How Lastline has better breach detection capabilities

Posted on December 10, 2014 by dstrom

The Internet is a nasty place, and getting nastier. Current breach detection products using traditional anti-malware sandbox technologies can’t keep up with advanced persistent and hyper-evasive threats that pummel enterprise networks on an hourly basis. Malware authors encode their exploits with a number of operational vectors, so in case one entry point doesn’t work they can still find a way into your network to do their dirty work. And as more businesses hire more outsourced consultants, part-time workers, and employ mobile devices, they open up additional mechanisms for malware to enter their corporate networks.

Some traditional AV and endpoint protection vendors have responded to these threats by adding features to their security products to do a better job of anticipating badly behaving packets coming through their detectors. They make use of limited virtual machines or operating system emulators to view how a piece of malware operates. That is great, but it isn’t enough. Many malware authors can detect when these simulated environments are active and can evade detection accordingly. For example, some exploits such as W32.DelfInj can literally go to sleep for several days to avoid any detector that will just scan an infected system for the first several minutes.

What is needed is a next-generation sandbox that can correlate a series of particular breach events add IP and object based reputation analysis and do this in near real-time. This is what the Lastline Breach Detection Platform does. What makes them unique is their range of discovery, the way they can effectively mimic actual PC or smartphone endpoints to examine malware behavior, and how they can scale up to handle very large networks with their modular and SaaS-based tools.

Download my review of their system here.

The trials and tribulations of eCommerce: a look back

Posted on October 14, 2014 by dstrom

I have been a keen observer and sometimes participant of the eCommerce field since its very early days back in the late 1990s. Then the websites were wacky, the software shaky, and the tools touchy and troublesome. But somehow we managed to buy stuff online and Amazon and others have been raking in the dough every since.

In the beginning, IBM had its own NT-based eCommerce product that I reviewed back in 1999 for Windows Sources magazine. These suites of products had a lot of custom configuration, and really weren’t very good. Since that point, IBM has built quite a business around Websphere and other tools. Another article about evaluating payment systems for eCommerce that I wrote for Internet.com back in 1999 described the sad state of affairs back then.

In those early days, I had fun assignments like trying to figure out how long it took staff from an online storefront to respond to my email queries. That seems fairly obvious, and there are still storefronts that don’t respond quickly enough to their potential customers.

But one area where we have come the furthest has been in online payments. A good example is the recent Apple Pay announcements last month. As the NY Times points out, even though nary a dollar has been spent with this new system, vendors are jumping on board Just Because It Is Apple. Even eBay has gotten so worried that they are in the process of spinning off PayPal, something that they have resisted for years. Here is my analysis of Apple Pay published in Ricoh’s blog.

If you are looking for some historical context of how payments have evolved, check out the following pieces that I wrote over the years:

In 2010, I looked at how hard it was to take credit card payments online in my blog,
Then for ITworld in 2011, looking at the crop of mobile payment apps such as Square,
And in 2013, I look at the frustrations surrounding eWallet technology,
Contrast that article with an op-ed that I wrote for ComputerWorld back in 1999 here.

From that last piece, I wrote:

Imagine how hard life with physical wallets would be if they acted like e-wallets. You would have to carry several different kinds of wallets around with you, since each store would accept different payment systems. You couldn’t convert your dollars from one system to another without a great deal of work. And if you lost your wallet, you would be out of luck.

Today we have a lot of payment choices, including a little-known service from MasterCard called Simplify that is a web payment gateway that offers 2% rates (but only through software, no card reader yet.). We’ll see if my predictions will come true or not once again.

Network World: Slow Internet links got you down? Try Dyn’s Internet Intelligence

Posted on October 7, 2014 by dstrom

As businesses extend their reach to more corners of the world, wouldn’t it be nice if you could monitor any Internet service provider from any location? Thankfully, Dyn, which sells DNS management tools, acquired Renesys earlier this year and extended the features of the Renesys’ Internet Intelligence product.

You can read the full review in Network World here.

A Better Way to Do Multifactor Authentication with Authentify xFA

Posted on August 25, 2014 by dstrom

xFA can add multifactor security to any web service with a few lines of code. We tested xFA on a small network in August 2014. It has cloud-based components to manage multifactor security, along with apps for iOS and Android.

Price: $19.95 per user per year

http://info.authentify.com/authentify-xfa-screencast

Fingerprint authenticators for iPhone 5 and Samsung Galaxy are expected for the near future.

Network World: Citrix Xen Mobile rates a spot on your MDM short list

Posted on August 18, 2014 by dstrom

When we reviewed six mobile device management products for Network World back in 2013, Citrix declined the opportunity to participate, but the company has changed its mind with the recent release of Xen Mobile v9.0 MDM. In our testing, we found that the software stacks up nicely against AirWatch and Good Technology, the two leaders from that review, and should be on any IT manager’s short list, particularly if you already use other Citrix connectivity products. (A view of its extensive security options can be seen on the right.)

You can read my review today in Network World here.

Computerworld: Peak vs. Tibbr, two communication tools reviewed

Posted on August 14, 2014 by dstrom

If you are trying to have more effective team communications, you are probably looking at products or services that go by names like “social CRMs” or “team engagement tracking apps.” Regardless of what they are called, these apps can connect to a variety of social networks and email accounts and make it easier to manage your communications, track what your team has posted, understand what other team members are working on and improve workflows and productivity by avoiding interruptions or massive amounts of email.

I tried out two of these tools, Peak (shown above) and Tibbr. Both are browser-based: Tibbr also has mobile and desktop clients. You can read my review in Computerworld here.

Network World: How Aryaka’s global private network speeds access to Internet apps

Posted on July 28, 2014 by dstrom

If you are trying to improve global access to your applications, you have probably considered one of several solutions: stringing together your own private network, purchasing WAN optimization appliances, or using a managed cloud-based service provider. Figuring out the benefits of each solution isn’t easy and it is hard to test for variations in Internet connectivity, specific applications and other conditions.

But what if a vendor could show you exactly the benefit in a particular use case, so you could understand what they are delivering? I got Aryaka to do just that. You can read my post in Network World today here.

Computerworld: Working together: 3 new team collaboration tools, Glip, Flow, and Slingshot

Posted on July 23, 2014 by dstrom

The concept of how we collaborate is changing. Better tools are being developed that help workgroups put together documents, quickly schedule meetings and chat with each other. Today’s collaboration environment includes tools for text chats, bulletin boards, video conferencing, screen sharing and scheduling meetings. Among these are a number of lightweight products that offer quick and near-real time collaboration. I looked at three of the newcomers: Flow, Glip and Slingshot. (A screen from Flow is pictured above.)

While all have some things in common — all three seek to enable collaboration and can be used either on desktops/laptops or on mobile devices — they all do somewhat different things in the collaboration space.

You can read my review that appeared in Computerworld here.

NComputing’s oneSpace improves tablet productivity

Posted on June 30, 2014 by dstrom

NComputing’s oneSpace combines the benefits of tablet style navigation and gestures with fully functioning Windows and SaaS applications, internal web apps and portals, and on-premises and cloud file shares in a single policy-controlled environment that is secure and separate from a user’s personal tablet apps. We tested it on both Android and iOS tablets in June 2014.

Usage of the oneSpace app requires a license to a oneSpace service.

Price: $33/user/month

http://ncomputing.com

Network World: Unisys unveils invisibility cloak for network traffic

Posted on May 5, 2014 by dstrom

If you are ultra paranoid, what could be better than hiding your network traffic in such a way that no one could possibly intercept it? This is what Unisys is offering with its new Stealth appliance, which could make man-in-the-middle attacks and keylogger exploits obsolete, or at least more difficult to mount.

Stealth uses four layers of security (see diagram): each packet is encrypted with AES256, then split into three separate pieces and dispersed across the network, destined for a particular group of users that have to be running its protocols. Stealth has been around since 2005, and you can read my review of Stealth for Network World here.

Web Informant

David Strom's musings on technology

Category Archives: Product reviews