StoneBlog.stonesoft.com

Helsinki has been named World Design Capital for 2012.

As you might know, Design is not only about chairs, desktop and furniture…

The word comes from the late Middle English as a derivative word from Latin “Designare“, which means to indicate something for a purpose or duty.

As it happens for many concepts, the word has a definition but different meanings depending on the context where it is applied.

Just like Security.

Two important principles related to design are usability and ergonomics.
Both are related to improve people efficiency in their working environment.

The same two principles are not only related, but fundamentally important for Security.

When you design something, you mainly think about the purpose of that something in different contexts.
Because different usage contexts mean different needs to address, different perspectives, different angles.

Just like in Security planning.

Especially after Cloud Computing wave, there has been lots of talking about context-aware security.
To highlight and stress that security technologies and implementations should always consider the whole context of a session and not only a fragment of it.
For example, not limiting authentication to user credentials validation only but extend the analysis and validation to the whole “security posture” by assessing the hardware he’s using, the network he’s coming from, the strength of the authentication method used, etc.

At Stonesoft, we have blended all these important principles in our solutions from day one.

We offer dynamic, software based network security solutions that can adapt to the context where they are implemented, providing protection against the lastest and most dangerous threats: AETs.

We provide great usability both for security administrators and for users, to maximize the efficiency and user experience while minimizing impact on resources.

We can prove reduction of CAPEX and OPEX costs with real, tangible savings.

We believe in ergonomics principles applied to (e.g.) authentication, where users should be able to achieve strong authentication naturally, using methods and devices they learnt to use daily for multiple other purposes.

We offer secured authenticated access to the cloud, enabling universal access from multiple platforms and context-aware security.

We empower MSSPs to provide faster time-to-market for security services and most scalable solution to manage thousands customers with minimized OPEX.

Ins’t this… ergonomic Network Security by design?

written by RoarinPenguin - 332 views \\ tags: context-aware security, design, ergonomics, network security

According to Sari Kajantie from the Finnish National Bureau of Investigation (NBI) in Helsingin Sanomat, the biggest national newspaper in Finland on 4 August 2011: “It is not the fault of the employee who has opened the attachment, if the hacker can access all company data from a single laptop.”

Companies need to pay much more attention to their internal network activities and traffic. It should not come as a surprise to anybody that individual laptops are compromized. Workstation networks must be separated from the servers by firewalls and intrusion prevention systems; not only by installing these devices, but also by paying attention to rules and monitoring their alerts.

Continue reading »

written by Ari Vänttinen - 939 views \\ tags: Advanced Evasion Techniques, AET, Context and situation awareness, cybersecurity, IT security, risk management, Security, security threat, SMC

This post is deepening the ability of StoneGate Authentication Server to integrate transparently with existing user bases with a technique called dynamic user linking.

The idea is to be able to pull information about user profiles from a wide range of directory servers and use dynamically these information to populate user accounts in StoneGate Authentication Server.

Continue reading »

written by RoarinPenguin - 1,096 views \\ tags: AD, Authentication Server, Feature Previews, MobileID, Secure access to cloud, SMC

Let’s start to analyze some of the important features of StoneGate Authentication Server, beginning with the concept of ergonomic authentication.

The concept of ergonomics is defined in Oxford Dictionary as “The study of people’s efficiency in their working environment”.

In StoneGate Authentication Server we applied this definition to innovative authentication methods, to make them designed for human beings.

Ergonomic Authentication means to offer authentication methods based on several factors of strength, without impacting on the user’s natural way of using common devices he’s using daily, such as his mobile phone or smartphone or tablet. Continue reading »

written by RoarinPenguin - 1,070 views \\ tags: Authentication Server, Feature Previews, MobileID, Secure access to cloud, SMC

SMC 5.3.1 is now publicly available and FW/VPN 5.3.0 is also published as controlled shipment. I wanted to conclude the StoneGate 5.3 feature previews by listing the other significant enhancements that are introduced in version 5.3. More details can be found from SMC and FW Release Notes and product manuals.

Continue reading »

written by Tero Jantunen - 1,158 views \\ tags: 5.3, ADSL, Certificates, Dynamic routing, Feature Previews, firewall, SMC, SNMP agent, VPN, WiFi

Version 5.3.1 of StoneGate Management Center includes a brand new functionality which enables Stonesoft to become a player in Identity Management and Authentication arena: StoneGate Authentication Server. Built to answer the pressing need to secure the access to the cloud (no matter if it is a private or public one), StoneGate Authentication Server is completely integrated in StoneGate Management Center from configuration, usability and backup/restore standpoint.

Continue reading »

written by Tero Jantunen - 853 views \\ tags: 5.3, AD, Authentication Server, Feature Previews, MobileID, Secure access to cloud, SMC

StoneGate Firewall 5.3 contains a new integrated Anti-Spam feature that complements the StoneGate UTM feature portfolio. The Anti-Spam feature has been developed in-house and contains a lot of different algorithms and tools for spam detection. It suits well for example small MSSP customers that have a single firewall and own email domain.

Continue reading »

written by Tero Jantunen - 851 views \\ tags: 5.3, Anti-Spam, DNSBL, Feature Previews, firewall, SMC, UTM

Internet Key Exchange (IKE or IKEv2) is the protocol used to set up a security association (SA) in the IPsec protocol suite. StoneGate FW/VPN 5.3 introduces the support for IKEv2 (in addition to IKEv1) in VPN configuration. IKEv2 includes the support for IKEv2 Mobility and Multihoming Protocol (MOBIKE). MOBIKE enables transparent recovery for VPN clients if the IP address of the VPN client or the IP address of the gateway to which the VPN client is connected changes in the middle of an open VPN connection.

Continue reading »

written by Tero Jantunen - 980 views \\ tags: 5.3, Feature Previews, IKEv2, SA, SMC, troubleshooting, VPN

StoneGate FW/VPN and SMC 5.3 provide a couple of nice enhancements related to StoneGate’s unique Multi-Link feature.

Continue reading »

written by Tero Jantunen - 1,067 views \\ tags: 5.3, Aggregation, Feature Previews, multilink, QoS, Throughput, traffic balancing, VoIP, VPN

In StoneGate 5.3, you can now predefine the policy to be installed on the firewall engine after it has contacted the Management Server for the first time. With this small enhancement the administrators can make sure that the devices start working in a planned way right from the beginning without the need of someone waiting at HQ to be ready to upload the correct security policy for the device once it is deployed.

Continue reading »

written by Tero Jantunen - 706 views \\ tags: 5.3, automatic policy push, Feature Previews, Initial configuration, Policy, SMC