StoneBlog.stonesoft.com

1.5 years ago (October 18th, 2010), Stonesoft announced that it has discovered a new network security threat category. These are so-called Advanced Evasion Techniques (AET), which can bypass current network security devices without leaving a trace. Now you can see those evasions as well as many other type of anomalies directly in Stonesoft Management Center’s Log Browser in dedicated “Anomalies” log field. It is also possible to create statistics and run scheduled reports showing “Top Anomalies”.

Continue reading »

written by Tero Jantunen - 444 views \\ tags: 5.4, Anomalies, anti-evasion, evasion, Feature Previews, logs

Helsinki has been named World Design Capital for 2012. As you might know, Design is not only about chairs, desktop and furniture…

Continue reading »

written by RoarinPenguin - 694 views \\ tags: context-aware security, design, ergonomics, network security

According to Sari Kajantie from the Finnish National Bureau of Investigation (NBI) in Helsingin Sanomat, the biggest national newspaper in Finland on 4 August 2011: “It is not the fault of the employee who has opened the attachment, if the hacker can access all company data from a single laptop.”

Companies need to pay much more attention to their internal network activities and traffic. It should not come as a surprise to anybody that individual laptops are compromized. Workstation networks must be separated from the servers by firewalls and intrusion prevention systems; not only by installing these devices, but also by paying attention to rules and monitoring their alerts.

Continue reading »

written by Ari Vänttinen - 1,268 views \\ tags: Advanced Evasion Techniques, AET, Context and situation awareness, cybersecurity, IT security, risk management, Security, security threat, SMC

This post is deepening the ability of StoneGate Authentication Server to integrate transparently with existing user bases with a technique called dynamic user linking.

The idea is to be able to pull information about user profiles from a wide range of directory servers and use dynamically these information to populate user accounts in StoneGate Authentication Server.

Continue reading »

written by RoarinPenguin - 1,535 views \\ tags: AD, Authentication Server, Feature Previews, MobileID, Secure access to cloud, SMC

Let’s start to analyze some of the important features of StoneGate Authentication Server, beginning with the concept of ergonomic authentication.

The concept of ergonomics is defined in Oxford Dictionary as “The study of people’s efficiency in their working environment”.

In StoneGate Authentication Server we applied this definition to innovative authentication methods, to make them designed for human beings.

Ergonomic Authentication means to offer authentication methods based on several factors of strength, without impacting on the user’s natural way of using common devices he’s using daily, such as his mobile phone or smartphone or tablet. Continue reading »

written by RoarinPenguin - 1,362 views \\ tags: Authentication Server, Feature Previews, MobileID, Secure access to cloud, SMC

SMC 5.3.1 is now publicly available and FW/VPN 5.3.0 is also published as controlled shipment. I wanted to conclude the StoneGate 5.3 feature previews by listing the other significant enhancements that are introduced in version 5.3. More details can be found from SMC and FW Release Notes and product manuals.

Continue reading »

written by Tero Jantunen - 1,437 views \\ tags: 5.3, ADSL, Certificates, Dynamic routing, Feature Previews, firewall, SMC, SNMP agent, VPN, WiFi

Version 5.3.1 of StoneGate Management Center includes a brand new functionality which enables Stonesoft to become a player in Identity Management and Authentication arena: StoneGate Authentication Server. Built to answer the pressing need to secure the access to the cloud (no matter if it is a private or public one), StoneGate Authentication Server is completely integrated in StoneGate Management Center from configuration, usability and backup/restore standpoint.

Continue reading »

written by Tero Jantunen - 1,052 views \\ tags: 5.3, AD, Authentication Server, Feature Previews, MobileID, Secure access to cloud, SMC

StoneGate Firewall 5.3 contains a new integrated Anti-Spam feature that complements the StoneGate UTM feature portfolio. The Anti-Spam feature has been developed in-house and contains a lot of different algorithms and tools for spam detection. It suits well for example small MSSP customers that have a single firewall and own email domain.

Continue reading »

written by Tero Jantunen - 1,042 views \\ tags: 5.3, Anti-Spam, DNSBL, Feature Previews, firewall, SMC, UTM

Internet Key Exchange (IKE or IKEv2) is the protocol used to set up a security association (SA) in the IPsec protocol suite. StoneGate FW/VPN 5.3 introduces the support for IKEv2 (in addition to IKEv1) in VPN configuration. IKEv2 includes the support for IKEv2 Mobility and Multihoming Protocol (MOBIKE). MOBIKE enables transparent recovery for VPN clients if the IP address of the VPN client or the IP address of the gateway to which the VPN client is connected changes in the middle of an open VPN connection.

Continue reading »

written by Tero Jantunen - 1,186 views \\ tags: 5.3, Feature Previews, IKEv2, SA, SMC, troubleshooting, VPN

StoneGate FW/VPN and SMC 5.3 provide a couple of nice enhancements related to StoneGate’s unique Multi-Link feature.

Continue reading »

written by Tero Jantunen - 1,415 views \\ tags: 5.3, Aggregation, Feature Previews, multilink, QoS, Throughput, traffic balancing, VoIP, VPN