Wireless security vendor Network Chemistry yesterday unveiled an ongoing index to highlight threats in the wireless...
space in hopes of helping companies and organizations protect their networks from the increasing barrage of security attacks.
The Wireless Threat Index was compiled after more than 700,000 network connections from thousands of devices were analyzed between December 2005 and April 2006.
According to Brian de Haaff, Network Chemistry's vice president of product management and marketing, the index, which will be published quarterly and updated to contain new and emerging threats, will disprove several myths swirling around wireless security.
The top five myths, de Haaff said, are:
- End users at organizations with policies against wireless don't use wireless.
- Wireless connections are rarely made to unknown networks.
- Users do not connect to both wireless and wired networks at the same time.
- Ad hoc networks are seldom used.
- Users actually use VPNs.
Network Chemistry's research found that the seven leading indicators of wireless risks are: users connecting to an unknown access point; violating company VPN policies; turning on or trying to connect to an ad hoc connection; connecting to an unknown Ethernet connection; having no virus protection; enabling network bridging; and having no firewall protection.
The index also points out that 36% of all wireless access point connections are to an unknown access point; 22% of all Ethernet connections were with an unknown network; users frequently connect outside of the enterprise, which expands the network perimeter and risk of data loss; and when connections are made with unknown access point or Ethernet networks, there are several risks, including lack of encryption, evil twin, man-in-the-middle, and phishing attacks.
The quarterly index is meant as an educational tool, according to de Haaff.
"There's still an opportunity for a significant amount of education," he said. "Wireless threats are a major issue and need to be addressed."
The report will compile risk profiles, connection methods, and known versus unknown connections and relate how they can introduce security threats and put a network at risk.
Network Chemistry adds to RFprotect arsenal
Along with yesterday's release of the Wireless Threat Index, Network Chemistry also rolled out the latest in its line of RFprotect wireless security suite: RFprotect Scanner.
Scanner is a wired-side vulnerability management solution focused on rogue wireless device detection and automated remediation.
According to de Haaff, RFprotect Scanner, the network-based appliance, can help companies enforce anti-wireless policies and can be deployed in conjunction with RFprotect Distributed in environments that have a wireless infrastructure. The on-premises box includes the Collaborative Device Classification database of devices that threaten enterprise networks and data. It can be configured to automatically shield the network from rogue devices and offers detailed, custom control over scanning; threat prioritization and alerts; and automated, immediate disabling of connected rogue devices.
"It's not enough to just protect, you want to be able to automatically remediate," de Haaff said.
The Collaborative Device Classification system gathers information on devices on the network and feeds it back to a comprehensive database to determine whether any unwanted devices are connected. The database already includes 1 million identified devices, de Haaff said.
Network Chemistry is also making an open source version of the product, which can help companies scan their networks. The RogueScanner is available at no charge.
Silver Peak rolls out WAN acceleration management tool
Managing WAN acceleration just got a little bit easier.
Mountain View, Calif.-based Silver Peak Systems yesterday released the Silver Peak Global Management System (GMS).
GMS uses automated wizards to ease appliance installation and management and provides graphical tools for accurate configuration, real-time monitoring, asset management, and detailed performance and application reporting.
Craig Stouffer, Silver Peak's vice president of worldwide marketing, said IT staff can now easily configure large networks of acceleration appliances from one single location, ultimately cutting down on possible configuration errors.
"As acceleration appliances are deployed in new sites, having a centralized tool with a point-and-click GUI for asset management and system-wide configuration keeps operational complexity to a minimum," Stouffer said.
The GMS works with Silver Peak's line of NX series WAN acceleration appliances. Setup and configuration of all network NX appliances can be done through an automated deployment wizard and a point-and-click Web GUI. Stouffer added that administrators can also create customized templates in GMS, ensuring consistent configuration across all Silver Peak appliances, regardless of location.
GMS provides reporting capabilities to assist with capacity management, network planning, auditing and troubleshooting. It also makes available real-time and historical reports, traffic statistics, application behavior, and alarms. All information can be exported from GMS for easy manipulation and long-term storage.
Along with the GMS announcement, Silver Peak yesterday announced an addition to its line of NX WAN acceleration products. The NX 5500 is designed for midsized data centers at companies with 500 to 1,000 employees. The NX 5500 complements the NX 2500 and 3500 for smaller deployments, and the NX 7500 for large enterprise deployments.
Safe and easy VPN access
F5 Networks upgraded its FirePass Controller Secure Sockets Layer Virtual Private Network (SSL VPN) with features to improve the user experience, at the same time adding more protection for applications.
FirePass Controller now offers Visual Policy Management, which includes policy templates that dynamically assign access and endpoint security auto-remediation based on session variables. The new version now also features EasyConnect technology that lets end users select their interface of choice to log on to FirePass when making a VPN connection.
"We are prettying up the outside to make it attractive for an end user to want to use FirePass," the company said.
On the security side, FirePass can now check more than 100 different versions of desktop antivirus and firewall products, it provides a built-in protected workspace for preventing information accidentally left behind on a client device, and it offers a secure virtual keyboard. It also includes Dynamic AppTunnels technology, which the company calls an alternative to reverse proxy. The technology is used for accessing Web applications by eliminating the need for extensive interoperability testing, without requiring any additional end-user rights for access.
Fast apps guarantee
Verizon Business is getting into the global application acceleration game with a new set of services that include performance guarantees backed by aggressive Service Level Agreement (SLA) plans.
The Verizon Business Application Acceleration Services suite includes Application Acceleration for manageability, Application Continuity for control over a multi-data center environment, and Application Acceleration Portal for measurement and control of the performance of applications. < p>Application Acceleration lets users outsource the management of their applications to achieve accelerated application delivery without making application or infrastructure changes in the enterprise. Application Continuity targets organizations with multiple data centers, providing redundancy for applications and continuous performance and consistent delivery of service in the event of server failure or overload. Customers assign rules for performance and availability to enable the automatic shift of traffic between data centers based on business policies and priorities.
The suite's Application Acceleration Portal component lets users manage, measure, plan and troubleshoot critical applications and business processes deployed on the Internet via a user-friendly portal.
Via SLA agreements, the company is backing performance increases of 300% to users in North America and South America, and it is promising increases of 600% to users in Australia, China and Europe.