The importance of remote connectivity is growing, VPN has become quite essential for each and every organizations starting from Enterprises to a SMB. These days’ people started using the smartphones for VPN connectivity including me. This is an era of iPhones, iPads, Black berries etc.

There is a good news for iPhone users as Juniper Network one of the leading network security company has released Junos Pulse app, which provides secure remote mobile access to corporate resources on an iPhone or iPod Touch. Junos Pulse app happens to be the industry’s first downloadable VPN app for iPhone,  coupled with the Juniper Networks SA Series SSL VPN Appliances, a remote user can now have the privilege of accessing any corporate resource from the iPhone and iPod touch enabling the mobile workforce to stay connected, productive and informed while on the run.

Mark Bauhaus, executive vice president and general manager of Juniper’s Service Layer Technologies Business Group said on the release of the app: “Instant and seamless secure access to corporate resources including applications, email, contacts and the intranet are all critical elements demanded by employees of any successful organization. We worked with Apple to ensure the Junos Pulse App enables the productivity that enterprise users are demanding and are very excited that it is now available on the App Store.  Juniper’s market-leading SSL VPN solution will keep any enterprise mobile, secure, empowered and working more efficiently.” 

The Junos Pulse app works on iPhone and iPad with an iOS version of 4.1 or later. On the infrastructure side, customers must have a Juniper Networks SA Series SSL VPN Appliance running version 6.4 or later.

In one of my past posts, I mentioned about the Scrutinizer netflow analyzer, still I am testing some more netflow analyzers . Manage Engine recently released the latest version of its Manage Engine Netflow Analyzer 7.5.

So I though let me try the demo version of Manage Engine Netflow Analyzer 7.5, the new version features a customizable administrator dashboards allows an IT administrator to monitor the critical parts of the network infrastructure.

The new  Manage Engine Netflow Analyzer 7.5 ‘s Site-to-Site traffic monitoring capability helps businesses track network traffic patterns between separate physical locations, ensuring business-critical applications have the right amount of bandwidth allocated for maximum performance. This level of understanding is vital for the day-to-day performance of existing applications, as well as for planning infrastructure growth. It is also key to IT departments that chargeback business units for the volume of network traffic generated, and for service providers who bill customers based on volume and speed.

Some of the features of Manage Engine  Netflow Analyzer 7.5 are as follows

The Manage Engine Netflow Analyzer 7.5 is worth trying the demo version for 30 days.  The good thing about the Manage Engine Netflow Analyzer 7.5 is the enhanced reporting tool, customizable dash board and ease to manage and install.

It’s my habit to always  try something new or some interesting. As we have a huge project coming up, hence  I am in the process of testing many windows supported netflow analyzers.  Since I am aware of Manage Engine Netflow analyzer I thought for a change let me start over with Scrutinizer netflow analyzer.

I just went to the Scrutinizer web site and downloaded the latest Scrutinizer netflow analyzer; there support seems to be good, the moment I downloaded the  Scrutinizer netflow analyzer;  I received an email offering a trial key with few faqs of the Scrutinizer netflow analyzer.

Some of the key features for which I got interested in the Scrutinizer netflow analyzer are

• Captures all the flows, all the records, all the time. It supports Cisco Net Flow, sFlow and other flow technologies and uses that data to monitor the overall network health.
• Identifies which users, applications and protocols are using the most network traffic. It is not limited to the Top 10! All of the flows can be viewed and exported.
• Custom Net Flow Reports help visualization of which routed ports on the network are the most congested.
• Provides long term trending details for overall LAN and WAN bandwidth usage, so bandwidth needs can be accurately gauged.
• Enhances network security by alerting network administrators of suspicious or potentially hazardous network behavior patterns.
• Central Interface offers a distributed solution that scales to enterprise level networks.

 Scrutinizer netflow analyzer is very easy to install and configure. The dash board is customizable and the most attractive part of the Scrutinizer netflow analyzer is the reports, you can generate customized reports which can be based on protocols, IP address and many other parameters. One more advantage of using Scrutinizer netflow analyzer is you can monitor the hosts which are accessing you tube as well. Worth trying the trail full version you can always request for an extension for the license key.

http://www.plixer.com/support/faq.php

[kml_flashembed movie="http://www.youtube.com/v/Eu7YnfzbAkw" width="425" height="350" wmode="transparent" /]

Dynamic ARP inspection ensures that only valid ARP requests and responses are relayed.

The switch performs these activities:·        

Intercepts all ARP requests and responses on untrusted ports ·        

Verifies that each of these intercepted packets has a valid IP-to-MAC address binding before it updates the local ARP cache or before it forwards the packet to the appropriate destination·        

Drops invalid ARP packets

The new Network and Security Manager (NSM) offers centralized management for Juniper Networks J-series services routers, EX-series Ethernet switches, Secure Access SSL VPN and firewall/VPN and Intrusion Detection and Prevention appliances, and the newly announced Unified Access Control (UAC) solution.

The Network and Security Manager (NSM) enables high-performance businesses to consolidate and simplify the management of their network infrastructure to increase security, reduce cost and realize operational gains.

Overview

Network and Security Manager (NSM) is a powerful, centralized management solution that controls the entire device life cycle of firewall/IPSec VPN, Secure Access (SSL), Infranet Controller (IC), J-series and EX-series switches (JUNOS® software). NSM handles the basic setup and network configuration with local and global security policy deployment for these products. Unmatched role-based administration allows IT departments to delegate appropriate levels of administrative access to specific users, minimizing the possibility of a configuration error that may result in a security hole. NSM can scale from small to large enterprises with NSMXpress and NSM Central Manager as a plug-and-play appliance preloaded with the latest version of NSM software.

The Net-Worm.Win32.Koobface.a is activated when a user accesses their MySpace account, and is spread when it automatically comments on linked friend’s sites. Facebook is targeted by Net-Worm.Win32.Koobface.b, which sends messages to the infected user’s contacts through the Facebook site.

Both worms then direct would-be victims to a bogus Youtube link, where they will then receive a message telling them that they need to install the latest version of Flash Player. Instead of downloading the latest version of Flash Player however, the link then installs the worm, which installs the Facebook version of the worm if the user visited the site from MySpace, and vice versa, to increase the infection rates from the worm.

Do access Kaspersky web site for more information.

REMOTE ACCESS SECURITY 

“IS” CONSIDERED THE FOLLOWING:

1. RAS server provides the most secure method for remote access to the network if it is reburied.

2. Never allow client computers on the network to answer remote access connections.

3. Organize all remote access servers in a centrally controlled location.

4. Servers have no need to originate dial-out connections (Except when using telephone lines as low cost WAN connections, but these connections should be relatively permanent).

5. To simplify security administration, allow only one method of remote access into the network.

6. Remote access control procedures must provide adequate safeguards through robust identification, authentication and encryption techniques.

7. Carefully consider the wisdom of providing cellular telephones and modems for use with laptop computers. This technology isn’t usually justified considering the relatively modest increase in productivity compared to the cost and the security risk of a lost laptop.

8. Consider using only the NetBEUI protocol for remote access to limit the extent of intrusions on the network.

9. Control the distribution of remote access software on the network. Never allow client computers to run remote control software. If remote control software is necessary, run the software from centrally controlled computers or thin-client servers.

10. Disable dial-in networking, except in the cases of trusted individuals or to special computers,because dial-in networking can bypass regular network security.

11. Encourage an easy-to-use (but secure, of course) method for users to indicate when they need remote access, for how long, and to which phone number. Base the dial-in permissions on these requests. Always verify the request verbally with the user to ensure that it’s not a spoof.

12. Gather contact information for the telephone companies as soon as possible so that it is on hand if dial -up hacking attempts are discovered.

13. If possible, use external modems to answer RAS connections. They can be powered off when no RAS activity is anticipated, and they allow manual disconnection if necessary.

14. If remote access is required only occasionally, set the Remote Access Server service to start manually, then use the services control panel to start the service when needed and stop it when it is no longer in use.

15. Revoke dial-in permissions for users during periods when they are not necessary, and invoke them when the user is away from the office or working from home for a period.

16. Thin client and remote control software can be more secure than remote access software in certain circumstances. For instance, an entire database could be copied down using remote access software, but that same data would be extremely difficult to extract using remote control software configured to disallow file transfers.

17. Tightly control user-based remote access permissions. Allow only those users who have an immediate need to log in remotely.

18. Use alarming software to detect numerous attempts at password guessing over dial-up networks. Use the standard performance monitor to detect this activity, or purchase third party alarming software.

19. Use callback security. Without callback security, tracing RAS based intrusion attempts is very difficult.

20. Use external modems that have on/off switches for those machines that have remote access software installed. Only turn on a modem when a user calls in and requests a remote control connection.

21. Use hard-coded callback security for all remote users that don’t normally travel, to prevent their account from being exploited from unknown locations.

22. Use Microsoft encryption when possible.

23. Use the Point-to-Point Tunneling Protocol for all Internet connections allowed into the network, or some third-party software that performs the encrypted tunnel function in concert with the firewall.

5‐NETWORK SECURITY
“IS” CONSIDERED THE FOLLOWING:
1. The network must be designed and configured to deliver high performance and reliability to meet the needs of business whilst providing a high degree of access control and range of privilege restrictions.
2. Inappropriate control over access to the network will threaten the confidentiality and integrity of Organisation data.
3. Apply Strong monitor and management utilities in Organisation network.
4. Never communicate between Organisation units over the Internet without using some form of encryption.Unencrypted packet headers contain valuable nuggets of information about the structure of the internal network.
5. Always use encrypted communications for data that flows over public networks like the Internet.
6. Locally control and administer all security services for the network.
7. Make telecommunications security an integral part of the network security if the network can be accessed via modems.
8. Use leased lines rather than encrypted tunnels whenever practical.
9. Monitor and Audit the logs for the internal routers and switches.
10. Install fiber cables instead of UTP cables.
11. All speed dialing facility create information security risks as confidential customer contact information can be accesses just by pressing telephone keys.

I.S issues concerned:
• Sensitive information may be stolen because caller masquerade as you over the
telephone
• Secure or unlisted phone numbers may be acquires from your stored information.
• Secure or unlisted phone numbers may be acquired from global information stored in PBX.

Yasir
Personel Website: www.yasirirfan.com