Category Archives: Network security

Box, Network security, Networks, News & Analysis, NTT Com, VPN

Box to tap NTT’s VPN in Japan

Box is teaming up with NTT Com to launch Box over VPN

Box is teaming up with NTT Com to launch Box over VPN

Box and NTT Com have announced a partnership that will see the cloud storage incumbent offer access to its services through NTT’s VPN service. The companies said the move will improve confidence in cloud services among Japanese enterprises and expand the reach of both companies in the local IT services market.

Box also said the ‘Box over VPN’ scheme would improve network security for users and broaden the range of enterprise customers it caters to in the region, in particular enabling it to tap into government and financial services institutions.

“We’re thrilled to partner with NTT Com to help create transformative software for Japanese businesses in every industry,” said Box chief executive and founder Aaron Levie.

“This partnership will help more organizations to benefit from entirely new ways of working by elevating technology to enable secure collaboration and content management across geographical boundaries, while still meeting demands for robust control.”

Hidemune Sugawara, head of application & contents service, senior vice president of NTT Com, said: “By delivering added value based on NTT Com’s expertise in network security, we look forward to providing Box over VPN to a wide range of Japanese businesses. The partnership will enable Box to be combined with ID Federation1 and Salesforce over VPN2, both of which are provided by NTT Com, which will help to expand our file-collaboration businesses targeting large enterprises.”

Japan has one of the most mature cloud services markets in the Asia Pacific region, which as a whole is expected to generate about $7.4bn in 2015 according to Gartner.

Asia Pacific, Brendon Riley, Hacking, Network security, News & Analysis, Pacnet, telstra

Telstra’s recent buy Pacnet suffers IT security breach

Pacnet's IT network was hacked earlier this year

Pacnet’s IT network was hacked earlier this year

Telstra’s recently acquired datacentre and cloud specialist Pacnet suffered a security breach earlier this year whereby a third-party managed to get access to its IT network, the telco revealed this week.

Telstra was quick to point out that while the breach occurred on Pacnet’s IT network (which isn’t connected to Telstra’s) before its acquisition of Pacnet was finalised in April, it did do and has since done all it can to try and understand the reasons for the breach and its potential impact on customers.

The company has alerted customers, staff and regulators in the relevant jurisdictions.

Group executive of global enterprise services Brendon Riley said the investigation is ongoing, and that the company will apply its own tried and tested security technologies and techniques to Pacnet’s network.

“Our investigation found a third party had attained access to Pacnet’s corporate IT network, including email and other administrative systems, through a SQL vulnerability that enabled malicious software to be uploaded to the network,” Riley said.

“To protect against further activity we rectified the security vulnerabilities that allowed the unauthorised access. We have also put in place additional monitoring and incident response capabilities that we routinely apply to all of our networks.”

He said the firm is alerting customers of the potential impact of the breach, and hopes that the extra precautions the company has put in place will restore confidence in the firm.

The company has so far declined to comment on the scope or volume of data exposed to hackers.

Telstra seems keen to pre-empt any privacy-related regulatory challenges, something the company has had to deal with in recent years – which, it was eventually found, was due in part to its own negligence.

Last year for instance the firm was fined by the Australian Information Commissioner for making the personal details of almost 16,000 customers accessible via the internet between February 2012 and May 2013 after several spreadsheets containing customer data dating back to 2009 was found through Google Search.

Asia Pacific, Brendon Riley, Hacking, Network security, News & Analysis, Pacnet, telstra

Telstra’s recent buy Pacnet suffers IT security breach

Pacnet's IT network was hacked earlier this year

Pacnet’s IT network was hacked earlier this year

Telstra’s recently acquired datacentre and cloud specialist Pacnet suffered a security breach earlier this year whereby a third-party managed to get access to its IT network, the telco revealed this week.

Telstra was quick to point out that while the breach occurred on Pacnet’s IT network (which isn’t connected to Telstra’s) before its acquisition of Pacnet was finalised in April, it did do and has since done all it can to try and understand the reasons for the breach and its potential impact on customers.

The company has alerted customers, staff and regulators in the relevant jurisdictions.

Group executive of global enterprise services Brendon Riley said the investigation is ongoing, and that the company will apply its own tried and tested security technologies and techniques to Pacnet’s network.

“Our investigation found a third party had attained access to Pacnet’s corporate IT network, including email and other administrative systems, through a SQL vulnerability that enabled malicious software to be uploaded to the network,” Riley said.

“To protect against further activity we rectified the security vulnerabilities that allowed the unauthorised access. We have also put in place additional monitoring and incident response capabilities that we routinely apply to all of our networks.”

He said the firm is alerting customers of the potential impact of the breach, and hopes that the extra precautions the company has put in place will restore confidence in the firm.

The company has so far declined to comment on the scope or volume of data exposed to hackers.

Telstra seems keen to pre-empt any privacy-related regulatory challenges, something the company has had to deal with in recent years – which, it was eventually found, was due in part to its own negligence.

Last year for instance the firm was fined by the Australian Information Commissioner for making the personal details of almost 16,000 customers accessible via the internet between February 2012 and May 2013 after several spreadsheets containing customer data dating back to 2009 was found through Google Search.

Cloud & IT Management, Cyberoam, Denial-of-service attack, Guest Post, High Tech Security, Network security, Unified threat management

CyberOam Provides Critical Insight for Virtual Datacenter Administrators

Guest Post by Natalie Lehrer, a senior contributor for CloudWedge.

Organizations must provide reliable technical resources in order to keep a business running in an efficient manner. Network security is one of the chief concerns of all companies regardless of size. Although corporations are often pressed to earn profits, the need to protect all company related data at any cost should be a top priority.

Virtual datacenters can be susceptible to a variety of threats including hyperjacking, DoS attacks and more. The importance of keeping up to date on the latest server patches, security bulletins and being aware of the latest malware threats is more important than ever. Therefore, it is critical that all incoming network traffic is properly scanned in search of viruses and malicious code that could possibly corrupt or cause the malfunction of the virtual datacenter.

What is the Solution?

Network appliances such as Cyberoam can act as a unified threat management suite. In addition, Cyberoam scans as all incoming and outgoing traffic while producing detailed reports for system administrators. These granular reports list all virtual datacenter activity while providing logs that give forensic computer scientists direction on where to focus their investigations. Since any activities performed on virtual servers can be retained using Cyberoam, the audit process can provide a clear trail which will lead you to the culprit incase of a data breach. Cyberoam is not a reactive solution. Cyberoam proactively scans all incoming and outgoing data incase viruses and other harmful programs try to compromise and corrupt your entire virtual datacenter.

Security intricacies include intrusion protection services, specialized auditing applications and robust firewall features. Firewalls play an important role in keeping all harmful material from compromising virtual servers. Firewalls essentially block intruders while simultaneously allowing legitimate TCP or UDP packets to enter your system. Cyberoam allows administrators the ability to easily construct firewall rules that keep internal data safe and secure.

When you setup your virtual datacenter, it is important to utilize all of the features at your disposal. Sometimes the most obscure features are the most valuable. The best way to keep your virtual datacenter is safe is be on top of the latest knowledge. There have been reports that many IT professionals find themselves intimidated by new technology simply have not taken the initiative to learn all about the latest datacenter hardware and software available to them today. If you are trying to stay one step ahead of the game, your best bet is to learn all about the tools on the market and make your decision accordingly. Be sure to scrutinize any appliance you decide to utilize inside of your datacenter before adding it into your arsenal of IT weaponry.

Headshot

Natalie Lehrer is a senior contributor for CloudWedge.

In her spare time, Natalie enjoys exploring all things cloud and is a music enthusiast.

Follow Natalie’s daily posts on Twitter: @Cloudwedge, or on Facebook.

Malware, Mandiant, Network security, Palo Alto Networks, Partnerships, WildFire

Mandian, Palo Alto Networks Partner for Malware Security

Mandiant has announced that it will team with Palo Alto Networks, a network security company, to integrate Palo Alto Networks’  firewalls and its WildFire malware prevention subscription with Mandiant’s recently announced product, Mandiant for Security Operation. Both companies will be presenting their solutions as participants at the RSA Conference 2013 in San Francisco from February 25th to 28th.

The joint solution from Palo Alto Networks and Mandiant provides a holistic approach to thwart advanced attackers by integrating malware detection and prevention capabilities on the network with the ability to resolve security incidents on endpoints. With this integration, Mandiant for Security Operations will automatically generate Indicators of Compromise (IOC) based on malware alerts generated by the Palo Alto Networks platform and identify which endpoints have been compromised. WildFire modern malware prevention service uses the inherent advantages of Palo Alto Networks next-generation firewalls to find new types of malware that have never been seen before across all applications – not just Web and email. To date, WildFire has discovered more than 70,000 new malware files that had not been identified by existing anti-malware solutions.

“Our mutual customers view this joint solution as a significant advantage to creating actionable insights to assess risk, prevent threats, and improve security,” said Chad Kinzelberg, senior vice president of business and corporate development, Palo Alto Networks. “We are also confident that this strategic partnership will continue to lead our industry in security intelligence for enterprise organizations.”

Mandiant for Security Operations is an appliance-based solution that utilizes a lightweight agent deployed on endpoints to enable security teams to confidently detect, analyze and resolve security incidents in a fraction of the time it takes using conventional approaches.

Palo Alto Networks offers a subscription service for WildFire, the company’s cloud-based modern malware prevention service. The WildFire service gives subscribers one-hour response times for the delivery of modern malware signatures, and integrated, on-box logging and reporting. The enhanced response time ensures that the damage caused by attackers using “zero-day” malware is mitigated for Palo Alto Networks customers.

“The tactics of targeted attackers and well-funded adversaries are constantly evolving,” said Mandiant’s Chief Technology Officer, Dave Merkel. “With the integration of the WildFire subscription malware detection service and Mandiant for Security Operations, security professionals will now be able to respond to threats faster and automatically investigate alerts from WildFire so they can confirm and resolve targeted attacks as they are unfolding.”

Conventional PCI, Intellectual Property, nCircle PureCloud, Network security, Patent, PureCloud

nCircle Gets Additional Patent for Their Security Services

nCircle today announced the award of its second PureCloud patent by the U.S. Patent and Trademark Office. nCircle’s intellectual property portfolio now includes 11 patents. nCircle’s patents cover a wide range of security innovations and represent the company’s significant, ongoing investment in security technology research and innovation.

nCircle PureCloud is a cloud-based security services platform that requires no hardware or software to be installed or managed. nCircle PureCloud dramatically reduces the cost and complexity of a wide range of security services — including vulnerability scanning, PCI scanning and web application scanning — making these practices easily accessible to small and medium businesses.

“Attackers are targeting smaller businesses that typically have fewer security resources than larger companies,” said Tim ‘TK’ Keanini, chief research officer for nCircle. “The breakthrough technology in nCircle PureCloud helps level the playing field by making enterprise class security tools accessible to all businesses, regardless of size.”

Authentication, Network security, Secure channel, Swivel, Swivel Secure

Swivel Secure Launches University Licensing in UK, North America

Tokenless authentication provider Swivel Secure today announced the launch of its university licensing scheme, which enables universities in both the UK and North America to secure their network infrastructures at a fraction of the typical costs, regardless of whether their data is stored in the cloud or on a virtual private network.

Under the terms of the scheme, Swivel Secure channel partners are able to offer free licences for Swivel’s tokenless authentication platform to a university’s student population, when full licences are purchased for staff members. The scheme enables budget conscious universities to add an additional level of security to their network infrastructure without the need for extensive additional investment.

In both markets, data and network security is a growing concern amongst university IT administrators. Compliance with strict data protection regulations, together with increasing demands from students to access the campus network from a range of different devices and applications, is creating a complex environment that is putting pressure on existing access controls. Additionally, many campuses are also looking to realise the cost savings offered by migrating to a cloud-based infrastructure, which raises fresh concerns about authenticating off-premise users of the campus network.

“Cloud is already an attractive cost saving option for universities and Microsoft’s recent offer of free university licences for Office 365 will undoubtedly encourage more campuses to adopt the model,” comments Chris Russell, VP Engineering at Swivel Secure. “But universities should tread carefully. The ubiquitous reuse of username and password combinations is a real threat to cloud security. Often, all a hacker needs to do is to obtain and reuse a student’s login details for, say, Facebook, in order to gain unauthorised access to the campus network.

“Universities need to be implementing an authentication solution that requires an additional piece of information so if a user’s password is compromised the network remains protected. Our new licensing scheme enables universities to secure their VPN or cloud-based infrastructures in this manner using the only tokenless authentication platform approved for the Microsoft Office 365 environment. Providing free licences to all students should put the technology within reach of most, if not all universities, even those working hard to contain additional costs.”

The Swivel authentication platform was first launched in 2003. It is now used by local government, the NHS, major global enterprises and hundreds of smaller businesses, in over 35 countries, to remotely access their business networks, virtual desktops and cloud-based applications. Offering the widest range of user deployment options according to Gartner, the Swivel authentication platform offers the choice of mobile apps, SMS and interactive voice response channels when full two-factor authentication is mandatory.