Tag Archives: Fortinet Inc.

About 1601 days ago Data Security

2009 Tech Security Forecast

our beautiful site

Great, you may be thinking, now that it’s 2009 I’ll be getting a smart phone to use for work. Just great, your IT manager may be thinking, now that it’s 2009 they’ll be getting smart phones to use for work. IT experts predict a substantial uptick this year in the number of small businesses using smart phones — as well as flash drives, social networks, and faster Internet connections. While that might make employees more productive, it also increases the security risks a small business faces. Last year saw the start of a new wave of cyber crime that put spam on smart phones, phishing and virus attacks on Facebook, and even malware on flash drives, according to IT security experts. Those threats will only increase this year, says Derek Manky, a cyber-security project manager at Fortinet, a manufacturer of intrusion protection systems and other IT security equipment. Small businesses are at greater risk because chances are they have fewer IT staff and don’t take as many precautions to avoid threats, says Brett Scudder, an IT security consultant and proprietor of IT Security Suite Network in New York City. “We’re seeing a lot more work coming from” small businesses, Scudder says. IT security trends in 2009 According to Manky, Scudder and other computer security experts, here are trends to watch in 2009: 3G phones — Web-enabled smart phones and the 3G networks they run on will become the newest playground for cyber criminals, who started launching worm attacks on cell networks last year. “2009 won’t necessarily open the flood gates, but it is an indication that this will be a significant trend and will overflow in 2010,” Manky says Social networks and online games — More worms and viruses circulating on Facebook and other social networks as well as on online games will jump to company networks as employees use laptops or home PCs for work and pleasure without having proper security measures in place. USB storage devices — As use of flash drives and USB memory cards grows, so will the appearance of worms and malware that hop on for the ride, and then infect inadequately protected company networks. Databases – Cyber criminals will continue breaking into networks to launch botnets, but also to go after specific information stored in databases there, including Social Security and credit card numbers and bank account information — data they can sell on the Internet black market. Faster Internet connections — As 10 gigabyte Ethernet connections go from luxury item to commonplace network pipe, companies’ existing security measures will have trouble keeping up with the increase in volume, making networks more vulnerable to attack. “The shear volume of traffic will make it difficult to identify what’s good traffic and what’s malicious,” says Anthony James, senior vice president with Fortinet, the IT security hardware company. The economy — Due to the recession, IT departments will be asked to maintain current service levels with the same or less money. As a result, interest should pick up in integrated security hardware and software that performs several functions, such as combination intrusion protection systems and firewalls. SIDEBAR: Protect Your Small Business from Threats In light of many potential threats, what can a small business do? Create and maintain strong IT security policies. Update written policies with information on newer technologies such as smart phones and flash drives so employees know what they can and can’t do. Include rules covering how employees can log onto company networks, for example, either from an official company machine or one that’s passed certain security requirements. Restrict access. Block employees’ ability to log onto high-risk types of websites or domains, such as peer-to-peer networks, where the risk of picking up viruses or malware is greater. Patch early and often. Regularly install patches and updates from Microsoft, anti-virus, firewall, and other security vendors for desktop machines, laptops, and servers. Educate employees. Having policies isn’t enough. Companies need to use every means possible to inform employees about them, including listing them in employee handbooks, newsletters, e-mail bulletins and on a company’s website, wiki, or blog.

About 1601 days ago Spyware and Malware

2009 Tech Security Forecast

our beautiful site

Great, you may be thinking, now that it’s 2009 I’ll be getting a smart phone to use for work. Just great, your IT manager may be thinking, now that it’s 2009 they’ll be getting smart phones to use for work. IT experts predict a substantial uptick this year in the number of small businesses using smart phones — as well as flash drives, social networks, and faster Internet connections. While that might make employees more productive, it also increases the security risks a small business faces. Last year saw the start of a new wave of cyber crime that put spam on smart phones, phishing and virus attacks on Facebook, and even malware on flash drives, according to IT security experts. Those threats will only increase this year, says Derek Manky, a cyber-security project manager at Fortinet, a manufacturer of intrusion protection systems and other IT security equipment. Small businesses are at greater risk because chances are they have fewer IT staff and don’t take as many precautions to avoid threats, says Brett Scudder, an IT security consultant and proprietor of IT Security Suite Network in New York City. “We’re seeing a lot more work coming from” small businesses, Scudder says. IT security trends in 2009 According to Manky, Scudder and other computer security experts, here are trends to watch in 2009: 3G phones — Web-enabled smart phones and the 3G networks they run on will become the newest playground for cyber criminals, who started launching worm attacks on cell networks last year. “2009 won’t necessarily open the flood gates, but it is an indication that this will be a significant trend and will overflow in 2010,” Manky says Social networks and online games — More worms and viruses circulating on Facebook and other social networks as well as on online games will jump to company networks as employees use laptops or home PCs for work and pleasure without having proper security measures in place. USB storage devices — As use of flash drives and USB memory cards grows, so will the appearance of worms and malware that hop on for the ride, and then infect inadequately protected company networks. Databases – Cyber criminals will continue breaking into networks to launch botnets, but also to go after specific information stored in databases there, including Social Security and credit card numbers and bank account information — data they can sell on the Internet black market. Faster Internet connections — As 10 gigabyte Ethernet connections go from luxury item to commonplace network pipe, companies’ existing security measures will have trouble keeping up with the increase in volume, making networks more vulnerable to attack. “The shear volume of traffic will make it difficult to identify what’s good traffic and what’s malicious,” says Anthony James, senior vice president with Fortinet, the IT security hardware company. The economy — Due to the recession, IT departments will be asked to maintain current service levels with the same or less money. As a result, interest should pick up in integrated security hardware and software that performs several functions, such as combination intrusion protection systems and firewalls. SIDEBAR: Protect Your Small Business from Threats In light of many potential threats, what can a small business do? Create and maintain strong IT security policies. Update written policies with information on newer technologies such as smart phones and flash drives so employees know what they can and can’t do. Include rules covering how employees can log onto company networks, for example, either from an official company machine or one that’s passed certain security requirements. Restrict access. Block employees’ ability to log onto high-risk types of websites or domains, such as peer-to-peer networks, where the risk of picking up viruses or malware is greater. Patch early and often. Regularly install patches and updates from Microsoft, anti-virus, firewall, and other security vendors for desktop machines, laptops, and servers. Educate employees. Having policies isn’t enough. Companies need to use every means possible to inform employees about them, including listing them in employee handbooks, newsletters, e-mail bulletins and on a company’s website, wiki, or blog.

About 1693 days ago Antivirus Software

Network Defense: Intrusion Prevention Systems

our beautiful site

Here’s a quick network security quiz: When it comes to detecting and stopping IT threats, is it better to position intrusion prevention systems: On the network At particularly important devices on the network All of the above For small businesses, the correct answer is “All of the above,” according to IT security specialists, who say more small businesses are figuring that out and installing IPS accordingly. Network intrusion prevention systems (IPS) are hardware appliances that sit on a company’s intranet to inspect incoming Internet traffic and block anything malicious, be it a worm, virus, or spyware. IPS can also block attacks that originate inside an intranet. IPS complements firewalls, anti-virus software, and other security measures small businesses take to keep their networks safe, says Elisa Lippincott, a spokeswoman for TippingPoint, an Austin, Texas, IPS maker. “We have some customers using our box to protect their firewall,” Lippincott says. By contrast, host IPS works at the device level, doing its job from inside a server, desktop or other machine attached to a network. Although large companies have long relied on IPS for network security, more small businesses are starting to use it. They’re being propelled by technical upgrades that prevent the false alarms that previously dogged the appliances, as well as other improvements, such as behavior-based IPS that looks for traffic patterns that could signal an attack, according to security industry sources. Small and mid-sized businesses are also being pushed to using IPS by industry regulations that require it, such as the PCI Security Standards Council’s Data Security Standard, security measures any company that processes credit card payments have to follow, according to security industry sources. An updated version of the council’s standard is expected to debut this month. “We’ve seen tremendous interest down market driven by PCI” standards, says Michele Perry, chief marketing officer at Sourcefire, a Columbia, Md., network IPS vendor. Depending on the size of the business, small companies either buy and set up IPS themselves, or subscribe to it as an add on from their firewall vendor. They can also purchase it from a regional or national managed security services provider (MSSP) such as or  Clone Systems, or from a business broadband carrier such as Verizon Business. Network IPS and host IPS Which ever way they go, small businesses should consider using both network and host IPS. Network IPS should come first because it casts the widest net, says Greg Young, research vice president with Gartner, the Stamford, Conn., technology researcher. With network IPS, if a virus is detected, the system will block traffic long enough to allow IT staff to make sure anti-virus software is up-to-date on individual workstations, says Lippincott, the TippingPoint spokeswoman. Another advantage of network IPS: since it’s installed on the network it doesn’t slow down individual devices’ computing speed the way host-based IPS could, Lippincott says. However, host IPS is a smart option for machines where critical information is stored, or for devices that have to reside outside a company’s firewall, such as servers used to handle online credit-card transactions. Host IPS is the only way to protect devices like laptops that leave the network, says Sean Martin, a vice president at SkyRecon Systems, a French maker of host IPS solutions. Host IPS also makes sense in situations where a company can’t put new devices on a network but can change what’s on a server, Gartner’s Young says. But put it on the network first, he says. “Threats come through the network first so stop them there first.” IPS prices range from free open source products such as Snort, which has been downloaded 3 million times, to tens of thousands of dollars for applications for mid-sized businesses running multiple Internet traffic-intensive applications for hundreds of users. Or companies can pay by the month or annually for IPS from a MSSP or other third party. Whether it’s network-based or host-based, small businesses need IPS, maybe even more than larger companies, Young says. “Worms don’t discriminate.” Sidebar: Intrusion Prevention Systems for Small Businesses The following vendors offer network or host IPS for small businesses as stand-alone products or part of a multifunction security solution: Check Point Software Technologies — The UTM-1 product line includes firewall, VPN, IPS, gateway antivirus, anti-spam, URL filtering, and IM and peer-to-peer blocking and is marketed primarily to the top end of mid-sized companies and branch offices of large companies. Cisco ASA Advanced Inspection and Prevention Module — An IPS hardware appliance for Cisco routers. According to Gartner’s June 2008 report on multifunction firewalls for small and mid-sized businesses, Cisco has struggled to adapt enterprise-scale hardware to small businesses, but the report says a long-term road map for an improved small business console “is encouraging.” Fortinet — A multifunction firewall appliance with antivirus, anti-spam, URL filtering, and IPS services offered by annual subscription after the first year. Secure Computing SnapGear — A multifunction network security device for small and mid-sized businesses. In late September, Secure Computing agreed to merge with McAfee, which offers the McAfee Network Security Platform. http://www.skyrecon.com/>SkyRecon Systems — Offers host IPS as part of a unified endpoint security solution. SonicWall — The multifunction network device maker offers IPS as an add-on to its TZ series for small and mid-sized businesses. Sourcefire — The commercial version of a pioneering open-source network IPS created by programmer Martin Roesch in 1998. “Snort is the engine and Sourcefire is the whole car put together,” says Perry, Sourcefire’s chief marketing officer. TippingPoint — Offers a behavior-based network IPS hardware appliance. WatchGuard Technologies — Offers a subscription antivirus, IPS service for its X Core E-Series multifunction network security devices for small and mid-sized businesses.

About 1693 days ago Wireless Networks

Network Defense: Intrusion Prevention Systems

our beautiful site

Here’s a quick network security quiz: When it comes to detecting and stopping IT threats, is it better to position intrusion prevention systems: On the network At particularly important devices on the network All of the above For small businesses, the correct answer is “All of the above,” according to IT security specialists, who say more small businesses are figuring that out and installing IPS accordingly. Network intrusion prevention systems (IPS) are hardware appliances that sit on a company’s intranet to inspect incoming Internet traffic and block anything malicious, be it a worm, virus, or spyware. IPS can also block attacks that originate inside an intranet. IPS complements firewalls, anti-virus software, and other security measures small businesses take to keep their networks safe, says Elisa Lippincott, a spokeswoman for TippingPoint, an Austin, Texas, IPS maker. “We have some customers using our box to protect their firewall,” Lippincott says. By contrast, host IPS works at the device level, doing its job from inside a server, desktop or other machine attached to a network. Although large companies have long relied on IPS for network security, more small businesses are starting to use it. They’re being propelled by technical upgrades that prevent the false alarms that previously dogged the appliances, as well as other improvements, such as behavior-based IPS that looks for traffic patterns that could signal an attack, according to security industry sources. Small and mid-sized businesses are also being pushed to using IPS by industry regulations that require it, such as the PCI Security Standards Council’s Data Security Standard, security measures any company that processes credit card payments have to follow, according to security industry sources. An updated version of the council’s standard is expected to debut this month. “We’ve seen tremendous interest down market driven by PCI” standards, says Michele Perry, chief marketing officer at Sourcefire, a Columbia, Md., network IPS vendor. Depending on the size of the business, small companies either buy and set up IPS themselves, or subscribe to it as an add on from their firewall vendor. They can also purchase it from a regional or national managed security services provider (MSSP) such as or  Clone Systems, or from a business broadband carrier such as Verizon Business. Network IPS and host IPS Which ever way they go, small businesses should consider using both network and host IPS. Network IPS should come first because it casts the widest net, says Greg Young, research vice president with Gartner, the Stamford, Conn., technology researcher. With network IPS, if a virus is detected, the system will block traffic long enough to allow IT staff to make sure anti-virus software is up-to-date on individual workstations, says Lippincott, the TippingPoint spokeswoman. Another advantage of network IPS: since it’s installed on the network it doesn’t slow down individual devices’ computing speed the way host-based IPS could, Lippincott says. However, host IPS is a smart option for machines where critical information is stored, or for devices that have to reside outside a company’s firewall, such as servers used to handle online credit-card transactions. Host IPS is the only way to protect devices like laptops that leave the network, says Sean Martin, a vice president at SkyRecon Systems, a French maker of host IPS solutions. Host IPS also makes sense in situations where a company can’t put new devices on a network but can change what’s on a server, Gartner’s Young says. But put it on the network first, he says. “Threats come through the network first so stop them there first.” IPS prices range from free open source products such as Snort, which has been downloaded 3 million times, to tens of thousands of dollars for applications for mid-sized businesses running multiple Internet traffic-intensive applications for hundreds of users. Or companies can pay by the month or annually for IPS from a MSSP or other third party. Whether it’s network-based or host-based, small businesses need IPS, maybe even more than larger companies, Young says. “Worms don’t discriminate.” Sidebar: Intrusion Prevention Systems for Small Businesses The following vendors offer network or host IPS for small businesses as stand-alone products or part of a multifunction security solution: Check Point Software Technologies — The UTM-1 product line includes firewall, VPN, IPS, gateway antivirus, anti-spam, URL filtering, and IM and peer-to-peer blocking and is marketed primarily to the top end of mid-sized companies and branch offices of large companies. Cisco ASA Advanced Inspection and Prevention Module — An IPS hardware appliance for Cisco routers. According to Gartner’s June 2008 report on multifunction firewalls for small and mid-sized businesses, Cisco has struggled to adapt enterprise-scale hardware to small businesses, but the report says a long-term road map for an improved small business console “is encouraging.” Fortinet — A multifunction firewall appliance with antivirus, anti-spam, URL filtering, and IPS services offered by annual subscription after the first year. Secure Computing SnapGear — A multifunction network security device for small and mid-sized businesses. In late September, Secure Computing agreed to merge with McAfee, which offers the McAfee Network Security Platform. http://www.skyrecon.com/>SkyRecon Systems — Offers host IPS as part of a unified endpoint security solution. SonicWall — The multifunction network device maker offers IPS as an add-on to its TZ series for small and mid-sized businesses. Sourcefire — The commercial version of a pioneering open-source network IPS created by programmer Martin Roesch in 1998. “Snort is the engine and Sourcefire is the whole car put together,” says Perry, Sourcefire’s chief marketing officer. TippingPoint — Offers a behavior-based network IPS hardware appliance. WatchGuard Technologies — Offers a subscription antivirus, IPS service for its X Core E-Series multifunction network security devices for small and mid-sized businesses.

About 1785 days ago Data Security

Is Security Software Choking Your System?

our beautiful site

Are your desktop systems feeling sluggish? There might be more than slow hardware or spyware at fault — it may just be your security software. “Generally, users will experience a twenty percent decrease in performance, just from having Norton or McAfee Antivirus installed on their desktops,” says Perri Naccarato, owner of The Computer Guys, a computer service and repair shop in Saugerties, N.Y. “And that’s not taking into account any other security software you may also be running.” Naccarato believes that for all but the smallest businesses, it makes more sense to take a unified threat management (UTM) approach, placing the security on the network, and off the individual desktops. The constantly increasing need for more and better security on all workstations is a problem in any company. The trick is how can you keep a computer safe from intrusion without loading the system down to the point of non-functionality? What a UTM solution is UTM solutions are primarily hardware gateways, routers with hardened operating systems that contain centrally maintained firewall, anti-virus, anti-spyware, and anti-spam functions, as well as assorted other monitoring and blocking capabilities for the highest levels of security. This relieves the need for each workstation to provide these services, thereby freeing their resources so they can better do the work needed. According to Jon Kuhn, director of product management at SonicWALL, Inc., a secure network infrastructure company based in Sunnyvale, Calif., the security problems don’t come just from outside threats, but maintaining control over just what your employees are doing as well. The rapid growth of innovations that provide services through the Internet, and the accompanying increase in network traffic, can pose real problems for IT to manage. “The Web 2.0 approach makes for a loss of control,” says Kuhn. “Internet applications like Google Documents, Scribd, and Zoho are quite useful, but a potential security problem for IT.” UTM solutions also allow IT to control all incoming and outgoing data. This gives IT one place to manage all maintenance, and gives far more control over what Internet sites workers can access, and what they can’t. Plus, not only can you control threats of intrusion, but with some of the more sophisticated UTM solutions being offered now, you can control the content itself sent out by employees, safeguarding confidential content, like medical or legal documents, from accidental release or insider espionage.  “It’s so important for admins to have access to tools to control and monitor all throughput,” says Kuhn. “The UTM solution protects your bandwidth and secures all your sensitive data.” Prices have come down UTM systems used to be more costly, too high for small and mid-sized businesses to handle. But Moore’s Law continues to apply across the tech spectrum, bringing everything within reach, and now even the smallest company can protect its network investment.  “If you have just 10 employees or more, then investing in security hardware becomes cost effective,” Naccarato says. “Those aren’t cheap items for small businesses, but take into account all the money spent on multiple licenses for security software installed at each desktop, as well as all the man-hours reclaimed that used to be spent updating and patching individual computer boxes, and it suddenly looks like a bargain.” Though UTM devices and network-based software provide great protection for in-house desktops, they obviously can’t protect users’ laptops while they’re off the network, using a home Internet connection or surfing the Web from a café, airport, or hotel room. But they can use UTM to free up processing power by simply plugging it into a USB port. The Yoggie Pico, an award-winning miniature personal security server that resembles a USB flash memory, provides the mobile worker with security software solutions that include a firewall, VPN, IDS/IPS, anti-virus, anti-spam, and more. The little thumb-sized unit contains a 520 MHz Intel Processor running a hardened Linux-based OS. All data coming in and going out is seamlessly passed through the unit, keeping your data safe. And at under $200, it’s affordable for every business — even if you’re the entire company. “My customers are usually amazed at how much faster their system runs when I take all the security software off the desktop,” says Naccarato. “It can make the difference between a slow, frustrating working experience and a smooth, responsive one.” SIDEBAR: Some Companies Offering UTM Services and Products Fortinet is a provider of Unified Threat Management (UTM) security systems that enable secure business communications and deliver excellent security. Their security systems and subscription services protect more than 20,000 customers worldwide — including telecommunications carriers, service providers and enterprises of all sizes. IBM Internet Security Systems (ISS) offers a large portfolio of IT security products and services for organizations of all sizes. Their UTM solutions protect against a wide variety of attacks and Internet nuisances, and provide data security solutions to safeguard valuable information. 3Com Unified Security Platforms offer threat protection for organizations of all sizes, as well as those with multiple sites, branch offices or numerous teleworkers, including services like virtual private network (VPN), packet inspection firewall, application bandwidth management, and IP multicast routing support. Astaro Security Gateway provides protection for networks, Web access and e-mail traffic, and offer a complete range of hardware appliances. Cisco Systems provides security products that combine firewall, virtual private networking (VPN), and intrusion prevention system (IPS) technologies, and incorporate content inspection and control over applications like e-mail, Web access, instant messaging, and others. The SonicWALL network security appliances provide UTM security services with deep packet inspection to provide small, mid-size and enterprise-class organizations excellent protection. SonicWALL appliances integrate automated and dynamic security capabilities for protection and performance. ZyXEL solutions offer networking features such as quality of service (QoS), network security, and network management. Serving both corporate and home users, the companies UTM Series combine firewall, content filtering, anti-virus, anti-spam, and intrusion detection and prevention. It also supports virtual private network, load balancing, and bandwidth management features. Yoggie’s range of USB key-sized and ExpressCard-sized security mini-computers connect to any PC or laptop at home, in the office or on the road, blocking Internet threats outside the host computer and boosting computer performance by off-loading installed security software. 

About 1785 days ago Antivirus Software

Is Security Software Choking Your System?

our beautiful site

Are your desktop systems feeling sluggish? There might be more than slow hardware or spyware at fault — it may just be your security software. “Generally, users will experience a twenty percent decrease in performance, just from having Norton or McAfee Antivirus installed on their desktops,” says Perri Naccarato, owner of The Computer Guys, a computer service and repair shop in Saugerties, N.Y. “And that’s not taking into account any other security software you may also be running.” Naccarato believes that for all but the smallest businesses, it makes more sense to take a unified threat management (UTM) approach, placing the security on the network, and off the individual desktops. The constantly increasing need for more and better security on all workstations is a problem in any company. The trick is how can you keep a computer safe from intrusion without loading the system down to the point of non-functionality? What a UTM solution is UTM solutions are primarily hardware gateways, routers with hardened operating systems that contain centrally maintained firewall, anti-virus, anti-spyware, and anti-spam functions, as well as assorted other monitoring and blocking capabilities for the highest levels of security. This relieves the need for each workstation to provide these services, thereby freeing their resources so they can better do the work needed. According to Jon Kuhn, director of product management at SonicWALL, Inc., a secure network infrastructure company based in Sunnyvale, Calif., the security problems don’t come just from outside threats, but maintaining control over just what your employees are doing as well. The rapid growth of innovations that provide services through the Internet, and the accompanying increase in network traffic, can pose real problems for IT to manage. “The Web 2.0 approach makes for a loss of control,” says Kuhn. “Internet applications like Google Documents, Scribd, and Zoho are quite useful, but a potential security problem for IT.” UTM solutions also allow IT to control all incoming and outgoing data. This gives IT one place to manage all maintenance, and gives far more control over what Internet sites workers can access, and what they can’t. Plus, not only can you control threats of intrusion, but with some of the more sophisticated UTM solutions being offered now, you can control the content itself sent out by employees, safeguarding confidential content, like medical or legal documents, from accidental release or insider espionage.  “It’s so important for admins to have access to tools to control and monitor all throughput,” says Kuhn. “The UTM solution protects your bandwidth and secures all your sensitive data.” Prices have come down UTM systems used to be more costly, too high for small and mid-sized businesses to handle. But Moore’s Law continues to apply across the tech spectrum, bringing everything within reach, and now even the smallest company can protect its network investment.  “If you have just 10 employees or more, then investing in security hardware becomes cost effective,” Naccarato says. “Those aren’t cheap items for small businesses, but take into account all the money spent on multiple licenses for security software installed at each desktop, as well as all the man-hours reclaimed that used to be spent updating and patching individual computer boxes, and it suddenly looks like a bargain.” Though UTM devices and network-based software provide great protection for in-house desktops, they obviously can’t protect users’ laptops while they’re off the network, using a home Internet connection or surfing the Web from a café, airport, or hotel room. But they can use UTM to free up processing power by simply plugging it into a USB port. The Yoggie Pico, an award-winning miniature personal security server that resembles a USB flash memory, provides the mobile worker with security software solutions that include a firewall, VPN, IDS/IPS, anti-virus, anti-spam, and more. The little thumb-sized unit contains a 520 MHz Intel Processor running a hardened Linux-based OS. All data coming in and going out is seamlessly passed through the unit, keeping your data safe. And at under $200, it’s affordable for every business — even if you’re the entire company. “My customers are usually amazed at how much faster their system runs when I take all the security software off the desktop,” says Naccarato. “It can make the difference between a slow, frustrating working experience and a smooth, responsive one.” SIDEBAR: Some Companies Offering UTM Services and Products Fortinet is a provider of Unified Threat Management (UTM) security systems that enable secure business communications and deliver excellent security. Their security systems and subscription services protect more than 20,000 customers worldwide — including telecommunications carriers, service providers and enterprises of all sizes. IBM Internet Security Systems (ISS) offers a large portfolio of IT security products and services for organizations of all sizes. Their UTM solutions protect against a wide variety of attacks and Internet nuisances, and provide data security solutions to safeguard valuable information. 3Com Unified Security Platforms offer threat protection for organizations of all sizes, as well as those with multiple sites, branch offices or numerous teleworkers, including services like virtual private network (VPN), packet inspection firewall, application bandwidth management, and IP multicast routing support. Astaro Security Gateway provides protection for networks, Web access and e-mail traffic, and offer a complete range of hardware appliances. Cisco Systems provides security products that combine firewall, virtual private networking (VPN), and intrusion prevention system (IPS) technologies, and incorporate content inspection and control over applications like e-mail, Web access, instant messaging, and others. The SonicWALL network security appliances provide UTM security services with deep packet inspection to provide small, mid-size and enterprise-class organizations excellent protection. SonicWALL appliances integrate automated and dynamic security capabilities for protection and performance. ZyXEL solutions offer networking features such as quality of service (QoS), network security, and network management. Serving both corporate and home users, the companies UTM Series combine firewall, content filtering, anti-virus, anti-spam, and intrusion detection and prevention. It also supports virtual private network, load balancing, and bandwidth management features. Yoggie’s range of USB key-sized and ExpressCard-sized security mini-computers connect to any PC or laptop at home, in the office or on the road, blocking Internet threats outside the host computer and boosting computer performance by off-loading installed security software. 

About 2454 days ago Computer Security

The Basics: What is a Firewall?

Almost any novel or movie involving computer hackers these days typically uses the term “firewall” as an obstacle that must be overcome to gain control of a computer. It is touted to be an impregnable computerized defense, but is it? In reality, a firewall is just a basic program or simple piece of hardware that any business with computer users, especially those with high-speed Internet connections, should have running at all times. “A firewall is important for computer users to have because it provides secure access to the Internet,” says Vincent Weafter, senior director of Symantec Security Response, the research division of the Cupertino, Calif. security software company. “The firewall allows safe traffic into and out of your computer or private network and automatically blocks intruders and hides your computer from hackers.” Small and medium-sized businesses consider viruses, worms, spyware and spam to be there most dangerous security threats today, according to a survey last year of technology decision-makers at nearly 800 firms by Forrester Research, of Cambridge, Mass.. In the survey, 59 percent of respondents said they were likely to invest in network firewalls. Firewall as the First Line of Defense If a business’ computers are connected to the Internet via a high-speed connection, then they have an Internet Protocol signature, or IP address. Other online users can access that IP address, and this is why a firewall becomes so important. “It (can) detect Internet attacks from worms and viruses, and monitors and regulates all incoming and outgoing Internet traffic,” says Weafter. Firewalls also give a company’s technology manager the power to decide which programs connect to the Internet, while also shielding the company from being attacked through security holes in unpatched software. “Some firewalls can prevent confidential information from being sent without your permission and block banner ads and popup windows, so you can surf faster,” Weafter says. A firewall essentially creates a “walled city” that provides businesses a level of control over their network resources. “Otherwise people can easily come into the network and look around, take things, add things, like bots and you will probably never know,” says Charles Kolodgy, an analyst with IDC, the Framingham, Mass. research firm. “With a firewall you can block all ports you don’t need, otherwise people can use any port to do whatever they like.” Kolodgy adds that the issue shouldn’t be just about cost trade-off between a firewall and a hack. “There are so many things attackers can do if they get into your network,” he says. “It is best to think about having control of your network. Also many of your partners, especially larger companies will require some level of security prior to dealing with you.” The cost of a SMB firewall actually isn’t that great, either and many of these products include virtual private networks (VPN), intrusion prevention, anti-malware, and URL filtering. Best of all, says Kolodgy, “These are generally plug and play, very easy to use. Leading vendors are Astaro, Fortinet, Secure Computing, SonicWALL, and WatchGuard.” Hardware Firewalls Firewalls are available as a hardware appliance that could be built into your network router, or just as often available as a desktop-based software application. The first line of defense can actually be at a network router, and this works by a technique called packet filtering. This process examines the header of a packet, determines its source and destination address, and this information is compared to a set of predefined or user-created rules that determine whether the packet is to be forwarded or dropped. An advanced system called Stateful Packet Inspection (SPI) looks for other characteristics, including the origin and whether incoming traffic is actually a response to outgoing connections, such as a Web page request. The downside of hardware firewalls is that they can treat any local network traffic as safe, which certainly won’t halt the spread of viruses or other threats if even one computer on the network is contaminated. “We see hardware firewall as a great way to protect the network,” says Pat Bitton, vice president of marketing, North America for Agnitum, a supplier of software firewalls, “but it has some serious limitations for client protection.” Bitton believes that the disadvantage of hardware firewalls is that these protect only the entry point, and data can easily escape the network via an unprotected PC. He says that hardware firewalls “can only verify traffic according to general conditions.” Software Firewalls The alternative to having the router or modem protect your PC is to have a software program that screens the data as it arrives. The Windows XP operating system has a built-in firewall, which was greatly improved with the “service pack 2″ patch. And no matter which version is in place, all information passes through the firewall, and those that do not meet a specified security criteria are blocked. There are several types of methods that firewalls use to block unauthorized connections to the computer: These include a packet filter that looks at each packet of data that enters or leaves the network, accepting or rejecting it based on the user-defined rules. It is effective, but susceptible to spoof IP addresses – that is where the sender’s IP address has been changed to appear to be an allowed address. A proxy server can intercept all data entering and leaving the network, and it effectively hides the true IP addresses, but this adds difficultly in allowing an authorized outside computer to access the protected computer. Gateways can also be set up that allow specific connections, with approved access for specific programs – such as games – or from authorized outside IP addresses. Users should determine their firewall needs based on how they use their computers. The biggest downside to software firewalls is that these only protect the one machine that the application is installed on, so networks with multiple computers need to buy, install and configure the software firewalls for each machine. And each machine needs to be configured to allow the sharing of data, which can be a lot to manage. If this isn’t properly configured, the computers could block one another, and make the sharing of any data almost impossible, negating the reason for setting up a network in the first place. Firewalls and Mobile Users Give the growing number of entrepreneurs and employees using laptop computers and other portable devices in the work place, firewalls also need to be considered for mobile users. The greatest benefit of a software firewall on a laptop is that you don’t have to be worry about being protected when you take the machine on the go. “Your desktop firewall continues to protect when you connect your laptop to a different network,” says Weafter. This is important if you do take your laptop with you to different branch offices, home or on the road.