StoneBlog.stonesoft.com

Helsinki has been named World Design Capital for 2012.

As you might know, Design is not only about chairs, desktop and furniture…

The word comes from the late Middle English as a derivative word from Latin “Designare“, which means to indicate something for a purpose or duty.

As it happens for many concepts, the word has a definition but different meanings depending on the context where it is applied.

Just like Security.

Two important principles related to design are usability and ergonomics.
Both are related to improve people efficiency in their working environment.

The same two principles are not only related, but fundamentally important for Security.

When you design something, you mainly think about the purpose of that something in different contexts.
Because different usage contexts mean different needs to address, different perspectives, different angles.

Just like in Security planning.

Especially after Cloud Computing wave, there has been lots of talking about context-aware security.
To highlight and stress that security technologies and implementations should always consider the whole context of a session and not only a fragment of it.
For example, not limiting authentication to user credentials validation only but extend the analysis and validation to the whole “security posture” by assessing the hardware he’s using, the network he’s coming from, the strength of the authentication method used, etc.

At Stonesoft, we have blended all these important principles in our solutions from day one.

We offer dynamic, software based network security solutions that can adapt to the context where they are implemented, providing protection against the lastest and most dangerous threats: AETs.

We provide great usability both for security administrators and for users, to maximize the efficiency and user experience while minimizing impact on resources.

We can prove reduction of CAPEX and OPEX costs with real, tangible savings.

We believe in ergonomics principles applied to (e.g.) authentication, where users should be able to achieve strong authentication naturally, using methods and devices they learnt to use daily for multiple other purposes.

We offer secured authenticated access to the cloud, enabling universal access from multiple platforms and context-aware security.

We empower MSSPs to provide faster time-to-market for security services and most scalable solution to manage thousands customers with minimized OPEX.

Ins’t this… ergonomic Network Security by design?

written by RoarinPenguin - 313 views \\ tags: context-aware security, design, ergonomics, network security

Is your printer a security liability? It’s a question many IT professionals are asking after researchers at Columbia University discovered that printers can easily be targeted for network security attacks. The findings of this research – which are already precipitating class-action lawsuits against printer giant Hewlett Packard – disclosed that some printer devices can be “remotely controlled by computer criminals over the Internet, with the potential to steal personal information, attack otherwise secure networks and even cause physical damage” (see msnbc.com’s full article here).

The primary flaw discovered by Columbia University researchers rests in the firmware that allows modern printers to function as small computers. Like software, the printer routinely updates its firmware by connecting to the internet and downloading appropriate updates. Researchers discovered that printers don’t verify the source of the update software or the software’s authenticity, thereby providing a hidden point of entry for cyber criminals to gain access to the printer. As a result, a seemingly benign printer can be transformed into a “beachhead” for launching a network-wide attack.

As researchers determine which printer vendors are vulnerable and the extent of these vulnerabilities, Stonesoft would like to remind you of the following:

• Any device connected to your network is at risk. Security targets aren’t limited to desktops, laptops and servers. If left unprotected, printers, VoIP, PBXs and other low-interfacing devices can be gateways to network attacks.
• Your network security strategy should cover every device. When is the last time you inventoried how many disparate devices are accessing your network and how? Most enterprises fail to protect every network-connected device, and this is certainly the case with printers.
• Multi-layer protection is critical. Deep packet and web traffic inspection should be executed at the perimeter and inside of the network.

written by MMcKinley - 422 views

Hello,

since I’ve been upgrading and installing a 5.3.2 cluster, I now do see these situations in the logs: Anti-Virus_Buffering-Limit-Exceeded ==> I suspect this messsage means that the AV part of the FW can not handle the size of the requested file.

As I couldn’t find it in the online-doc, is there anyone who can point me out the documentation that describe the value of this size limit ?

Is the a way to modify this limit ?

As it is new to me, what is the user supposed to see when such a limit is reached ?

PS: sorry, I’m new to WordPress and posting in forum: is there a better place to share q&a about StoneGate ?

written by docstephano - 610 views

Big enterprises and government agencies are expected to have ironclad network security. But, what about that café down the street? Or the retail store you visited last week that used an iPad to swipe your credit card? One would hope they’re taking security seriously too – right? Unfortunately, the simple fact is that most of these multi-location, small businesses have inadequate or misconfigured security because it’s too difficult to deploy, configure and manage.

This is where Stonesoft Mass Security comes in. We’re making the installation of advanced network security as simple as plugging in a laptop. Perfect for multi-location and franchised businesses, office managers and store clerks simply have to plug in the security device (e.g. firewall) and it calls home to an installation cloud to access pre-configured settings.

Right now, our goal here at Stonesoft is to educate the masses about what Mass Security is, how it works and how it’s changing the landscape of network security. We have a ton of resources available to help speed this along, including:

• Website: This is a microsite dedicated solely to all things Mass Security. Everything you need to know – from technical know how to the basic “What is it?” – is here.
• Brief: This not-too-technical whitepaper explains how Mass Security works. It’s a must-have primer. Download here.
• Video: When’s the last time you’ve installed a firewall in 81 seconds? Now, when’s the last time you’ve enabled thousands of firewalls to install in 81 seconds? Check out this video to see it done.
• Webcast: Our next online discussion about Mass Security is on November 2, 2011 at 1pm ET (US). Join us.

written by heather.pritchett - 510 views

…as Bruce Springsteen would sing

Few days ago Stonesoft released the A2Cloud solution.
That is, the combination of multiple technologies to create secured and authenticated access to the cloud, no matter if it is public or private… because everybody has a cloud, right?

There is nothing new in the purpose to authenticate access to data and applications, since this has been a need for quite a while now… what A2Cloud the idea is to innovate the way to answer to this need from two main standpoints.

• Ergonomic Authentication
• Governance

For too long strong authentication has been synonym of hardware tokens, dedicated devices to carry around with the sole purpose of generating a one-time password based on specific algorithms.
And for too long these devices has been prone to errors in usage, battery run out ahead of time, clumsy usability and… being forgotten at home.

And for too long awareness of what was happening in the field from authentication and security governance viewpoints has been a serious issue for security administrators and auditors.
Questions such as “how often a given authentication method was used”, “how users reacted to strong authentication”, “how easy it was to use that given authentication” and many others remained without a proper answer.

A2Cloud was conceived to provide a reliable and complete answer to these questions, while relieving the users from the “doom of hardware tokens”.

Ergonomic authentication means to apply the principles of ergonomics to enable usage of common tools we’re keen to use everyday for strong authentication purposes too. And these tools are something we’ll never forget home (or, better, if it happens we’re very willing to get back home to take them )… I’m talking about mobile phones, smartphones, PDAs, tablets, netbooks and notebooks.

In short, tools we can’t live without (anymore).

Security awareness means availability of tools to understand what’s going on, how to audit authentication and other security related operations; how to get the information you need, when you need it, and with the level of detail you need to do what you need to do (supervision, troubleshooting, monitoring, alert, react to security threat, log analysis, auditing, etc.).

Visit A2Cloud minisite to develop a better understanding about how Stonesoft solution can ease your professional life of a cloud user and/or security administrator.

Share a little of that human touch…

written by RoarinPenguin - 466 views \\ tags: a2cloud, ergonomic authentication, governance

According to Sari Kajantie from the Finnish National Bureau of Investigation (NBI) in Helsingin Sanomat, the biggest national newspaper in Finland on 4 August 2011: “It is not the fault of the employee who has opened the attachment, if the hacker can access all company data from a single laptop.”

Companies need to pay much more attention to their internal network activities and traffic. It should not come as a surprise to anybody that individual laptops are compromized. Workstation networks must be separated from the servers by firewalls and intrusion prevention systems; not only by installing these devices, but also by paying attention to rules and monitoring their alerts.

Continue reading »

written by Ari Vänttinen - 924 views \\ tags: Advanced Evasion Techniques, AET, Context and situation awareness, cybersecurity, IT security, risk management, Security, security threat, SMC

Black Hat is upon us.
Zombies are big this year.
And, AETs aren’t going anywhere anytime soon.

If you’ll be in Las Vegas for Black Hat, there are a few things you shouldn’t miss out on…

• See AETs in action. Watch advanced evasion techniques bypass leading IPS devices. We’ll be hosting live AET demos on Wednesday, 8/3 at (12:30pm and 2pm) and on Thursday, 8/4 at 9am, 10am and 11am. Learn more here.
• Get Your Game On. Join us for Stonesoft’s Zombie Invasion Video Game Tournament at Black Hat Circuit on Wednesday, 8/3 in the Pisa Room. Register here or just show up for the fun.
• Be Scared (and win something while you’re at it). We’re giving away a trip for two to Universal Studios and Halloween Horror Nights. Register here. Winners will be announced at the Black Hat Circuit.

written by heather.pritchett - 704 views

Cost, compliance and complexity – they’re three of the biggest challenges facing today’s networks. Recently, one of the world’s largest product fulfillment and customer care service providers turned to Stonesoft to overcome these challenges.

Innotrac’s story echoes those of many enterprise networks. A cumbersome network from years of M&A activity. A mandate to be compliant with PCI standards. And, of course, a desire to reduce network costs in a time of conservative IT spending. With the help of the StoneGate Firewall/VPN and IPS solutions, Innotrac has been able simplify and drive cost out of its network infrastructure, all while achieving PCI compliance. Highlights of the results of this collaboration include:

• Reduced network, administration and data circuit costs: A single network administrator can now handle the network management responsibilities of 2.5 full time employees with little day-to-day administration. Additionally, Innotrac’s data circuit costs have been reduced by 30 percent.
• Improved network resiliency: StoneGate’s built-in high availability tools, including Multi-Link™, ensures Innotrac’s network and firewalls are always up and running.
• Simplified PCI compliance and network management: Innotrac can now easily monitor, update and configure all network devices from StoneGate’s single management console. This centralized approach also provides the reporting and management technologies needed for Level 1 PCI compliance.

For the whole story on Innotrac, read the case study here.

written by heather.pritchett - 616 views

The last week has been filled with talk about Microsoft’s recent decision to purchase Skype. Many business perspectives have been shared, but what are the security implications of this marriage? We recently spoke with eWeek and Network World about this very topic. In a nutshell, here are our thoughts:

Skype and Security – Our Thoughts: Skype is a company that has long been embattled from a security perspective, and, for the most part, Skype has been quite responsive in addressing many of the security concerns. Though largely theoretical, there are scenarios in which users could be tricked into downloading malicious content.  This could take the form of cross-site scripting for unencrypted advertisements or someone impersonating a user in your contact list.  The threat of one application over another is largely subjective, but for administrators that remain concerned about real or theoretical problems with Skype, they should have the full attention of the security community to ensure these concerns are addressed.

Skype in the Enterprise: The main concerns with bringing Skype into the enterprise are the following:  transparency and control.  Skype uses a proprietary protocol that has not had a great deal of peer review. With that in mind, customers should give thought to asking Microsoft for more transparency into the capabilities and shortcomings of Skype so that administrators can decide for themselves about deploying Skype in the enterprise. Consideration should also be given to how the Skype peer-to-peer architecture works and if it is permitted my existing security policies. As for control, Skype can use common ports for communication, such as web and secure web ports, so there is another level of identification required to assess what applications, such as Skype, may be running on these ports.  Stonesoft and many other vendors have invested a great deal of time and effort into identifying applications such as Skype.  As the integration with Microsoft continues, it is reasonable to assume that Microsoft may change some aspects of Skype that may have ramifications for identifying it.  Vendors will have to remain focused on researching and testing any changes in Skype that may render current identification mechanisms useless.

Microsoft & Skype – Good Thing or Bad? To summarize, Stonesoft believes that this will be a great merger of two great technologies.  At the same time, it is important to critically consider the security implications when a technology like Skype is moved closer to the enterprise by a company like Microsoft, on which millions rely.  The most revealing aspects of the security implications are yet to come as we wait and see the level to which Microsoft integrates Skype technology

written by MMcKinley - 696 views

If you’ve ever been to the RSA Conference, you know it’s a whirlwind of product debuts, demos and discussion. In fact, it can be a little overwhelming. This year, Stonesoft decided to take a little time away from the chaos and have a very meaningful discussion over lunch with 20 C-level security executives representing organizations like The Washington Post Company, The Coca-Cola Company, Salesforce.com, Expedia and M&T Bank Corporation. When asked how companies should prepare for the next wave of advanced threats, the group brought up several good points:

• Data needs to be actionable. The data produced by a security solution should be succinct, clear, and ready to be investigated by the security staff. Polyglot information that provides no focus on the threat is of little value to the security team.
• Greater visibility is a must. We’ve all heard this one before, but the fact of the matter is that lack of network visibility is still a major issue for network security. If you want to prepare your network against the unknown, you need to have improved and centralized visibility into your network traffic.
• Innovation has stalled. The network security industry is rife with lack of focus and lack of research. It’s become a “quick fix” industry that responds to threats, but does little to prevent new vulnerabilities from being discovered and exploited.

What do you think?

written by heather.pritchett - 629 views