets tag:all-about-networking.com,2007:index.php/1.126 2007-08-22T16:08:08-08:00 2006-12-09T07:00:09-08:00 Centennial Software, developer of IT asset discovery and endpoint security solutions, today announced Centennial Discovery 2007, the latest version of the company’s award-winning IT asset discovery software. The new release features powerful migration planning and reporting tools designed to help companies more easily and efficiently manage and budget the enterprise-wide adoption of Microsoft Windows Vista™. Centennial Discovery 2007 also offers new web reports and audit enhancements for IPv6 networks and Windows CE-based devices, along with a number of core product enhancements that improve overall IT asset management (ITAM), software asset management (SAM), specific project management and general IT governance. 2007-08-22T16:08:08-08:00 Leena Faust lfaust@centennial-software.com Network Security “Migration to Microsoft Windows Vista is likely to be the biggest and most costly software project most companies will undertake in the next 24 months,” said Andy Burton, CEO of Centennial Software. “Discovery 2007 includes the tools necessary to audit all network assets, assess whether they meet minimum Vista requirements and accurately plan and budget for upcoming migration initiatives. Companies are increasingly recognizing the unnecessary costs they incur in managing software, making this type of network discovery the foundation for any organization that wants to improve overall IT visibility and efficiency.”

Centennial Discovery is the industry’s leading solution for network inventory and IT asset management. It offers businesses and the channel community the most powerful and comprehensive software tool available for dynamically finding, identifying and auditing all corporate hardware and software on a network. Discovery is also the first solution to help users investigate unknown software—through the ‘Discovery.Portal’—to identify developers, usage and licenseability of the software.

New Centennial Discovery 2007 Features

* Full Windows Vista Support and Upgrade Reporting—this includes auditing Windows Vista client machines, the ability to install the Discovery Server on a Windows Vista-based machine for evaluation purposes, and new template-based upgrade wizard reporting that enables administrators to properly plan, budget and resource the operating system upgrade projects.
* Web Reports—new web reports for hardware changes, software changes, last contact, deployment status, under-licensed software and asset status for security vulnerability charts.
* Auditing of IPv6 Clients—ability to return IPv6 addresses identified as part of a client audit and correctly display the information in the General and Systems tabs in the Windows Control Center.
* Auditing of Windows CE-based Devices—report on hardware and software installed on Windows CE-based smartphones and pocket PCs.
* Template-based Upgrade Wizards—a more robust and intuitive approach to hardware and application upgrade planning with new templates.
* Selectable Secure/Auto Client Update—the ability to select specific machines to receive secure client updates, rather than having all machines updated simultaneously (this can help dramatically reduce network bandwidth usage).

]]> 8e6 Technologies Announces New Solutions to Plug Security Holes in Enterprise Networks tag:all-about-networking.com,2007:index.php/1.125 2007-08-13T17:21:29-08:00 2006-12-08T22:01:00-08:00 8e6 Technologies, the leading independent provider of Web filtering and insider threat management solutions for mid-size to large enterprises, today announced the general availability of three enterprise solutions geared to address specific gaps in network security that many IT administrators may not be aware of, including the elusive use of Web-based proxies in the enterprise. The growing problem of Web-based proxies has remained under the radar for many security administrators, due in large part because most Internet monitoring, vulnerability management, data leakage and firewall solutions are unable to detect this potential breach to network security. In response, 8e6 Technologies created the 8e6 ProxyBlocker, a point solution based on their unique proxy-blocking technology that specifically addresses the growing proxy problem in the enterprise. 2007-08-13T17:21:29-08:00 Jen Spark 8e6@schwartz-pr.com Network Security Web-based or circumvention proxies are Web sites that allow users to circumvent Internet filters and access any site anonymously at any time, without IT staff having any knowledge or control of access. First identified in the school districts and colleges, proxy use has exploded and has recently bled over into the enterprise as tech-savvy students enter the workforce in droves. While seemingly harmless, these proxies allow unfettered access to sites that may contain malicious code such as Trojans, viruses and keyloggers which employees inadvertently bring inside the network. Unidentified proxy use also allows unregulated access to a host of blocked sites, including social networking and Web 2.0 sites, opening the network to data leakage risks and a host of legal liability issues.

“Corporations can not block what they can not see, and most proxy sites by nature appear harmless to the untrained eye,” said Paul Myer, president and chief operating officer at 8e6 Technologies. “Enterprise IT managers should educate themselves about how to use existing Internet filtering and reporting technologies to determine if proxy use is a wide-spread problem, and then consider implementing specific policy and technology solutions to fill the gap that proxies create in the network.”

With the launch of 8e6 ProxyBlocker, network administrators can continue to utilize their existing filtering solutions while specifically addressing the problem of Web-based proxies. Using technology available in the 8e6 R3000 Internet Filter, the 8e6 ProxyBlocker uses Intelligent Footprint Technology™, a pattern recognition system, as well as the 8e6 Library to identify and block known proxies, providing zero-day protection against known sites. Administrators are able to use the 8e6 ProxyBlocker’s built-in reporting function to immediately identify attempted proxy access and take immediate action to prevent future use.

“At the 8e6 Lab, we see an increasing number of enterprise users circumventing the filter to deliberately violate their company’s Acceptable Use Policy, whether via Web-based proxies or another growing security concern—unregulated laptop use outside the network,” said Rich Sutton, director of the 8e6 Labs at 8e6 Technologies. “These security policy gaps often go unnoticed among IT officials, yet put the organization at tremendous risk of security breaches and legal liability. With 8e6’s new lineup of solutions, administrators are able to implement cost-effective point solutions to immediately plug these security holes and prevent users from getting around the filter.”

In addition to the 8e6 ProxyBlocker, 8e6 also announced two additional enterprise point solutions:

* 8e6 Mobile Client 2.0 – An update to the 8e6’s remote laptop filtering client for PCs and Macs, the Mobile Client is designed to extend the company’s Internet filtering, reporting and monitoring to the increasing number of corporate laptops, allowing corporations to easily close the security and liability gap caused by laptops that leave the network.
* 8e6 Watchdog Monitoring Application – An application for all existing 8e6 users that monitors the status of 8e6’s Threat Analysis Reporter, 8e6 R3000 Internet Filter and the 8e6 Enterprise Reporter. By alerting administrators if the appliances go offline for any reason, this service maintains the integrity of this critical security layer and is available to 8e6 customers at no additional cost.

With the availability of ProxyBlocker, 8e6 Mobile Client 2.0 and 8e6 Watchdog Monitoring Application, administrators have access to robust point solutions to ensure that their networks are fully protected against inappropriate Web site access, malware incursions and the possibility of legal liability associated with unregulated Internet surfing. 

]]>