Adviacent - Disaster Recovery Services

In-depth protection by Internet Security 2007

F-Secure Internet Security 2007 offers persistent in-depth protection against new, unknown threats

Oct 9, 2006

From this October, consumers will enjoy advanced protection against new, unknown threats with F-Secure Internet Security 2007. Building on F-Secure’s fast response to new threats, the new product now features a number of remarkable new and enhanced features to further strengthen its leadership in reliability of protection in the data security market. The new features make it easier for customers to take care of the wellness of their PC’s, and to protect their families and their most valuable digital assets.

The risk of previously unknown zero-day threats being able to do damage is greatly reduced through the new F-Secure DeepGuardTM technology. Instead of just analyzing new programs once when they enter the system, F-Secure DeepGuardTM also will persistently monitor the behaviour of software in a real-time mode, scanning for suspicious program behaviour and stopping activities that might pose a risk. Competing one-time-only solutions cannot offer the same level of protection as it is possible for malicious code-writers to obfuscate, encrypt or pack the code in ways that prevent the one-time solutions from detecting it – and once the file has passed it will be free to do anything it wants.

Unlike most competing proactive detection technologies, F-Secure DeepGuardTM uses advanced real-time heuristics and works quietly in the background. It uniquely combines several proactive technologies together, bringing an unprecedented level of protection against any previously unknown threats. More detailed information about the F-Secure DeepGuardTM technology is available at http://www.f-secure.com/deepguard

In recognition of the increasing threat of spyware, F-Secure has improved its detection rates and removal capabilities by adding another spyware engine solution to F-Secure Internet Security 2007. The integration has been enhanced to include target scanning, in addition to real-time scanning and manual system scans.

F-Secure Internet Security continues to offer proactive protection for content sensitive family members thanks to the improved parental control application. Access to the Internet can be limited according to individually configurable content based predefinitions. F-Secure Internet Security 2007 now has three different Parental Control Profiles: Child (White listed sites only), Teenager (Content Based Filtering) and Parent (Full Access). Anything falling outside of the parameters set by these profiles is automatically blocked. As before, parents can also exercise their discretion over the time used by their children on the Internet using the Time Lock feature.

Web traffic is a typical entry port for malware. Most recently, malware concealed in website images have been shown to exploit vulnerabilities in Microsoft applications. Web traffic can now be scanned for viruses and the harmful content blocked from reaching the user system already at protocol level with the new web scanning feature in F-Secure Internet Security 2007.

Furthermore the solution includes a number of additional security features and improvements:

  • Unprecedented protection against rootkit malware with F-Secure BlackLightä technology
  • Improved spam detection and performance thanks to an upgraded engine version
  • Anti-phishing for emails
  • Minimized usage of network bandwidth through improved database update mechanisms
  • Improved solution and system performance through reduced use of system resources
  • Smoother installation experience through added guidance for users when installing for the first time.

F-Secure Internet Security 2007 (IS2007) is already available from F-Secure’s e-store and will be available in shops from October 23rd. All customers with a valid F-Secure Internet Security 2006 service subscription will get the upgraded IS2007 for free. Microsoft Vista support, for both 32bit and 64bit, will also be offered for free to IS2007 customers at the end of Q1 (pending the actual release date of Vista). The new advanced features of F-Secure Internet Security 2007 will also be available for F-Secure’s corporate solutions at the beginning of next year.

Speaking about the new product, Ari Alakiuttu, Vice President of Product Marketing said: “Consumers have a right to data security products that offer them protection at every possible level of interaction with the online world. We believe at F-Secure that the latest version of F-Secure Internet Security 2007 incorporates world class features and will set the standard for all other data security products serving the home and small office segment.”

Sophos To Expand Into The China Internet Security Market

Sophos To Expand Into The China Internet Security Market

British anti-virus software firm Sophos intends to expand into the mainland Internet security market next year. Charles Cousins, managing director at Sophos Asia, said the company hoped to fulfil all regulatory requirements for its products in China over the next few months so that it could start operations.

“We expect the partnerships we have made in Hong Kong and Taiwan will also help us penetrate the mainland software market,” he said. “We have already generated much interest from potential distributors and partners in the mainland.” The privately run company has no Chinese-language interface for its anti-virus software products. Despite that disadvantage, Mr Cousins said Sophos saw its Taiwanese technology partners HGiga, Box-Solution Corp and Softnext Technologies as helping its expansion.

“Those companies are now bundling Sophos’ anti-virus engine as part of their own security software and Internet security appliances, allowing them to market ready-to-use corporate solutions capable of combatting virus attacks immediately,” he said. “These enterprise solutions are targeted at various sectors, including financial services, government and manufacturing.”

In Hong Kong, Sophos resellers included Yui Kee Computing and Linux Center (HK).

Sophos, which began to beef up its Asia-Pacific business only late last year, faces strong competition in the mainland, where top anti-virus software brands such as Symantec, Trend Micro, McAfee and Computer Associates have been used since the late 90s.

Industry estimates show Chinese companies account for 32% of software sales in the mainland. The remainder is covered by foreign companies. “Our entry into the mainland market would come at a time when companies throughout China require more responsive anti-virus solutions to combat an increasing amount of computer-related attacks,” Mr Cousins said.

Deregulation in the mainland under the World Trade Organisation was a doubled -edged sword that would push further economic growth as well as unveil possible new security threats.Efforts to network enterprise storage resources, for example, might prove to be troublesome if the archived data to be shared by a large enterprise’s offices across the mainland and overseas remained infected.

Mr Cousins said Sophos’ anti-virus technology provided true cross-platform protection in a single, fully integrated product. The network-centric design offered a single point of installation, updating and policy control in an enterprise, including across multiple locations, and across combinations of servers, workstations and notebook computers. The number of computer viruses that Sophos detects and protects companies from totals 75,281.

Mr Cousins said Sophos’ worldwide growth was reflected in a user base of more than 10 million. Sophos products are sold and supported in more than 150 countries through a network of subsidiaries and partners. More than 60 per cent of the company’s worldwide turnover comes from outside Britain.

Other offerings include e-mail scanner MailMonitor, administration tool Enterprise Manager and SAVI (Sophos Anti-Virus Interface), which allows companies to integrate the company’s technologies into their own Internet security products.

Anti-virus experts based at high-security laboratories in Britain and Australia carried out 24-hour threat analysis to ensure rapid response to any new virus incident anywhere in the world, Mr Cousins said.

Internet Security

Internet Security Software

The worldwide market for Internet security software added almost $1 billion to its coffers and reached $138 billion in 2005, according to a report by International Data Corp. (IDC).

IDC’s report “Internet Security Software: 2006 Worldwide Markets and Trends” found a 43 percent increase in the Internet security software market from 2004 to 2005. In 2007, the report says, the market will jump another 40 percent to $184 billion.

Trend Micro and Symantec currently have a stronghold on the Internet security software market, together accounting for one-third of its revenues, with 17.1 percent and 16.5 percent market shares, respectively. The next closest competitor, according to IDC, was Mcaffe, which had less than half the revenues of each of the two leaders.
In 2006, the largest regional market for Internet security software was the US, representing 54 percent of the market. Western Europe presents the next largest opportunity, with 28 percent market share in 2006.

By 2007, IDC expects the Internet security market to have more than double its 2005 value. As per image attached to the article.

“As the concept of large business units is reaching saturation, vendors of security services must provide options that combine various functionalities at attractive prices to achieve growth in these markets,” states the analyst. “Under security management, end users demand functionalities such as correlation and analysis of security-related data from different solutions on a single platform.”

The VPN and firewall markets are rapidly merging into a single market, and hardware-based solutions are beginning to dominate some portions of the market. Firewalls implement basic network security. Firewalls enforce security restrictions and prevent inappropriate access to internal networks. They work by analyzing each network access request. Requests are compared to a list or database of approved source IP addresses and other parameters.
The primary function of firewalls is to manage security for transactions over an internal enterprise network and to support transactions over the Web. The distributed network systems depend on transaction servers that provide failover, load balancing, clustering, and advanced mission critical systems capability.

Firewalls offer a complete security platform for Web and wireless e-commerce applications. Firewalls include support for Web servers, enterprise servers, Internet security, database access, and distributed transaction management servers.

Worldwide firewall, VPN, and routers with integrated security shipment forecast analysis indicates that markets at $3.1 billion in 2003 are expected to reach $18.6 billion by 2009.

report regarding the aspects Global Market related to IT product and Services is broader in scope and examines all aspects of an IT Security Products & Services environment. It provides information about Technology, competitors, market structure, IT Budget trends, technological advances, and numerous other factors that make up IT Security Products & Services environment in global sector.

Security solutions

Individual point security solutions vs unified threat management system

The minimum requirement for a unified threat management system (UTM), is a firewall, VPN, antivirus and intrusion detection/prevention. UTMs have, however, evolved from this to incorporate additional capabilities which can include URL filtering, spam blocking and spyware protection, as well as centralised management, monitoring, and logging capabilities.

UTMs have been growing in popularity for the last few years and many people are now wondering whether individual point security solutions or a UTM, which incorporates several solutions, is the best answer.

The solutions provided by two major suppliers give an idea of what’s on offer. WatchGuard’s SOHO Edge series of UTMs, for example, combines stateful firewall, VPN, zero day protection, anti-virus, anti-spyware, anti-spam, intrusion prevention, and URL filtering.

Check Point’s UTM-1 appliance for the mid-market is very comprehensive providing a firewall, intrusion prevention, anti-virus, anti-spyware, VoIP security, web application firewall, instant messaging (IM) and peer-to-peer (P2P) blocking, and web filtering.

UTMs were designed to provide a range of security solutions in a single appliance, reducing costs and simplifying the whole process of security systems management and installation.

While the widest deployment of UTMs has been in SMEs, larger companies are also using them, as they too have begun to appreciate the benefits of less expenditure and easier centralised administration. Large companies are typically using UTMs to centrally secure branch and remote offices; or alongside their existing gateway firewall for the additional UTM functionality.

Cost is a key issue in the growth of UTMs, with common thought being that a UTM device can cost less than a quarter of the price of equivalent point solutions. UTMs’ significant cost savings come from lower pricing than buying and implementing the components separately, simplified and reduced installation, plus fewer ongoing management costs such as training, maintenance and upgrades. And of course, UTMs have only one dedicated platform to support.

Management is an important issue. For smaller companies with limited or no specialised knowledge of IT security, UTMs provide an easy way to manage the growing number of security threats.

Larger organisations using point solutions are often unable to scale the solutions to the number of sites they have, because of cost, installation, management and ongoing support issues. This can lead to organisations deploying reduced security and inferior policies at remote locations. UTMs can enable them to overcome these problems.

A stated disadvantage of UTMs is that they have a single point of failure with all security systems potentially down at the same time. This is typically dealt with by using high availability.

For any company looking at UTMs, it is essential to define requirements and thoroughly research the market, but going for an established name with a proven record in firewall security is a good way of establishing a shortlist. Bear in mind that there is no legal definition of a UTM and that there are significant variations between UTM appliances, both at the top and bottom of the market. The variations are on price, functionality, performance, scalability and most importantly security.

If you’re buying a UTM appliance you’ll typically be looking for three or more years’ life out of the device, so you’ll need considerable room for growth or an appliance that is licence upgradeable for both performance and function. Companies such as WatchGuard, Check Point and Nortel provide this kind of product. You’ll also need a firewall that has deep packet inspection as a minimum, not just stateful inspection.

Other key factors to consider with UTMs are future proofing and performance issues. Some UTMs have the ability to start out with just the functions required and then add additional functions, as the need arises.

Performance is another key element. Many UTMs aren’t designed for all the functions to work together, so performance can rapidly decline when all functions are switched on. This is often not apparent from the throughput statistics as the majority of published performance statistics are with most of the functions switched off!

In addition, as loads continue to rise over time (who’d have thought only two years ago that 10MB attachments can be fairly commonplace today) any purchase needs to either have significant additional capacity, or the ability to upgrade the box in the rack (i.e. licence upgradeability)

As different threats continue to emerge, UTM vendors are likely to add increased functionality to their products. As they do, it’s likely that more companies will want to use UTMs to simplify the process of securing themselves against the growing number and diversity of security challenges.

Unified threat managemen

Unified threat management: What is it and why should you care?

The security channel is wonderful about getting on board with technologies that customers really need. Why? Because when you live on gross margin, you get no dog yummies for jumping on technologies without mass-market relevance. If you don’t sell anything, you don’t get paid. That’s clear enough, no?

So many VARs have been tracking the adoption of unified threat management (UTM) gear and trying to figure out the right time to throw down. This has become increasingly difficult to determine because, as with pretty much every other security technology, the term UTM means something different to everyone.

Vendors have definitions that sound remarkably like whatever product they “used” to sell — like firewalls and/or IPS gear. Nearly every vendor says they do UTM now. Users are similarly interested in that they figure they’ve found a new way to save some money, so they’re likely to want to throw everything, including the kitchen sink, into the mix.

So what’s a reseller to do? I’m always a fan of taking a step back and examining the user need. Then you can get into specific architectures, decision criteria and ultimately who you want to do business with. But never put the cart in front of the horse. Remember, no demand — no gross margin — no paycheck.

The good news is that there is a real need for UTM technology, especially in the mid-market. Mid-sized enterprises have been fed a constant diet of increasingly narrow security technologies to solve terrifyingly narrow problems. They are now rebelling. They don’t want another box to solve another problem. They want leverage. They want simplicity. They want integrated management capabilities. And they want it now.

Many customers are willing to replace their existing gear because the ROI of a new box is pretty clear when compared to maintenance renewals and 24/7 support contracts on five or six disparate security products.

So this begs the question, what’s in a UTM product? That depends on who you ask, but basically you’ll see the following components:

  • Firewall/VPN (SSL and IPSec)
  • IDS/IPS
  • Gateway antivirus and antispyware
  • Antispam
  • Web filtering/Content filtering

Vendors may also increasingly add Web application firewall capabilities as that market matures. So basically UTM is one box to replace all of the mayhem currently sitting in the customer’s DMZ.

To be clear, there isn’t a lot of differentiation between the products. According to the data sheets, a UTM is a UTM is a UTM. So when you’re trying to decide which vendor to pick, your decision will come down to a few key issues:

  • Scalability — Do you cater to the SMB or enterprise? For the most part, scalability isn’t an issue for SMB customers, and for larger customers the architectural differences between products become clear once all of the UTM features are turned on (especially IPS and content filtering).
  • Hardware vs. software — UTM vendors fall into either the purpose-built hardware or software-on-appliance camps. Traditionally, hardware-based solutions (with their own custom chips) have scaled better but tended to be less flexible in adding new capabilities. As the market evolves, these generalizations may not hold, so I recommend you take the solutions you’re considering into your lab, and put them to the test. That’s the only way for you to really know what’ll work for you and your customers.
  • Open-source vs. proprietary — There are some solutions that are largely based on open source technology wrapped in a pretty interface. Other vendors have built all their own stuff.

Ultimately, the vendor(s) you choose will be largely driven by the technologies your customers already have. Changing vendors is risky and usually involves learning a new interface and maybe sacrificing some functionality. That adds friction to the sales cycle. We don’t like friction — it impacts margins.

So if your customer base is largely Cisco, Juniper or Check Point, you pitch the customers first on that solution. In the event the customer hates the incumbent (which is a real possibility), then bring a hardware-based solution (like Fortinet or SonicWall) and a software + appliance solution (like Astaro) to the table. Let the customer decide what is more important to them. Larger enterprises will be interested in modularity and flexibility, so Crossbeam is usually a good fit — in addition to the typical incumbents.

But get familiar with UTM and do it now. If you don’t I can guarantee your fellow VARs will be.

Methodology: Explanation of how data was collected/generated and analyzed An explanation of methodological problems and their solutions or effects

It constitutes two parts:

Ø  Mode of data collection or generation

Primary Data -Original data collected for a specific research goal

Ex: Questionnaire surveys; Interviews: informal or structured

Secondary Data -Data originally collected for a different study, used again for a new research question.

Ex: Published statistics , Published texts ,  documents, forms ,reports etc

Qualitative data -Data involving understandings of the complexity, detail and context of the research subject, often consisting of texts such as interview transcripts and field notes, but also audiovisual material.

Quantitative data -Data that can be described in terms of objects, variables and their values.