Most efforts to improve endpoint security focus on corporate policy enforcement, intrusion prevention systems and network access control software. But now one vendor is taking a different approach.
ConSentry Networks of Milpitas, Calif. wants to address the problem through network switching. The company calls its new technology “secure switching” and says its 24-port gigabit Ethernet platform can provide endpoint security as well as application-level, user-based controls.
ConSentry is taking the switching approach because most LANs are have no built-in control, said Michelle McLean, the vendor’s marketing director. The rationale is that any security technology will not be as effective as it could be if its network infrastructure has no built-in security component.
The switching platform, demonstrated at last month’s Interop conference in
Las Vegas, is called LANSheild CS-4024. It will be available in late summer with a $5,995 price tag.
Dell lays off 8,000; 1Q earnings sag Dell Inc. beat Wall Street predictions in its first-quarter earnings report but said it would eliminate 10% of its work force over the next year as part of a plan to trim costs and become more competitive with rivals. [AP]
Symantec moves closer to delivering vPro security The Symantec Virtual Security Solution will work within virtual partitions to monitor network traffic and protect against attacks without interfering with the PC’s operating system. [eWEEK]
FSF releases fourth and final draft of GPLv3 “The most notable changes found in this latest draft include making GPLv3 compatible with version 2.0 of the Apache license, ensuring that distributors who make discriminatory patent deals after March 28 may not convey software under GPLv3, adding terms to clarify how users can contract for private modification of free software or for a data center to run it for them, and replacing the previous reference to a U.S. consumer protection statute.” [Slashdot] Continued »
Here’s some good news if you’re a certified security pro: You’re in the only group of certified IT professionals whose pay scale has gone up this year, Tekrati reports.
A new study by Foote Partners shows that pay for 27 certified IT skills has fallen 2.1% in the past six months. The only one of those 27 areas that has seen an increase is security, where pay is up 1.7%. Meanwhile, pay for non-certified skills has increased by 4.1%.
Edmond Baydian, chief operating officer for Juma Technology in Farmingdale, N.Y., said a survey of his company’s clients shows similar results. He attributes the trend to consolidation among businesses, which places more value on skills in a wide range of areas. Unlike in most IT fields, accreditation in security signifies that you have that broad knowledge, he said.
“Security gives you this application-layer view, and it’s less concerned about the underlying plumbing,” he said. “Security means that you understand the value of multiple protocols over IP.”
The “utmost importance” of security also plays a role, but that is changing because businesses and organizations are starting to turn their IT concerns to other areas, Baydian said. The next big trend will depend on where the government decides to focus new regulations — possibly in Voice over IP (VoIP), thanks to the Communications Assistance for Law Enforcement Act (CALEA), Baydian said.
The Associated Press is reporting this morning that Robert Alan Soloway, infamous spammer, was arrested yesterday by authorities in Seattle. Soloway is accused of hijacking unwitting victims’ computers, turning them into “zombies” and then using those computers to send out millions of spam emails.
Last week, the AP says, a federal grand jury returned a 35-count indictment, charging Soloway with mail fraud, wire fraud, email fraud, aggravated identity theft and money laundering.
This is not the first time that Soloway has found himself in court over his spamming practices. In 2005, Microsoft won a $7 million judgment against him and Robert Braver, owner of an Oklahoma-based ISP, won a $10 million civil judgment.
According to the SearchSecurity.com, authorities believe that Internet users could see a noticeable decrease in the amount of junk email they find in their inboxes and spam folders as a result of this arrest.
Though this is all good news for value-added resellers and security consultants who defend their customers’ networks from spammers like Soloway, that last bit seems a tad overly optimistic. There are many many people out there who will eagerly fill Soloway’s shoes in his absence (maximum sentence, if convicted, being 65 years in a federal prison).
Security consultants aren’t expected to loosen their email security strategies. Antispam standards and email security products have not been made obsolete by this one arrest. Unfortunately, Soloway is just one in an entire culture of spammers who exploit the networks of small and midsized businesses to earn an easy buck. VARs still need to keep their strategies fresh and up-to-date.
That said, it’s nice to know that Soloway won’t be enjoying the nice cars he likes to brag about for a long time.
Jobs and Gates bury the hatchet Bill Gates and Steve Jobs, two of the greatest rivals in technology, made a rare joint appearance last night, but surprised followers of their bitter saga by showering each other with praise. [TimesOnline]
IM attacks so far increased 73% over 2006 Security researchers at Akonix have uncovered 170 malware attacks over IM this year. [eWEEK]
Five reasons to prepare — now — for more mobile security threats So far, mobile security threats have been rare and have been more annoying than dangerous. That’s changing rapidly, a security expert says. [Computerworld] Continued »
While Google is in the news after coming under antitrust scrutiny from the U.S. Justice Department due to its planned purchase of online advertising juggernaut DoubleClick, its purchase of GreenBorder attracted, well, a bit less attention.One of the worst-kept secrets at Google is its ambitious plans for its online application suite, which has been bolstered in recent years by purchases of services such as Writely (a word processor) and JotSpot (a WYSIWYG wiki). But concerns about data security, spyware and computer viruses continue to bedevil their efforts — at least from a public relations standpoint.
As the unofficial Google Operating System blog notes, GreenBorder creates a mini VPN session for each Internet session, therefore bulletproofing it from computer viruses, spyware and malware. The protected Web-based applications are displayed in a browser window surrounded (you guessed it) by a green border. When the session is over, users close the GreenBorder VPN session, and all cached information is removed. VARs will be able to respond to this ever-changing application security landscape by continuing to offer network security beyond the green border.
It’s not difficult to see why Google would buy GreenBorder. With GreenBorder now in the company’s software stables, Google can make a stronger case that the sensitive data contained within its online application suite is safe from cyber scoundrels. Google is betting that, with a little help from friends such as GreenBorder, it has solved the problem of network security for those who see online applications as the wave of the future.
Googlified notes that
Andrew Garcia called it “a novel approach to combating Microsoft Corp. Outlook- or Internet Explorer-borne malware.” And according to KeyLabs (now part of AppLabs), “GreenBorder was broader than and superior to that afforded by traditional anti-spyware and antivirus packages.”
Marketing bluster aside, the tie-up between Google and GreenMarket doesn’t deliver a death blow for Symantec, Norton and other computer security firms, or for VARs that provide comprehensive network security solutions. At least not yet. After all, GreenBorder is a Web-based application that won’t impact corporate users of Office 2007 who rely on antivirus software, spam filters and similar tools that protect their corporate data networks.
Equity firm to acquire CDW Madison Dearborn Partners will acquire the CDW Corporation, a leading online computer reseller, for $7.3 billion. [NYT]
Mac users face hurdles with new Office versions Companies that use Microsoft Office on both Macintosh and Windows PCs will have to deal with cross-platform compatibility issues with the new Office 2008 productivity suite. [eWEEK]
Vulnerabilities in Cisco IOS processing SSL packets Cisco IOS devices may crash while processing malformed Secure Sockets Layer (SSL) packets. In order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL protocol exchange with the vulnerable device. [Cisco] Continued »
StoreVault, a Network Appliance Inc. division that provides storage systems to small and medium size businesses, has inked a deal with Tech Data Corporation to distribute the StoreVault S500 storage system in Canada.
Under the terms of the agreement, Canadian value added resellers will sell the product, have access to Tech Data’s local resources and participate in events that will assist VARs to introduce the product to Canadian small businesses.
“With this announcement we are actively looking to recruit new partners for the StoreVault partner program. We expect around 150 channel partners over the next 12 months,” said Sajai Krishnan, general manager of the StoreVault Business Unit.
Among its features the StoreVault S500 supports NAS, iSCSI and Fibre Channel connectivity, provides backup and restore functionality and can scale up to 6 terabytes of storage. The StoreVault S500 is available immediately and is sold exclusively through the channel.
Ok, so maybe cars aren’t the core business of most IT VARs. But still, when the Linux car at the Indy 500 is the first to crash, that can’t be a great sign, right? Driver Roberto Moreno hit the outside wall on turn 1 of lap 38 and eventually came in last in the race.
Roberto’s car #77 featured Linux’s mascot, Tux the penguin — the culmination of the Tux 500 project, which raised $18,308.90 to put the logo front-and-center on the car.
Oh, well. Good drivers were never Linux’s strong point.
Novell outlines GPLv3 worst-case scenario The final draft of the GNU General Public License version 3 could interfere with Novell’s controversial patent covenant with Microsoft, Novell has admitted. [Computer Business Review]
Microsoft cancels Fall PDC Microsoft cancels its Professional Developer Conference that was scheduled for this fall. [eWEEK]