(Hong Kong, 4 May 2010) The 11th Info-Security Conference 2010, the largest information security conference in Hong Kong, opened today at the Hong Kong Convention and Exhibition Centre, with a series of insightful presentations addressing challenges of managing risk and security in the post-financial crisis era.
With the Asian economies seemingly set for a year of growth, the uncertainty over the US and Europe markets cast a shadow of doubt over many businesses. Enterprises are left frustrated as to what parameters they should be operating under as to ensure success while minimizing risk and exposure to threats and attacks. Advancements in technology also presented new challenges, with new risk management models highly sought after with threats emerging from new channels, such as social media and mobile applications.
Running under the theme of “Preparing for a New Era of Business Insecurity”, the 11th Info-Security Conference 2010 assesses and identifies the key areas for businesses to prioritize given the ongoing uncertainty in the economy.
Having solicited support from over 25 supporting industry bodies, the HKSAR Government and OGCIO, organizer e21 MagicMedia, principal partner Questex Media Group and Computerworld Hong Kong have once again brought together a heavyweight cast of industry experts from all over the world to bring eager attendees the latest industry knowledge and best practices in the world of information security. Along with international security experts, there are also over 20 solution showcases on display during the well-attended event.
Organized by e21 MagicMedia and with Questex Media Group and Computerworld Hong Kong as the principal partners, the event will be held on May 4 2010 Hong Kong Convention and Exhibition Center.
A new era of risk, uncertainty and complexity
Highlighted at the Conference was the opening keynote “A new era of risk, uncertainty and complexity” conducted by Mr. David Lacey, Member of the Infosecurity Europe International Hall of Fame. A leading expert in information security management, Mr. Lacey brings to the table more than 25 years of professional experience in developing and directing information security programs for Royal Dutch/Shell Group, Royal Mail Group and the British Foreign & Commonwealth Office. In his presentation he gave his view of the near future in the security landscape, overcoming the ongoing human factor of security, as well as the misconception of security among SMBs.
Meeting of the minds on a shifting security landscape
At this year’s Executive Panel Discussion, the Conference invited CIOs and CSOs from some of the well-known and multinational enterprises, such as Mr. David Lacey, member of the Infosecurity Europe International Hall of Fame, Mr. Steve Tunstall, Group Risk Manager, Cathay Pacific Airways, Mr. Charles Liang, IT Security Policy Manager, Group IT, CLP Power Hong Kong Limited, Mr. Geoff McClelland, VP of Technology, Mandarin Oriental Hotel Group, as well as Mr. Haf Saba, Senior Solutions Specialist – Systems & Security Management – Asia Pacific, NetIQ, to discuss the challenges in information security faced by the business community. In addition to the above two sessions, there were 14 other presentations addressing a wide-encompassing list of topics related to information security, including
•
Social network threats
•
Security in the cloud and virtual IT
•
New risk frameworks
•
The rising "human" factor in security
•
Dealing with data loss–nothing is completely secure
•
New cyber crime threats
Other keynote speakers include
•
Mr. Edge Zarrella, Global Partner in Charge, IT Advisory, KPMG
•
Mr. Jonathan Andresen, Director of Product Marketing – Asia Pacific, Blue Coat Systems
•
Mr. Ken Wong, Server Business Group Lead, Microsoft Hong Kong Limited
•
Mr. Ricky Ho, Regional Director, Hong Kong & Taiwan, McAfee Inc.
•
Mr. Alain Thibaud, Vice President of Field Systems Engineering, F5 Networks
Also presenting at the Conference were representatives from Blue Coat, Microsoft, McAfee, F5 Networks, NetIQ, CPCNet, Fortinet, Citrix Systems, NTT Com Asia, Check Point, TippingPoint, Nexusguard, Sophos, Symantec and Handshake Networking.
With such a rich program, the one-day Conference has recorded around 1,300 pre-registrations and again turned out to be a full-house event this year. "We are most delighted by the overwhelming response displayed by the attendees," said Culsin Li, General Manager of organizer e21 MagicMedia. "The fact that attendees are able to seek practical advice and acquire new knowledge in information security here shows that the Info-Security Conference has remained one of the most important security events in Hong Kong."
Founded in 1989, e21 MagicMedia has established itself as a global integrated marketing and technology firm, with expertise in the US and the Asia Pacific markets. We focus on the Greater China market with presence around the globe, including Beijing, Chengdu, Guangzhou, Hong Kong, Shanghai, Silicon Valley and Taipei. Our history includes 18-year of US business experience, a 13-year history of business in Taiwan, a 9-year business history in Hong Kong and 10-year business history in China. e21 MagicMedia has expertise in exhibition services, event management, public relations and web marketing. Our clients include Agfa, Blackberry, BMC, BP, CANON COMMUNCATIONS LLC, Cyberport, DMX, Google, HKPCA, IBM, InfoComm Asia, Intel, JCDecaux, Microsoft, Novell, SUN & Symantec, etc. For details, please visit the following website: www.e21mm.com
About Questex Media Group, Inc.
Questex Media Group, Inc. is a global, diversified business-to-business integrated media provider, headquartered in Newton, MA. Questex Media serves multiple industries including technology, travel, beauty, home entertainment, landscaping, and industrial and specialty markets through a range of well-established, market-leading products and services. The company’s properties include 23 trade publications, 25 conferences and tradeshows, as well as a host of databases and online media brands. Questex Media has more than 400 employees in offices throughout North America, Latin America, Asia, and Europe.
For press enquiry:
Ms. Tinky Wong
Tel: (852) 2960 1820 / 9801 2398
Fax: (852) 2960 1830
E-mail: tinky.wong@e21mm.com
有見及此,「2010 年第十一屆資訊保安大會」的主題定為「積極準備,應對新現商業危機」 (Preparing for a New Era of Business Insecurity) ,旨在協助企業辨識風險所在,並制定策略 以迎接日新月異的保安挑戰。
資訊保安大會今年踏入第十一屆,繼續獲得香港特區政府、政府資訊科技總監辦公室及超過 25 個業界組織的大力支持。主辦單位e21 MagicMedia、主要伙伴Questex 及Computerworld Hong Kong 雜誌聯手邀請到世界知名資訊保安專家出席,講解金融風暴後出現的資訊風險及保安管 理挑戰,為香港專才提供最新的資訊保安知識。大會同時設有超過20 個展位展示最新的資訊 保安解決方案,為與會者提供更多實用資訊。
迎戰全新的資訊保安年代
大衛‧雷西先生(David Lacey)是知名英國資訊保安研究員、專家及Infosecurity Europe International Hall of Fame 成員。他擁有超過25 年研發及管理大型企業資訊保安程式的經驗, 曾服務的企業包括蜆殼 (Royal Dutch/ Shell Group)、Royal Mail 及British Foreign & Commonwealth Office。大衛‧雷西先生於開幕主題演講以「A new era of risk, uncertainty and complexity」為題,簡報了現時資訊保安市場的概況,並為與會者分析了人為因素對實施資訊 保安的影響及中小企對資訊保安的一些誤解。
應付不斷演變的資訊保安挑戰
本年度的專題研討會邀請了多名來自跨國企業的資訊科技總監及資訊保安總監出席,透過互 動討論和與會者分享企業應如何應付不斷演變的資訊保安挑戰。他們包括:Infosecurity Europe International Hall of Fame 成員大衛‧雷西先生、國泰航空 Group Risk Manager Steve Tunstall 先生、中華電力有限公司資訊科技保安政策經理梁昌先生、文華東方酒店集團酒店發展技術 部副總裁Geoff McClelland 先生及 NetIQ Asia Pacific Systems & Security Management Senior Solutions Specialist Haf Saba 先生。
Report Examines Evolving Malware Attack Strategies that Exploit Online User Behavior
SUNNYVALE, Calif., March 30, 2010 – Blue Coat Systems, Inc. (Nasdaq: BCSI), the technology leader in Application Delivery Networking, today published its annual Blue Coat Web Security Report for 2009, which provides a comprehensive analysis of user behavior in relation to Web-based threats and specifically examines where users encountered malware on the Internet. Based on data collected from the Blue Coat® WebPulse™ service, the report concludes that the overwhelming popularity of social networking services and changes in online user behavior are driving broader attack strategies, including complex blended threats, faster malware lifecycles and search engine manipulation.
Key Findings:
•
Malware adapts with rapid lifecycles: The average lifespan of malware dropped to two hours in 2009, from as many as seven hours in 2007, as cybercriminals responded to the increasing use and effectiveness of URL filtering at blocking malware sources. As a result of this faster malware lifecycle, defenses that require patches and downloads are unable to keep pace.
•
Social networking leads Internet access activity: Social networking sites led Internet access activity in 2009 and accounted for 25 percent of activity among the top 10 URL categories for 2009. Increased reliance on social networking for communication also meant less reliance on Web-based email, which dropped in popularity from fifth place in 2008 to ninth place in 2009.
•
Exploiting user trust drives most common threats: The two most common Web-based threats in 2009 – the fake antivirus software and the fake video codec – both exploited user trust in the Internet, search engines and social networks. These were not the “drive-by” attacks of recent years, nor did they require a vulnerability to exploit other than human behavior.
•
Malware lurks on unexpected sites: Online storage and software download sites were the most frequent hiding places for Web-based malware in 2009. The number of online storage sites grew 200 percent over the prior year, and this growth, coupled with the nature of the service, makes them an ideal and easily accessible malware storage location.
•
Advanced spyware drives increase in malware and phone-home sites: The number of malware sites (sites that store malware for download on victims’ computers) nearly doubled in 2009, but more surprising is the 500 percent increase in the number of malware effects sites (phone-home sites that collect data from an infected computer). This is largely attributable to the emergence of advanced spyware that generates multiple URLs for possible activity, increasing the likelihood that one or more of the URLs will remain undiscovered long enough for cybercriminals to retrieve stolen information.
•
Real-time analysis needed: The changing threat landscape is driving the evolution to a hybrid defense that unites traditional Web gateways with cloud-based intelligence that can provide real-time analysis and ratings and be extended to remote users.
The information in the report is based on an analysis of data collected from the Blue Coat WebPulse service, a cloud-based collaborative defense that unites 62 million users to provide on-demand security intelligence and real-time ratings for 17 languages. WebPulse complements BlueCoat WebFilter and Blue Coat ProxySG® appliances in a hybrid design to provide a first line of defense against malicious attacks for any user, on any network, in any location.
Chris Larsen, senior malware researcher at Blue Coat Systems "The increasing use of link farms to manipulate search engine results and prey on the trust users have in their Internet experience drove many of the malware exploits we saw in 2009 and are continuing to see in 2010. To provide comprehensive protection in the face of these threats, enterprises need not only a layered defense but also better user education."
"The Web is growing too fast in all directions for human raters or even Web crawlers to manage. It is turning into a war of machines, and the best defenses are able to leverage the strength-in-numbers principle to protect users."
Bob Hansmann, senior product marketing manager at Blue Coat Systems "The social engineering techniques that cybercriminals are using today make it difficult for enterprises to protect their users with traditional desktop defenses alone. Enterprises need to go one step further to mitigate exposure to these new Web threats and add defenses that can dynamically analyze and rate new Web content to provide continuous protection and on-demand security intelligence."
Andreas Antonopoulos, senior vice president and founding partner of Nemertes Research “The battlefield for information security against identity theft and cybercrime is the Web. The Web, and especially social media, is where the apps are, where the eyeballs are and, therefore, where the attacks are. As today’s threats move too fast for “patch and distribute” strategies, enterprises must adapt and deploy defenses that are scalable, real time and community intelligence-based to protect employees regardless of location."
Blue Coat Systems is the technology leader in Application Delivery Networking. Blue Coat offers an Application Delivery Network Infrastructure that provides the visibility, acceleration and security required to optimize and secure the flow of information to any user, on any network, anywhere. This application intelligence enables enterprises to tightly align network investments with business requirements, speed decision making and secure business applications for long-term competitive advantage. For additional information, please visit www.bluecoat.com.
# # #
FORWARD LOOKING STATEMENTS: The statements contained in this press release that are not purely historical are forward-looking statements, including statements regarding Blue Coat Systems’ expectations, beliefs, intentions or strategies regarding the future, and including statements regarding the capabilities and expected performance of Blue Coat Systems’ products. All forward-looking statements included in this press release are based upon information available to Blue Coat Systems as of the date hereof, and Blue Coat Systems assumes no obligation to update any such forward-looking statements. Forward-looking statements involve risks and uncertainties, which could cause actual results to differ materially from those projected. These and other risks relating to Blue Coat Systems’ business are set forth in the Securities and Exchange Commission reports filed by Blue Coat Systems, including but not limited to the risks described in the most recent reports on Form 10-K and Form 10-Q, particularly under the heading “ Risk Factors.”
Blue Coat, ProxySG, WebPulse and the Blue Coat logo are registered trademarks or trademarks of Blue Coat Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners.
Check Point Software Blade architecture is first and only to deliver flexible and manageable security to businesses of all sizes
Check Point® Software Technologies Ltd. (Nasdaq: CHKP), the worldwide leader in securing the Internet, announced its new Software Blade architecture, the industry’s first architecture to meet businesses’ need for total, flexible and manageable security. The new architecture empowers businesses with the ability to select from a library of over 20 software blades the exact security protections necessary and dynamically tailor security gateways for different environments and sites.
Security environments of large, medium and small companies are becoming more complex as they attempt to address continually evolving threats. Many organizations complain about the need to use multiple products, hardware platforms, management consoles and daily monitoring systems. Check Point Software Blade architecture offers businesses a common platform to deploy independent, modular and interoperable security applications or “software blades” – such as firewall, virtual private network (VPN), intrusion prevention system (IPS), anti-virus, policy management or provisioning blades. The architecture allows customers to select the exact security software blades they need and then to combine them into a single, centrally managed gateway.
"We are proud to introduce a new paradigm in security; one that meets today’s complex threat environment with refreshing simplicity," said Gil Shwed, chairman and chief executive officer at Check Point. "To address each new risk businesses can now consolidate multiple security systems by simply activating software blades on their Check Point security platform. Check Point Software Blade architecture gives businesses the flexibility to create a unified security infrastructure that can be extended to fit their growing needs."
With the new Software Blade architecture customers will be able to move functionality from one system to another, consolidate or split functionalities between systems and guarantee performance for each software blades by setting usage thresholds. All these capabilities will enable customers to scale their security needs while reducing security cost of ownership.
For example, a business could start with a single core, single blade firewall system. That business can turn on functionalities such as VPN, network anti-virus, VoIP security and intrusion prevention by adding four blades turning their system into a five blade system. To meet their performance needs the system can be upgraded into a two, four or eight core computing system, enabling multi-gigabit performance with the extended functionality.
"For businesses a unified line of gateways with centralized management securing both external and internal security zones is very beneficial," said Charles Riordan, business leader, network security and audit at Visa Inc. "Moving to Check Point Software Blade architecture with its performance enhancing core associations is something enterprises like Visa may well take advantage of moving into the future. Bottom line is Check Point’s new architecture and foresight looks to be spot on with what the industry needs."
Key benefits of the Check Point Software Blade Architecture include:
•
Flexibility – Provides the right level of protection at the right level of investment
•
Manageability – Enables fast deployment of security functions and increased productivity through central management of software blades
•
Total Security – Provides the right level of security, at all enforcement points, and at all layers of the network
•
Guaranteed performance – Enables performance setting per blade to ensure guaranteed performance
•
Lower TCO - Protects investment by enabling consolidation and leveraging existing infrastructure
"IDC expects the next generation of security products to offer more flexibility in both features and deployment options, a trend that is accelerated by the current state of the economy and the demand for more cost-effective solutions. Check Point's new Software Blade architecture offers customers important flexibility and customization options to deliver security tailored to each enterprise's specific environment," said Andrew Hanson, network and endpoint security analyst at IDC. "Software Blades’ modular approach can also supply cost saving benefits as they can be deployed dynamically without the need to upgrade hardware, firmware or drivers."
"Check Point Software Blades offer customers a revolutionary architecture to create a security system that is uniquely flexible and can expand to optimize their existing infrastructure," concluded Shwed.
Pricing and Availability
Check Point Software Blades can be purchased through Check Point's worldwide network of value-added resellers. For information on pricing and licensing, visit https://pricelist.checkpoint.com. To find a Check Point partner, visit www.checkpoint.com.
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com), the worldwide leader in securing the Internet, is the only vendor to deliver Total Security for networks, data and endpoints, unified under a single management framework. Check Point provides customers with uncompromised protection against all types of threats, reduces security complexity and lowers total cost of ownership. Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology. Today, Check Point continues to innovate with the development of the Software Blade architecture. The dynamic Software Blade architecture delivers secure, flexible and simple solutions that can be fully customized to meet the exact security needs of any organization or environment. Check Point customers include tens of thousands of businesses and organizations of all sizes including all Fortune 100 companies. Check Point's award-winning ZoneAlarm solutions protect millions of consumers from hackers, spyware and identity theft.
New NetScaler Application Firewall appliances break industry records with
unmatched 5 Gbps performance
Hong Kong — 9 March 2010 — Citrix Systems, Inc. (NASDAQ:CTXS) has announced immediate availability of five new Citrix NetScaler Application Firewall appliances designed to bring a new level of security to public and private clouds and web applications. Each of the new appliances is built on the Citrix NetScaler MPX hardware platform, the application acceleration, load balancing and web-security system that powers thousands of enterprise datacenters and most of the world's largest clouds and websites.
With the introduction of this new offering, Citrix now provides solutions ranging from the 10 Mbps Citrix NetScaler VPX virtual appliance to a record breaking 5 Gbps with the NetScaler MPX hardware appliance – meeting the needs of small and large enterprises, managed security services providers (MSSPs) and cloud providers. In fact, the new appliances outperform throughput levels from the nearest competitor by two times across multiple performance metrics.
As more corporations consider cloud and web computing models, security tops the list of concerns. Regardless of whether companies adopt public clouds, private clouds or internal web applications, the dynamic nature of these environments make them far more attractive targets for hackers. In addition, sites that bill users for services over the web are now subject to strict new regulation from the Payment Card Industry Data Security Standard (PCI-DSS) which protects sensitive customer data. The combination of these trends has elevated web application firewalls from a "nice-to-have" feature, to a business necessity. The new Citrix product line enables enterprise and cloud customers to apply broad application security to both web and Web 2.0 applications, while making the cloud a safer place to do business.
Multi-function clients are making a comeback as enterprise employees become globally dispersed, and IT needs to deliver the same level of performance for users, no matter where they are. The BIG-IP Edge Gateway is another indication that multi-function clients are here to stay. Bluecoat's ProxyClient software, which debuted in January 2008, performs application acceleration, access contol and web filtering, was one of the first multi-function clients to be released. Juniper Networks integrated their WXC client with their SSL VPN client for indentity based SSL VPN, WAN optimization and acceleration, firewall, host IDS/IDP and network access control. However, those features required multiple devices for nearly every major function.
"It is increasingly important to focus on security especially as companies move more toward cloud and web computing models," said Cindy Borovick, research vice president for IDC's Datacenter Networks service. "With a product offering such as the NetScaler Application Firewall appliance, Citrix will have a nice play in two important adjacent markets signifying a shift for the Application Delivery market as it focuses more and more on foundational network services."
In addition, the new application firewall models embrace the company's unique Pay-as-You-Grow licensing model (see "Citrix NetScaler Pay-As-You-Grow Pricing Gives Customers Unprecedented Licensing Flexibility"). This pricing model enables customers to purchase today a full-featured security solution that meets near-term performance requirements, with the knowledge that as demand grows, the network can easily be scaled up with a simple software license upgrade. The licensing flexibility, available on both NetScaler MPX hardware and NetScaler VPX virtual appliances, makes it an ideal complement to server virtualization, enabling customers to secure and scale the datacenter in the most efficient way possible.
The Citrix NetScaler solution was recently commended by renowned publication Network World Asia, winning the 'Best network and apps acceleration' category in the title's Product Excellence Awards. The product was recognized for its ability to accelerate web applications up to five times whilst providing proven protection. In addition, the Citrix AppCompress, Citrix Application Firewall and the NetScaler Command Center were praised for successfully addressing the infrastructure needs of Asian enterprises.
Advanced protection for Web 2.0 applications
In addition to detecting and blocking application threats targeting traditional web applications, NetScaler Application Firewall incorporates advanced protections for Web 2.0 applications and services. The proliferation of Web 2.0 technologies among application developers is driving the need for more sophisticated security protections and greater native fluency of XML-based applications. NetScaler Application Firewall performs comprehensive HTML and XML security checks including:
•
XML denial of service (XDoS) to protect servers from malicious XML payloads by enforcing limits on the payload structure
•
Schema validation and format checks to verify proper data types on SOAP messages and XML payloads
•
SQL injection and cross site scripting
•
Attachment checks to block attachments with malicious executables or viruses
•
WS-I basic profile compliance
"Not only are traffic rates growing at an accelerating clip, but the number of attack types is increasing such that it is nearly impossible for IT security managers to keep up," said Klaus Oestermann, group vice president and general manager, Cloud and Networking Product Group at Citrix Systems. "Our new NetScaler Application Firewall appliances not only provide advanced security protections, but also deliver the performance and scalability levels being requested by our customers."
About the Citrix NetScaler Application Firewall
The NetScaler Application Firewall is a comprehensive and powerful security solution that blocks known and unknown attacks against web and web services applications. It utilizes a positive security model allowing only correct application behavior, without requiring constant updates of attack signatures. The NetScaler Application Firewall is ICSA certified and provides protection against a wide array of malicious attack techniques targeting application vulnerabilities, confidential data theft, denial of service, and web site defacement. It is available on NetScaler MPX hardware appliances. NetScaler Application Firewall is also included with the NetScaler VPX software appliance, further enhancing the company's ability to offer cloud and web security as part of the industry's only end-to-end networking virtualization solution.
NetScaler Application Firewall is now available on MPX 5500, MPX 7500, MPX 9500, MPX 10500 and MPX 12500 appliances through Citrix Solution Advisors worldwide. Pay-as-You-Grow licensing is available for MPX 7500, MPX 9500 and MPX 10500 appliances.
Online Resources
•
NetScaler product page
•
NetScaler Developer Community
•
NetScaler blogs
•
Citrix on Facebook
About Citrix Systems
Citrix Systems, Inc. (NASDAQ:CTXS) is a leading provider of virtualisation, networking and software-as-a-service (SaaS) technologies for more than 230,000 organisations worldwide. Its Citrix Delivery Center, Citrix Cloud Center (C3) and Citrix Online Services product families radically simplify computing for millions of users, delivering applications as an on-demand service to any user, in any location on any device. Citrix customers include the world's largest Internet companies, 99 percent of Fortune Global 500 enterprises, and hundreds of thousands of small businesses and prosumers worldwide. Citrix partners with over 10,000 companies worldwide in more than 100 countries. Founded in 1989, annual revenue in 2009 was $1.61 billion.
Issued on behalf of Citrix Systems by EBA Communications For further information please contact: Paula Fisher/Andy Wong (EBA): (852) 2537 8022 (email: paula.fisher@ebacomms.com/andy.wong@ebacomms.com)
Note to editors: this release can also be found on the EBA Web site at www.ebacomms.com For enquiries on releases by email, please call Jennifer Tang at (852) 2537 8022 or send a message to jennifer.tang@ebacomms.com
Citrix, NetScaler, MPX, VPX and Citrix Delivery Center are trademarks of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the US Patent and Trademark Office and in other countries. All other trademarks and registered trademarks are property of their respective owners.
FortiAP and FortiGate Appliances Provide High-performance, Cost-effective Platform for Wireless Networking and Integrated Security
HONG KONG, Apr. xx, 2010 - Fortinet® (NASDAQ: FTNT) - a leading network security provider and worldwide leader of unified threat management (UTM) solutions - today introduced a secure wireless LAN strategy with a new enterprise-class FortiAP™ thin access point (AP) product line. The FortiAP-210 and FortiAP-220, which support the latest IEEE 802.11n standards, are designed to provide wireless networking capabilities for mid-enterprise and service-provider customers with a total user-base or distributed networks of 250-5,000 users. The FortiAP line will work in conjunction with Fortinet’s FortiGate® multi-threat security appliances, acting as the thin access-point controller, to provide a single platform that combines high-performance wireless networking with the industry's broadest integrated network protection. In addition, the FortiGate platform enables customers to have a highly scalable infrastructure with the ability to manage a few to several thousand access points within a wireless LAN.
Today, wireless LANs are as at risk, if not more so, than wired networks. In fact, some of the recent high-profile hacking cases have involved "drive-by" trolling of exposed wireless networks of retail establishments, resulting in the theft of thousands of consumer credit card accounts. In addition to mid-enterprise organizations and service providers, retail industry customers will find the FortiAP/FortiGate solution ideal for meeting PCI DSS Wireless Guidelines, which require the detection of rogue wireless access points and intrusion prevention.
Until now, there have been few options for organizations that want to protect both their wired and wireless LANs with the same network and application security solution. The new FortiAP thin access points, together with the FortiGate product line, enable an integrated threat management schema for wireless networks in the same way that Fortinet has been able to provide for wired networks. In fact, wireless traffic needs more protection because it is a shared medium, which provides greater opportunity for network risks such as data leakage, denial of service attacks or the overuse of bandwidth causing network performance degradation. The FortiAP/FortiGate architecture will tunnel all the wireless traffic back to the UTM engine to undergo intrusion prevention and cleansing, identity-aware policy, and Layer 7 application prioritization to achieve a high-performing, “fortified” wireless LAN infrastructure. In addition, FortiAP uses standards-based CAPWAP (Control and Provisioning of Wireless Access Points) protocol for connecting thin access points as compared to proprietary methods used by competitors.
"Fortinet's entry into the wireless LAN market gives current customers a way to create converged wired and wireless networks with the same powerful protection under a familiar, simplified and cost-effective management platform with no additional controller investment," said Michael Xie, CTO and founder, Fortinet. "New customers will be able to experience a high-performance, secure wireless LAN environment that offers the broadest protection of any consolidated security offering on the market. Overall, today's FortiAP introduction is a key step in Fortinet's growth strategy to extend our security reach into broader and deeper parts of the network."
FortiAP Line-up/FortiGate Controllers
The FortiAP product line is the first manifestation of Fortinet’s broader secure enterprise class WLAN strategy. As the initial products in the FortiAP line, the single-radio/dual-band FortiAP-210 and the dual-radio/dual-band FortiAP-220 offer reliable coverage, consistent high performance, and competitive and high-value price points as compared to similar products in their class. The FortiAP line can be used to roll out wireless network access to employees, retail locations, warehouses, point of sale locations or hot spots for guest use.
Key benefits of the FortiAP line:
•
Next-generation, fully 802.11n-compliant access point
•
High throughput with dual concurrent radio: 300 Mbps-600Mbps
•
Rich set of enterprise-class AP capability
•
Ideal for dense office, campus, branch office and retail
•
Dedicated radio for air monitor to protect against rogue APs for PCI compliance
•
Internal design conceals antenna to reduce chance of vandalism
•
Lower cost of deployment with integrated Power over Ethernet (POE)
•
Highest value at competitive price
All FortiGate appliances from the FortiGate-60 Series on up will be able to act as controllers for the FortiAP, giving customers flexibility and scalability to choose from the broadest range of controllers offered by any single vendor. FortiGate appliances will also be able to act as a single point of management for both wired and wireless LANs. In addition to the existing broad security feature set offered on FortiGate devices, the FortiGate access point controllers will also include WLAN management and wireless IPS.
Each FortiGate platform is capable of delivering centralized management of all access points and devices. From a single console, customers can control network access, quickly and easily update policies, and help monitor regulatory compliance.
Availability
FortiAP thin access points will begin shipping in Q3. Existing customers with valid support agreements will be able to upgrade their FortiGate operating system to act as an enterprise WLAN controller at no additional charge.
Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2009 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise - from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.
Application delivery network vendor F5 has launched their new BIG-IP Edge Gateway appliance and their new Access Policy Manager module, as well as other upgrades as part of the 10.1 release of their BIG-IP software. Both products hope to highlight F5's focus on the network edge, not only managing control of web applications, but to optimize access to the data center no matter where that access originates.
Similar to its recent updates of its security modules, F5 is leveraging the inclusion of Quova's IP location database into the core of its TMOS operating system in its traffic management modules. The security modules track where a particular threat is coming from, and the Local Traffic Manager (LTM) uses location data to direct users to their nearest data center. The benefit of this is clear: spreading out the traffic load while minimizing the distance between the user and the application.
The BIG-IP Access Policy Manager moves the authentication and access control policies out of the hands of dedicated proxy servers or server agents and on to the applications already touching every packet coming in from the outside world. Policy Manager provides a consolidated source for access policy management with an interface similar to F5's iRules to enable administrators to build custom polices. F5 suggests that by leveraging its BIG-IP appliances to handle both load balancing and authentication, customers can realize significant savings in both capital and operational expenses, with a higher level of scalability. Access Policy Manager is the framework that drives the previously announced integration with Oracle Access Manager.
Finally, the new BIG-IP Edge Gateway leverages the same range of appliances as the rest of the BIG-IP family, but is focused on remote sites. The new line pulls together SSL VPN, application acceleration and symmetric WAN optimization with a promise of LAN-like application performance for far-flung users. For truly mobile workers, F5 also offers a new BIG-IP Edge client, which pulls VPN access and acceleration into a single user client. The new gateway also takes advantage of the geo-location functionality in TMOS to redirect remote users to the Edge Gateway nearest to them, not only minimizing the number of hops a user has to take to get back to the data center, but also leveraging the symmetric optimizations of the BIG-IP appliances in between to speed up the connection.
Multi-function clients are making a comeback as enterprise employees become globally dispersed, and IT needs to deliver the same level of performance for users, no matter where they are. The BIG-IP Edge Gateway is another indication that multi-function clients are here to stay. Bluecoat's ProxyClient software, which debuted in January 2008, performs application acceleration, access contol and web filtering, was one of the first multi-function clients to be released. Juniper Networks integrated their WXC client with their SSL VPN client for indentity based SSL VPN, WAN optimization and acceleration, firewall, host IDS/IDP and network access control. However, those features required multiple devices for nearly every major function.
As according to the managing director of F5 Networks in ANZ, Kurt Hansen as "We are predicting 1 billion mobile workers by 2011."
The company is also predicting an increasing incidence of attacks on web services offered by major organisations.
According to F5 Networks although enterprises spend 75 per cent of their security budgets in their networks, an increasing proportion of attacks on corporate data are coming from outside that network. According to Hansen, around three quarters of all attacks were now made against web services and involved web scrapers.
"We have created a solution for a major airline here and in New Zealand where companies were taking its data to repurpose it for comparison. You put this data out there for the customers – not for your competitors to rip you off," said Hansen.
In Australia the company targets the top 1000 enterprises. It has sold into three of the top four banks, Macquarie Bank, St George Bank, the ATO and a swag of universities. Its entry level solution is available for around $50,000 according to Hansen.
Although the company does not reveal local sales, in the three months to the end of December it recorded revenues of $US191.2 million internationally.
The company today also released the results of a survey of 300 CIOs and IT managers in Asia Pacific, exploring their views regarding application delivery.
The survey, conducted by Frost & Sullivan, found that the number one issue CIOs faced in terms of application delivery networking was server load balancing with 33 per cent of respondents nominating this as the top issue. Second was availability of business applications, an issue for 20.7 respondents, while 17 per cent nominated network security.
The research - not surprisingly perhaps as F5 Networks commissioned it and possibly helped scope the questions - seems to validate the company’s approach and priorities when it comes to applications delivery networking.
Also at today’s presentation in Sydney was the company’s vice president of IT and its CIO, John Matthews, who is currently visiting Australia. He provided some insights about the challenges currently facing CIOs – particularly those working in vendor organisations.
He explained that he ran a team to test all F5 Network's new products before they went to market; "We have a dog food team and work the new software and hardware."
He said that in general the CIO role had become increasingly diverse and had now matured to the extent that; "There is some truth coming to the maxim that technology can be a driver for the business."
Clad in what could only be described as a sartorial stereotype of grey slacks, brown sports jacket, cornflower blue shirt and maroon tie, Matthews looked every inch the techie – but he nevertheless commands significant sway in F5 Networks where he has a pretty free rein to buy the technology that is best for the business whatever its brand.
Even so he acknowledged that for all CIOs; "The IT gig is fraught with trying to decide what to invest in."
And like other CIOs he has to deal with senior management who can be easily captivated by technology hype. He explained that he might seek support for a $500,000 investment in new firewalls to protect the business, only to have senior management question that, saying that they had "read about cloud computing in Wired magazine – not firewalls - and that they want some cloud computing."
But as Matthews pointed out "I have spent a lot of time with senior management teaching them that Daddy does know best."
Helping government agencies make informed decisions about cloud computing
From the 1990s to present day, the evolution of in-the-cloud services and virtualization has enabled companies and governments to do more with fewer resources and greater efficiency. This paper examines the security implications of today’s cloud computing options for your government business, and provides insight into services available from McAfee for those government agencies who ultimately decide to leverage the benefits of cloud computing.
Background
A key development in the evolution to cloud computing has been the virtualization of server infrastructure. Moving this virtualization to “the cloud,” third-party service providers can virtualize resources for multiple tenants across an entire infrastructure. As it has for enterprises, virtualization enables service providers to maximize the efficiency of large servers and processing power, and it enables these providers to serve many more clients using a fraction of the computer hardware that a non-virtualized environment would require. In essence, virtualization gives service providers economies of scale—making it possible for them to offer hardware, networks, software applications, and support at a lower operational cost than their clients could achieve by building that infrastructure themselves. In fact, the ability of service providers to create a profitable business based on offering their clients inexpensive computing power “in the cloud” is a key factor driving the success and popularity of cloud computing.
Seeing the potential for government and business benefits, cloud computing service providers have increasingly offered the market complementary options:
•
Infrastructure-as-a-Service enables government agencies to cost effectively "lease" the network—data center space, servers, disk space—and scale as needed without spending on the hardware up front.
•
Software-as-a-Service allows government agencies to outsource applications or functionality that leverage a service provider's deployment and management expertise and hardware investment.
•
Platform-as-a-Service provides government agencies with a "rented" development platform for building new applications.
Benefits of Cloud Computing
Governments and businesses alike have considered cloud computing as a panacea of sorts to address needed cost improvements in the current fiscal times, and longer-term cost reduction measures. But there are more than cost improvements. All of the cloud service models share several benefits:
•
As with virtualization, fewer resources are required to run the hardware and software that the agency needs to support its operations.
•
Organizations can choose what they need, when they need it, and only for as long as they need it. Access to cloud-based applications can easily be limited to only specific users for a specific duration, as opposed to costly licensing of the applications per seat regardless of time of use.
•
Agencies can scale capacity up or down without having to lock into software licensing and hardware capital expenditures.
•
Staff and other users need only a web browser to leverage in-cloud applications, which greatly simplifies deployment within the agency.
•
Agencies can avoid or reduce the need for application-specific expertise and capital expenditures to run the applications on their network.
Cost Reductions: Not the Only Consideration
Clearly there can be solid financial reasons for government organizations to consider cloud computing. Due to the fiscally challenging economic climate and trend to tighter budgets, as well as a shortage of staff to administer and manage software, many IT departments (in both public and private sectors) have already delayed some technology purchases. But cost is not the only consideration.
While IT budgets have been shrinking, security concerns are actually growing. Security threats, for example, are on the rise, according to indications from McAfee’s own research (which detected 1.5 million malware attacks in 2008). So in these fiscally lean times in which government agencies are asked to do much more with far fewer resources, it is important not to overlook the security implications of IT spending decisions. While investigating low-cost operational models, government agencies would be well advised to also give serious consideration to data security.
Best Practices for Security and Privacy
As with any decision to outsource, the decision to leverage cloud computing is one that should be made with considerations for best practices in security and privacy. Cloud computing alters the risk landscape in areas such as confidentiality, privacy, integrity, regulatory compliance, availability, and e-discovery. This is particularly true for those leveraging the cloud to store sensitive data such as customer records, employee records, financial data, and other data that is regulated or that should otherwise be strongly protected. Organizations must also realize that the incentives for attackers are higher when a greater amount of data of value is stored in one location; it makes for a more lucrative target. Therefore, it is important to ensure that proper security assurances are in place2.
•
Consider the type of data you’re moving to the cloud
You must begin by weighing the risks and benefits for storing various forms of data in the cloud if you intend to use the cloud in this way. Perhaps you want to take advantage of the benefits of cloud computing but only for the least sensitive data, while retaining the most sensitive data on your own network and under your own control. Start with a full understanding of the types of data you retain today, where you retain that data, and how, so that you also understand how your risks will change as you change the location and control of your data.
•
Understand the “people, process, technology” model for your service provider
You will need to do greater due diligence in understanding the people, process, technology model of your provider so that you can evaluate how that compares to your own. Some questions to consider:
-
What security and privacy best practices does your provider follow?
-
Does your provider follow an international framework such as ISO 17799 for its security operations?
-
What is the training your provider requires of those running the network and touching the data? o What, if any, background checks are required of the provider's operators?
-
Does the provider use behavioral analysis tools that trigger alarms when unplanned or non-compliant changes are made?
-
How does the provider handle vulnerabilities and alerts?
-
What is the provider’s patch management strategy?
-
How does the provider approach privacy of customer data? Do they espouse a framework of privacy principles? (Models for privacy practices include the Generally Accepted Privacy Principles from the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA), and the Government of Ontario's new PrivacybyDesign™ privacy principles.)
-
How do you get your data to and from the provider?
-
Can you access mission-critical or real-time data instantly, at any time?
-
What is the best way to secure the clients being used to access the data or the data now resident on the client’s machine?
•
Review security, breach, and uptime accountability
As with any outsourcing arrangement, there must be clear accountability to the security of your data—from the confidentiality, to the integrity, to the availability of that data. The legal contracts should clearly stipulate your desires with regard to accountability and the level of accountability with which you are most comfortable, particularly in regard to regulated data. If the country and state in which you operate or conduct business have clear data breach laws, for example, all aspects of the data breach and reporting responsibility should be clearly understood by all parties, and the actions to be taken by each party—and when—should be documented.
If you are using a service provider in another country, you must understand that country’s obligations and ability to enforce those obligations relative to the country or state for whose data you are accountable. As with traditional outsourcing arrangements, you should be very familiar with the contractual uptime requirements and understand how they will impact your business as it relates to the type of data being stored in the cloud. What are your provider’s service-level agreements (SLAs) and how do you affectively manage them? Keeping your own customer in mind, how do you guarantee availability?
•
Choose a model (infrastructure, software, or platform)
Armed with the information from your due diligence, you’re then in a better position to weigh the risks and rewards of each model (Infrastructure-as-a-Service, Platform-as-a-Service, or Software-as-a-Service) and understand how each model could benefit your government agency. Each will have different implications for your security and privacy needs, but security must be an absolute baseline consideration, whichever model you select.
Summary
Ultimately, the best decision you can make with regard to cloud computing will be based on both your current operating model and the balance of risks vs. rewards that such a service model can provide your government agency. Organizations such as critical infrastructure providers, all levels of government, financial services, and those in other industries that are already lucrative targets for would-be attackers should take particular heed of the processes and best practices advocated. But no corporation or government agency is immune. Ensuring that you have established a baseline of best practices for all of your security and privacy regulations and non-regulatory obligations to your customers, citizens, and employees is a fundamental step in the right direction. With this baseline, you are ready to consider the many benefits of cloud computing in a model that best meets the needs of your government agency.
Nexusguard and eASPNet today announced that they have formed a joint partnership to provide 'clean traffic' internet to eASPNet IDC customers in Taiwan. The solution will combine the carrier neutral resources of the eASPNet Data Center with the Nexusguard globally distributed scrubbing centers. Sean Lord (VP Sales for Nexusguard) said: "We believe our partnership with eASPNet will combine the eASPNet world-class Taipei Data Center, with the only Taiwan based anti-DDOS scrubbing center. Our globally distributed scrubbing centers combine anti-DDOS protection upstream from Taiwan, with in-country protection and connectivity. Customers can connect directly to our scrubbing center in the eASPNet data center, providing carrier-neutral 'always on' mitigation and detection. This is the most effective, largest capacity solution available in Taiwan.'
The solution has generated a lot of interest from Taiwan companies that are at risk of DDOS attacks, but what makes it unique, is the carrier-neutral architecture, which does not rely on any one provider or geographic route. Lord continued “With a carrier's anti-DDOS solution, you are restricted to using only their circuit and their definition of how much capacity they will protect....with the eASPNet-Nexusguard solution, we will clean the whole attack. Ryan Chin (CEO of Nexusguard) states: “With this solution, companies benefit from fast detection and mitigation without being tied down to any one carrier, saving them vital downtime that can cost companies a lot of money"
Jimmy Chen of eASPNet commented 'Our partnership with Nexusguard positions us as a provider of premium security for the Taiwan enterprise. We aim to provide an environment with the least downtime, and the highest degree of resiliency. Nexusguard is well known for their high degree of expertise in stopping DDOS attacks, which is just what our customers have been looking for."
About eASPNet: eASPNet Taiwan Inc was established in August, 2000. Based on the concept “outsourcing”, we provide a wide range of superior services that enterprises can take advantage for in telecommunication applications. These include Collocation Service, Value Added Service, Operation Service and eOutsourcing Service.
About Nexusguard: Nexusguard is a specialist anti-DDOS security firm with headquarters in Hong Kong. The combine the most effective routing in Asia, with Mandarin / English speaking support staff and the only anti-DDOS scrubbing center in Taiwan linked to a dedicated anti-DDOS global network.
Security Intelligence from DVLabs, Zero Day Initiative Drives Faster Filter Development and Improved Network Protection
AUSTIN, TX – January 19, 2010 – According to the most recent Frost & Sullivan Vulnerability Tracker, TippingPoint, a leader in network security and a division of 3Com, continues to lead the industry in security research. The report, which highlights software vulnerabilities discovered in the first half of 2009, credits TippingPoint with finding more vulnerabilities than any other research organization it tracks. To this end, TippingPoint has also announced that for the entire year, it has uncovered 114 vulnerabilities that threatened the most common browsers, operating systems and Web applications, as well as increased the number of external contributors to its Zero Day Initiative (ZDI) program to over 1,100. The research culled from these vulnerabilities is built into the filters and signatures that keep the TippingPoint® Intrusion Prevention System (IPS) Platform up-to-date and customers protected against the latest security threats.
Security threats continued to evolve in 2009, both in the objects targeted and the methods used for exploitation. Common business applications such as PDF document readers and Internet browsers continued to attract hackers with their large attack surface and enticing profit potential. Attacks targeted at custom Web applications also increased this past year due to increased use in the enterprise world. Worms like Conficker, which dominated the security attack landscape in 2009, show that hackers are using multiple vectors to exploit these vulnerabilities as well as going to great lengths to succeed with their attacks.
Published in December 2009, the Frost & Sullivan Vulnerability Tracker for 1H2009 included a number of key findings that demonstrate TippingPoint’s leadership in vulnerability research, including:
•
TippingPoint reported more than twice the number of media application vulnerabilities than its next closest competitor.
•
TippingPoint found more than twice the browser vulnerabilities than any other research organization.
•
Heap-based overflows were the most common type of vulnerability reported and TippingPoint led the market in reporting these vulnerabilities.
•
More than 82.5 percent of reported vulnerabilities enabled the attacker to take full control of the compromised system. These systems can be used by criminals for activities such as denial-of-service attacks, spam messaging, or phishing attacks. TippingPoint led all researchers by reporting the highest number of vulnerabilities that enabled this type of code execution.
"Hacking has evolved from simple glory-seeking missions to a complex business model that rivals the organizational structure of today'’s most successful enterprises. The profit potential has bred a new class of cybercriminal, making it even more important to keep ahead the attacks,‖ said David Endler, senior director of security research at TippingPoint. “In general, the number of people with the skills to discover vulnerabilities is increasing. However, with programs like ZDI, we are seeing a measurable increase in the number of talented researchers willing to work on the right side of the law."
TippingPoint's Digital Vaccine® Labs (DVLabs) security research team is the benchmark of vulnerability and security research in the industry. Providing the security intelligence behind TippingPoint's products, the DVLabs team consists of world-renowned internal security researchers that apply their cutting-edge engineering and analysis talents in their daily operations. In 2005, TippingPoint founded the ZDI, a program which rewards external researchers for responsibly reporting discovered vulnerabilities. Since its inception the program has grown to more than 1,100 researchers from countries across the globe.
The success of TippingPoint's vulnerability research and reporting program has been bolstered by the explosive growth of researchers contributing to the ZDI program, as well as the increase in vulnerabilities being reported, according to Robert Ayoub, industry manager for Frost & Sullivan North America. "For the last several years, we've been tracking the vulnerabilities reported by vendors and research organizations to get a better sense of the security risks that are out there. Over the years, we've seen the bulk of reporting shift from the vendors and private sources to third-party research organizations like TippingPoint's ZDI program. TippingPoint has been particularly successful in recent years having put up an impressive quarter-over-quarter increase in reported vulnerabilities since 2008, surpassing all of the other organizations to lead market."
"The report from Frost & Sullivan really demonstrates that the research from DVLabs and the ZDI program is unrivaled in the industry. The recent attacks on Google using a vulnerability in Internet Explorer are a prime example of the types of vulnerabilities our researchers have been uncovering for several years," added Endler. ―Discovering and understanding these vulnerabilities are what make the Digital Vaccine service such a differentiator for TippingPoint. The depth of the research coming out of both ZDI and DVLabs is what allows us to provide such comprehensive security coverage in the IPS."
TippingPoint is the enterprise security brand of 3Com Corporation (NASDAQ: COMS), a $1.3 billion global enterprise networking solutions provider that sets a new price/performance standard for customers. 3Com has three global brands—H3C, 3Com, and TippingPoint—that offer high-performance networking and security solutions to enterprises large and small. TippingPoint leads the advancement of network security with a modern network security platform and intrusion prevention system (IPS), purpose-built to protect today's next-generation data center network from evolving, global security threats. TippingPoint helps organizations reduce security operating costs while ensuring maximum business continuity. For more information on TippingPoint, please visit www.tippingpoint.com, or the press center at www.tippingpoint.com/press.
