The Web browser has been a major infection vector for years, allowing malware to be transported to millions of computers through phishing, man-in-the-middle, SQL injection and countless other attacks. But what if there was a way to stop this madness and secure the browsing channel itself?
I talk about ways to replace existing Chrome and Firefox browsers with a new breed of products, such as this screenshot of Spoon at left. You can read my article posted on Network World today here.
Trying to protect your expanding virtual machine (VM) empire will require a security product that can enforce policies, prevent VMs from being terminated or infected, and deliver the virtual equivalents of firewalls, IPS and anti-virus solutions.
We last looked at this product category nearly three years ago, testing five products. At that time, we said that no single product delivered all the features we desired. That’s still true today even though the market matured some. This time around we tested three vendors who were in our previous test — Catbird, Hytrust and Trend Micro – plus a newcomer, Dome9. All represent solid approaches to improving your VM security, but coming from different places.
Sadly, I wasn’t able to test lots of other VM security technologies, which I have listed here.
You can read my review of these VM security products for Network World here. And you can view a series of screenshots of the four products here.
Copying content from the Web can be both a good and bad thing. There are companies that make it easy to scrape public data archives such as ScraperWiki.org that are used by data sciences and journalists to track trends and uncover government abuses. And Google and other search engines use various kinds of scraping algorithms to index and categorize your site, and to ensure that your content is ranked appropriately.
But for the most part scraping is bad news. Chances are good that someone has copied your Web content and is hosting it as their own elsewhere online. This happened with LinkedIn not too long ago
, where someone picked up thousands of personal profiles to use for their own recruiting purposes. That is a scary thought, indeed.
And lest you think this is difficult to do, there are numerous automated scraping tools that make it easy for anyone to collect content from anywhere, including Mozenda and Scapebox. I won’t get into whether it is ethical to use these on a site that you don’t own the content. Some of these attack sites are very clever in how they go about their scraping, with massive numbers of ever-changing IP addresses blocks to obtain their content.
So what can you do to prevent the bad kind of scraping? There are several companies that try to protect your site from being scraped by a bad actor, including Distill Networks and CloudFlare’s ScrapeShield.
But today’s post is to tell you about another one that goes even further than these two tools called ScrapeDefender. You can watch a screencast video that I just produced here that shows its features.
Scrape Defender is easy to get started with: you just plug in your site’s URL and it will take about a day to look at your site and see where you are vulnerable. When I tried it with my own domain strom.com I was surprised to see it listed 150 different exploits. Some of them have pretty oddball names, such as dripping water or shotgun that show where anyone can come in and grab your content. The service provides a piece of Javascript tracking code that you add to each of your site’s page headers. Once this is in place you can monitor what is going in in near-real time and protect your site against these abusers.
For example, you can view how many pages a potential abusive IP address has visited, any geolocation information, which risk metrics were tripped, what alarms were generated because of this activity and other IP addresses that are owned by the same organization. All that information can help you figure out if your site was suddenly very popular or was being targeted by one of your competitors or someone that wants to steal your content. Their service is Web-based; you bring up your browser and can view these metrics and reports, along with suggestions on best security practice to defend your content too.
The hard part about defending and hardening your site against potential scrapers is that it is difficult to distinguish between a legitimate visitor and an automated bot that is collecting your content. That is the secret sauce of ScrapeDefender: they have looked at thousands of websites to figure out when a bad actor is present, and have code these various behaviors into their system.
You can try Scrape Defender for free, the paid service starts at $79 per month to keep track of a single domain, with more expensive and extensive plans available. It is well worth a look.
Do you manage your IT infrastructure by swivel chair? The term has been around for many years (here is a reference in ITWorld) but this is the first time that I heard it.
My client CA Technologies mentioned the term to me when I was putting together one of my screencast video product reviews and I thought it was a dandy illustration of how hard it is sometime to manage an entire IT Infrastructure.
You get the notion: you have to enter items in two or more systems because there is little to no communication among them. The problem is particularly acute with IT monitoring systems, systems that are usually so complex that they take forever to build, have steep learning curves to operate, and price tags that quickly zoom into the stratosphere. If only there was a tool that you could try out and get up and running quickly, and didn’t cost an arm and a leg.
There are plenty of limited, free or open source IT monitoring tools: Nagios and Spiceworks are examples, and there are dozens more. Network World’s Barry Nance reviewed six different tools (but not CA’s) here last summer.
But I wanted to tell you about CA’s Nimsoft Monitor Snap, the free version of its IT monitoring solution , CA Nimsoft Monitor. Unlike some of the other freemium products, it is completely free: no time bombs, no artificial limits or functions that require a bit of cash to be unlocked. You only can monitor up to 30 devices, but by then you should have a good feel for the tool can and can’t do.
And by devices, I mean Snap can monitor almost anything: virtual machines, applications, network and storage devices, servers of course and routers. There are no additional modules to install to connect to these devices, and you can be up and running inside of an hour from when you downloaded the software. It runs on a relatively recent Windows box with a simple Web interface.
The steps you need to take are very straightforward: you first set about discovering all the devices across your network. And if you get stuck, CA has a nice community forum that can help give advice. You may need to open up a firewall or understand how Windows Management Interface works to hook up Snap to the various devices. The latest version even allows you to monitor your gear from a smartphone app. Snap can schedule periodic discovery scans and produce reports on the health of your equipment.
What happens when you outgrow the free version? You can easily upgrade to the paid tool, which will cost about $30 per server per month and also includes phone support.
You can watch my video review here. Maybe you will even get rid of your swivel chair too.
My latest in the series of video screencast reviews is out today on CA’s Nimsoft Monitor Snap. This is a completely free IT monitoring product that can track all sorts of things, including servers, desktops, VMs, routers, and more. It is simple to install and setup and runs on a Windows machine of relatively recent vintage. What’s the catch? Well, the free version is limited to 30 devices: if you want to monitor a larger network, you have to shell out some cash. But unlike other monitoring tools, it has a very shallow learning curve and you can see for yourself what it looks like and some of its more important features in my video here.
Back in July 1994, I was asked to write a piece for a magazine called Marketing Computers about this subject. By then I had spent more than eight years looking at computer products, mostly networking and communications hardware and software. I recently thought about this piece when I was conducting a review for Network World and had so many vendors refuse to participate. Here is the first of ten points that I made in the article:
Set up and manage a real program with budget, staff and collaterals for trade magazine reviews. Don’t try to compete with your actual customers for getting product to the reviewers: set aside a line-item in your marketing budget to purchase your own product for reviewers and maintain your own inventory.
You can read the remainder here on my site.
And this ancient column also served as the basis for a more modern talk that I gave at a 2014 Product Camp Unconference here.
Unified threat management devices have traditionally been suited for small and medium-sized business networks. UTMs combine a number of essential technologies, including firewall, perimeter antimalware and antispam, VPN, Web content filtering and more, but historically have not been capable of handing the traffic load of a large enterprise network. Now, UTM vendors are integrating a host of new features in an attempt to become more competitive against other enterprise-grade security appliances.
You can watch the five minute screencast that I did for SearchSecurity here. I cover several different products, including Fortinet, Sophos, Checkpoint and Juniper.
To better protect the enterprise network, organizations need stronger firewalls. Cisco Systems’ Adaptive Security Appliance 5512-X delivers a solid set of features to address those needs: Zero-day malware protection, application-aware software and integration with endpoint device control for end-to-end security.
Mobile Device Managers (MDMs) make a lot of sense when you are trying to control whom can access your enterprise network and applications from particular phones and tablets. But to effectively evaluate these products, you should first consider what exactly are you trying to control: the apps on particular devices, the pairing of a user with his or her device, the device itself, or the collection of files on each device. Each MDM has a somewhat different perspective, and has strengths and weaknesses in terms of what it can control best.
In my review today for Network World, I looked at six different products: AirWatch (pictured above), Apperian’s EASE, BlackBerry’s Enterprise Server 10 (BES10), Divide, Fixmo, and Good Technology’s Good for Enterprise. No single MDM product won this review; all had serious flaws that would prevent them from being successfully deployed, depending on your circumstances.
The need for better mobile security is obvious: witness this story from last year about a hospital volunteer taking pictures of patient records with his phone and them selling them. Sadly, most current MDMs still wouldn’t be able to prevent something this overt.
The MDM arena is still pretty immature, akin to where the anti-virus world was decades ago. Security profiles are somewhat clunky to install and administer and some vendors don’t support vintage versions of iOS or Android. Topping this off: once you find phones that have been compromised, there is no easy way to return them back to a pristine condition, largely through the fault of the mobile OS vendors.
Expect to pay between $20 to $75 per user or per device per year, which can add up if you have a lot of phones to protect. Few vendors are transparent about their pricing (Airwatch and Blackberry are notable exceptions).
Good and BlackBerry do the best jobs of protecting your messaging infrastructure, so if that is the primary reason for picking an MDM product you should start with these two. Divide had the most appealing management console and overall simplest setup routines, and also supports licensing unlimited devices per user. And Apperian is great for corporations that have developed a large collection of their own apps and want a consistent set of security policies when deploying them.
You can see the full range of screenshots for my review in this deck.
Microsoft Office has split into two distinct personalities, Office 2013 (which you get via a CD) and Office 365 (that comes via the browser and the cloud). The two share several common features and will make it easier for federal government users to collaborate without having to serially email documents back and forth. There is also tighter integration into your Microsoft account for reading emails and adding contacts and calendar entries.
For more on my review of MS Office Pro Plus 2013, read it in FedTech Magazine’s latest issue here.