Archivo de la etiqueta: security

News, Services

Telstra and Cisco Unveil New Products

Telstra and Cisco have recently announced three new software-designed networking (SDN) and network function virtualization (NFV) products that aim to improve both cloud security and global data center interconnection. These products come in addition to Telstra’s two additional functions for its SDN PEN platform, announced in January.

Cloud Gateway Protection: This product was the first of the three made available in beta. It is a virtual security application that aims to secure cloud services and  internet access, as well as Next IP networks against cyber-attacks.

Internet Virtual Private Network (VPN): This product will provide both a secure and encrypted office network over public internet. This can be used by businesses across several sites. The launch is expected to occur later in March.

Data Center Interconnect: This product will extend Telstra’s SDN PEN1 global data center interconnection. Australian data centers will be added. Customers may configure links between domestic and foreign data centers.

These products aim to revolutionize the cloud. The three new products will be connected by Telstra’s self service portal. The two companies have a long standing partnership and this combined effort utilizes both companies’ assets.

The additional features Telstra added in January allow customers to call upon network functions and make digital partnerships.

PEN Exchange: This function allows customers to connect their network services with other customers’.

Improvements to PEN Marketplace: This function improved the marketplace; businesses may order NFV equipment from various vendors.

In addition to the strong partnership between Telstra and Cisco, Telstra has also formed a strong connection with HP and other businesses, allowing Telstra to further its BFV strategies and other programs.

Telstra-2

Comments

Philip Jones, Telstra executive director of Global Products and Solutions: “By allowing us to overcome the constraints of traditional network infrastructure, the software-driven customer experiences dramatically increases our agility by enabling us to quickly create new solutions, and puts the control of those solutions into the hands of our customers.”

Kelly Ahuja, Cisco senior vice president of Service Provider Business, Products, and Solutions: “By combining Cisco’s agile and flexible software platform with Telstra’s customer-focused and customer-friendly range of products, we send a powerful message to the industry and a provide a clear example of how to develop and design the network services of tomorrow.”

David Robertson, Telstra Operations director of Transport and Routing Engineering for Networks, said at the time: “Partnering with multiple vendors helps us to deliver impactful virtualization and orchestration capabilities within a flexible architectural framework. As service providers look to build seamless application delivery networks, vendors that have qualified their technologies with the industry’s standardization groups are seen as more attractive to customers.”

The post Telstra and Cisco Unveil New Products appeared first on Cloud News Daily.

BT, Networks, News & Analysis, Palo Alto

BT beefs up Cloud of Clouds security with Palo Alto Wildfire

Security concept with padlock icon on digital screenBT is to install a cloud-based breach prevention security system from Palo Alto Networks (PAN) into its global Cloud of Clouds, writes Telecoms.com.

Under the terms of a new BT-PAN agreement, BT’s existing Assure Managed Firewall service will now include PAN’s cloud-based WildFire malware prevention system, described as a ‘key component’ of the security specialist’s Next-Generation Security Platform. In a statement, BT said the installation is part of a long term plan to roll out stronger protection for its cloud-based applications as it aims to encourage enterprise customers to benefit from its Cloud of Clouds.

Though enterprises are keen to embark on a digital transformation, security concerns continue to hold them back, according to Mark Hughes, CEO of BT Security. The most obviously profitable use cases for cloud computing, such as big-data analytics and access to more cloud based applications, are the very attractions that cyber criminals are most likely to target. In the rush to provide greater levels of security telcos and cloud service providers face an investment protection challenge, Hughes said.

While enterprise customers need to access these applications quickly and securely, they must also find future-proof tools that can go with the cloud and won’t have to be expensively replaced in a few years time. “Enterprises need security that can protect them against targeted and increasingly sophisticated cyber-attacks. They need a tougher lining around their cloud services,” said Hughes.

Palo Alto Networks will provide intelligent security monitoring and management services to the BT Assure portfolio of security services. The Palo Alto Networks Next-Generation Security Platform includes a Next-Generation Firewall, Advanced Endpoint Protection and a Threat Intelligence Cloud.

BT recently won two new cloud service contracts with the European Commission worth £24 million, bringing its total of EC contract wins to four in 12 months, BCN reported in January. With data security an increasingly sensitive issue with the EC (as reported in BCN), BT has taken on a challenging brief to provide public and private cloud services across 52 major European institutions, agencies and bodies.

News, Services

Microsoft Improves Cloud Security

Microsoft has recently announced its huge developments in the cloud security sector that will allegedly improve the security of online companies. Microsoft plans to unveil more at the RSA Conference, taking place from February 29th to March 4th in San Francisco. These new developments include Customer Lockbox, Microsoft Cloud App Security, Azure Active Directory Identity Protection, and Microsoft Operations Management Suite.

Customer Lockbox: Lockbox helps Microsoft engineers achieve more transparency when they require access to Office 365 accounts to aid in troubleshooting. Lockbox aims to make the customer approval process more efficient. Lockbox is already available to those using Exchange Online.

Microsoft Cloud App Security: This application provides both security and control over data stored in app clouds, including SalesForce and Office 365. This application comes after the addition of security broker Adallom to the cloud giant. Office 365 was also upgraded in conjunction with Microsoft Cloud App Security: users will be made aware of suspicious activity. Uses will also have the choice of approving third party services.

Azure Active Directory Identity Protection: Microsoft has yet to unveil much about thus application, but it is expected that it will provide threat detection. It will utilize Microsoft’s data to investigate threats such as authentications from unfamiliar locations.

Azure

Microsoft Operations Management Suite: Some improvements were made to the Microsoft Operations Management Suite; users will receive information pertaining to malware detections, network activity, and system updates.

 

Comments:

Bret Arsenault, Microsoft’s chief information security officer: “Keeping our network safe, while protecting our data and our customers’ data, is paramount. As Chief Information Security Officer at Microsoft, I am constantly looking for ways to improve our security posture, through new technologies that accelerate our ability to protect, detect and respond to cyber incidents… After years of examining crash dumps that our customers opted to send to Microsoft from more than a billion PCs worldwide, Microsoft has developed the capability to analyze this data to effectively detect compromised systems because crashes are often the result of failed exploitation attempts and brittle malware.”

 

Sarah Fender, principal program manager of Microsoft Azure Cybersecurity: “After years of examining crash dumps that customers sent to Microsoft from more than 1 billion PCs worldwide, we are able to analyze these events to detect when a crash is the result of a failed exploitation attempt or brittle malware. Azure Security Center automatically collects crash events from Azure virtual machines, analyzes the data, and alerts you when a VM is likely compromised…Starting next week, in addition to configuring a Security Policy at the subscription level, you can also configure a Security Policy for a Resource Group—enabling you to tailor the policy based on the security needs of a specific workload. Azure Security Center continually monitors your resources according to the policy you set, and alerts you if a configuration drifts or appropriate controls are not in place.”

The post Microsoft Improves Cloud Security appeared first on Cloud News Daily.

News & Analysis, Ponemon, Thales

Most data in the cloud is exposed says Thales/Ponemon study

Cloud securityA new study into encryption and key management suggests that nearly of all the companies in the world are planning to make a potentially fatal security mistake.

If the new global study is an accurate gauge of global trends, 84% of companies across the world are about to commit sensitive data to the cloud by 2018. However, only 37% of the same survey sample has an encryption plan or strategy.

With consultant PwC recently declaring that cloud computing is attracting the attention of the world’s cyber criminals and attracting a mini-boom in hacking attacks, the lack of data encryption could prove fatally negligent.

The Global Encryption Trends report, commissioned by Thales Security and conducted by IT security think-tank Ponemon, revealed that though the use of encryption is increasing, the security industry isn’t keeping pace with its criminal opponents. In the study Ponemon interviewed 5,009 individuals across multiple industry sectors in 11 of the world’s top economies, including the US, the UK, Germany, France, Brazil and Japan. If that survey is an accurate reflection of the global state of security of the cloud, there are some worrying trends, according to Thales.

While use of encryption is on the up, with nearly three times more organisations classifying themselves as extensive users in comparison with years ago, there is ‘still some way to go’, according to Thales. In 2005 a Thales study found that 16% of its global survey sample used encryption. By 2015 the proportion of encryption users had risen to 41%, of those surveyed. That still means that a minority of companies around the world are using a baseline level of cyber security, according to John Grimm, Senior Director at Thales e-Security. To make matters worse, in that time the cyber crime industry will have been far more agile and fast moving.

Other findings were that 40% of cloud data at rest is unprotected and 57% of companies don’t even know where their sensitive data resides. Sensitive data discovery ranked as the top challenge to planning and executing an encryption strategy, according to researchers.

Support for both cloud and on-premise deployment was rated the most important encryption solution and 58% of companies said they leave their cloud provider to be responsible for protecting sensitive data transferred in the cloud.

Dell, News & Analysis

Dell launches new backup and recovery services that straddle the cloud and the client

Dell office logoDell has announced a programme of new data protection initiatives to protect systems, apps and data that straddle private premise computers and the cloud.

There are four main strands to the new offerings: Dell Data Protection and Rapid Recovery, three new data deduplication appliances models, Dell Data Protection and Endpoint Recovery and a new Dell Data Protection and NetVault Backup offering.

The Dell Data Protection and Rapid Recovery system integrates with previous Dell offering such as AppAssure in order to help eliminate downtime for customer environments. Dell claims that users get ‘ZeroImpact’ recovery of systems, applications and data across physical, virtual and cloud environments. The Rapid Snap for Applications technology works by taking snapshots of entire physical or virtual environments every five minutes so users can get immediate access to data in the event of an incident. Rapid Snap for Virtual technology also offers agentless protection of VMware virtual machines.

The new Dell DR deduplication appliances are named as the Dell DR4300e, DR4300 and DR6300. The mid-market DR4300 offers up to 108TB of usable capacity while ingesting up to 23TB of data per hour. The entry-level DR4300e is a smaller scale, low-cost appliance that can scale up to 27TB. The DR63000 is a larger midmarket and small enterprise solution that delivers up to 360TB of usable capacity while ingesting up to 29TB of data per hour.

Dell Data Protection and Endpoint Recovery is a light-weight, easy-to-use software offering that gives customers endpoint protection and recovery solution for Windows clients. This is an offering for single users and starts off being free.

The Dell NetVault Backup is a cross-platform, enterprise backup and recovery solution that offers a spectrum of operating systems, applications and backup target support. A new option is to allow customers to break up backups into smaller, simultaneously executed chunks to increase performance.

Cato Networks, Network Security as a Service, News & Analysis

Start up Cato Networks claims Network Security as a Service first

CybersecurityCheck Point founder Schlomo Kramer is launching a new cloud security firm with former Imperva colleague Gur Shatz as demand for traditional on premise firewall security diminishes. Cato Networks will offer a new cloud security concept that’s been dubbed Network Security as a Service (NSaaS).

The Cato Cloud has two complementary layers. One, the Cato Cloud Network, is based on a global, geographically distributed network of points of presence (PoPs). The second, Cato Security Services, is a suite of network security (such as firewalls, VPNs, URL filtering) delivered through the cloud as an integrated managed service.

Cato Networks’ software creates an encrypted network out of all the disparate elements of the connected enterprise, such as branch offices, remote locations, data centres and mobile users. The last two groups in that list have changed the model of security, according to Kramer, since the liquidity of the network has been exacerbated by the virtual nature of systems residing in data centres and the increasing prominence of mobile users. With new virtual machines being spun up in their thousands and mobile workers multiplying in both numbers and computing capacity, firewalls are not the right solution to this moveable vulnerability problem, according to Kramer.

The Internet of Things will only exacerbate security problems, according to a Cato Networks statement. Research commissioned by Cato showed that maintenance, costs and the complexity of managing policies for multiple locations is too challenging for up to 57% of security professionals.

Companies that use a variety of cloud services can tie their hybrid clouds into a secure network and forget about having to maintain firewalls or invest in expensive network security, according to Cato.

Cato would allow retail chains, which typically have hundreds of locations each with a multiplicity of devices, to securely connect directly to the cloud for Internet access.

Cato raised $20 million in financing led by Aspect Ventures and will launch its new cloud security offering around September 2016 with co-founder Kramer investing $4 million of his own money.

Black Duck, Box, IBM, News & Analysis, Open Source

Box, IBM and Black Duck announce security offerings amid open source vulnerabilities

Security concept with padlock icon on digital screenTwo more services have been launched with the aim of shoring up the security of the cloud, as its popularity sees it becoming increasingly targeted for attack.

File sharing company Box has launched a customer-managed encryption service, KeySafe, in a bid to give clients more control over their encryption keys without sacrificing the ease of use and collaboration features of Box. Meanwhile UK-based open source security vendor Black Duck has been recognised under IBM PartnerWorld’s ‘Ready for IBM Security Intelligence’ designation.

Box’s KeySafe aims to centralise sensitive content in the cloud, and promises new levels of productivity and faster business processes. Box Enterprise Key Management (EKM) uses Amazon Web Services (AWS) and a dedicated hardware storage module (HSM) to protect keys used to encrypt sensitive data. Box also has a service that integrates with AWS Key Management Service so customers can control their encryption keys. The service is intended to be simple and uses a software-based technology that doesn’t need dedicated HSMs.

Box says it can never access a customer’s encryption keys, which the customer owns. The main selling points of KeySafe, in addition to this independent key control, are unchangeable usage policies and audit logs and a ‘frictionless end user experience’ with simple data. Pricing is to be based on size.

In another security announcement, Black Duck’s new offering through IBM follows a research finding that 95% of mission critical apps now contain open source components, with 98% of companies using open source software they don’t know about. With 4,000 new open source vulnerabilities reported every year, Black Duck claims that cloud computing is creating greater vulnerabilities.

IBM has announced that Black Duck Hub has been validated to integrate with IBM Security AppScan in order to identify and manage application security risks in custom-developed and open source code. The hub now provides a clarified view within IBM Security AppScan which will help spot problems quicker. Black Duck Hub identifies and logs the open source in applications and containers and maps any known security vulnerabilities by comparing the inventory against data from the National Vulnerability Database (NVD) and VulnDB.

“It’s not uncommon for open source software to make up 50 per cent of a large organisation’s code base. By integrating Black Duck Hub with AppScan, IBM customers will gain visibility into and control of the open source they’re using,” said Black Duck CEO Louis Shipley.

Check Point, Infrastructure as a Service, News & Analysis, Platform as a service, Skyhigh, Software as a service

Skyhigh, Check Point claim cloud security simplification

Cloud securityCloud access security broker Skyhigh Networks and security vendor Check Point claim they’ve jointly made security, compliance and governance policies for cloud services a lot easier to manage.

The initial launch of their combined service is aimed at regulating software, platform and infrastructure (SaaS, PaaS and IaaS) as a service offerings.

The integration of their security offerings means that mutual customers can use Skyhigh’s cloud access security broker (CASB) and Check Point’s firewall more effectively while taking less time to set up and enforce internal policies. The idea is to alleviate the work of enterprise security managers as they try to comply with external regulations and protect corporate data.

Meanwhile Skyhigh is offering a free cloud audit as it claims that an all time high adoption of cloud has not been matched by cloud security standards. According to the Q4 2015 Skyhigh Cloud Adoption and Risk Report, the average company uses 1,154 cloud services and uploads over 5.6 TB to file sharing services each month. However, this vast migration of data to the cloud is creating a security gulf, it claims, because the rush to cut costs has seen companies lose visibility and control over their IT estate.

The combined Skyhigh Check Point service promises to shed more light on the state of the network, enforce data loss prevention (DLP) policies, protect company data, consolidate usage of cloud services, identify any risky data uploads or downloads from questionable service providers and protect against data exfiltration attempts. By applying threat intelligence to analyse cloud traffic patterns, detecting anomalous behaviour and remediating against users or cloud services the two partners claim they can restore the levels of security enterprises need, by making it easier to implement.

“Companies want to embrace cloud services, but they can’t leave behind security controls as corporate data moves off-premises,” said Chris Cesio, business development VP at Skyhigh Networks.

antivirus, Parallels Desktop, Parallels Desktop for Mac, Parallels Desktop security, virus, Windows on mac, Windows viruses

The Security Features in Parallels Desktop

Everyone cares and worries about the security of their computer nowadays—from the individual home user with a single Mac, to the IT Admin who has a whole department (or an entire company) full of Macs and PCs to worry about. In this post, I will show you in some detail the features of Parallels Desktop […]

The post The Security Features in Parallels Desktop appeared first on Parallels Blog.

Parallels RAS, Parallels Remote Application Server, RAS, Remote Application Server, Security Software, Security Tips, two-factor authentication

Here’s Everything You Should Know About Two-Factor Authentication

One of the notable aspects of virtualization is the presence of heterogeneous networks with diversified devices, platforms, and OSes. Desktops and laptops have been accompanied by and sometimes replaced with tablets and smartphones. In addition, a variety of devices such as Chromebooks, Raspberry Pi, and wearables came into the network. The Internet of Things has […]

The post Here’s Everything You Should Know About Two-Factor Authentication appeared first on Parallels Blog.