After extensive testing of 10 advanced endpoint protection products, we have identified a series of broad industry trends:1. Virus signatures are passé. Creating a virus with a unique signature is child’s play, thanks to the nearly automated virus construction kits that have filled the internet over the past several years. Instead, many of today’s advanced endpoint protection products make use of security news feeds that report on the latest attacks such as VirusTotal.com and other reputation management services. Some, like CrowdStrike, have a long list of integrations with security and log management tools to make them more effective at spotting attack trends.To read this article in full or to leave a comment, please click here
The days of simple endpoint protection are over. Scanning and screening for malware has become a very complex process, and most traditional anti-malware tools only find a small fraction of potential infections.Nowadays there are numerous advanced endpoint detection and response (EDR) tools, all claiming to find and block the most subtle attacks, even ones that don’t leave many fingerprints.As we wrote last fall, there are two basic approaches: hunting (looking for some odd behavior) and sifting and gathering particular trends or activities (which has its roots in traditional anti-virus).To read this article in full or to leave a comment, please click here
Multi factorsSince we last reviewed two-factor authentication products, the market has moved beyond two-factor authentication toward what is now being called multi-factor authentication. One of the key features being new types of hardware-based tokens. Here are individual reviews of nine MFA products. See the full review.To read this article in full or to leave a comment, please click here
Due to numerous exploits that have defeated two-factor authentication, either by social engineering, remote access Trojans or various HTML injection techniques, many IT departments now want more than a second factor to protect their most sensitive logins and assets.In the three years since we last reviewed two-factor authentication products, the market has responded, evolving toward what is now being called multi-factor authentication or MFA, featuring new types of tokens.For this review, we looked at nine products, five that were included in our 2013 review, and four newcomers. Our returning vendors are RSA’s Authentication manager, SafeNet’s Authentication Service (which has been acquired by Gemalto), Symantec VIP, Vasco Identikey Authorization Server, and TextPower’s SnapID app. Our first-timers are NokNok Labs S3 Authentication Suite, PistolStar PortalGuard, Yubico’s Yubikey and Voice Biometrics Group Verification Services Platform.To read this article in full or to leave a comment, please click here
Perhaps the biggest surprise in our review of nine multi-factor authentication products is that physical tokens are making a comeback. Many IT managers were hoping that software-based tokens, which are easier to deploy and manage, would make hardware tokens extinct.In our review three years ago of two-factor authentication products, the hot new approach was using smartphones as an authentication method via soft tokens, which could be a smartphone app, SMS message or telephony.To read this article in full or to leave a comment, please click here(Insider Story)
Due to numerous exploits that have defeated two-factor authentication, either by social engineering, remote access Trojans or various HTML injection techniques, many IT departments now want more than a second factor to protect their most sensitive logins and assets.In the three years since we last reviewed two-factor authentication products, the market has responded, evolving toward what is now being called multi-factor authentication or MFA, featuring new types of tokens.For this review, we looked at nine products, five that were included in our 2013 review, and four newcomers. Our returning vendors are RSA’s Authentication manager, SafeNet’s Authentication Service (which has been acquired by Gemalto), Symantec VIP, Vasco Identikey Authorization Server, and TextPower’s SnapID app. Our first-timers are NokNok Labs S3 Authentication Suite, PistolStar PortalGuard, Yubico’s Yubikey and Voice Biometrics Group Verification Services Platform.To read this article in full or to leave a comment, please click here
Perhaps the biggest surprise in our review of nine multi-factor authentication products is that physical tokens are making a comeback. Many IT managers were hoping that software-based tokens, which are easier to deploy and manage, would make hardware tokens extinct.To read this article in full or to leave a comment, please click here(Insider Story)
Multi factorsSince we last reviewed two-factor authentication products, the market has moved beyond two-factor authentication toward what is now being called multi-factor authentication. One of the key features being new types of hardware-based tokens. Here are individual reviews of nine MFA products. See the full review.To read this article in full or to leave a comment, please click here
EDITOR’S NOTE: Israel has a long tradition of delivering security products for enterprise IT, dating back to Check Point introducing the first firewall 20 years ago. Today, Israel exports $6 billion in cyber technology and accounts for a fifth of the world’s private investment in cyber. Network World’s David Strom attended last week’s CyberTech 2016 conference in Tel Aviv and filed this report.TEL AVIV, ISRAEL -- It isn’t often that a speech from a head of state at a tech conference is relevant to IT security managers, but Prime Minister Benjamin Netanyahu’s address at last week’s third annual CyberTech 2016 focused on where the Israeli government and its IT security industry are heading.To read this article in full or to leave a comment, please click here(Insider Story)
In 2013, we reviewed six password managers, some suitable for enterprises and some primarily for consumers. The field has exploded and today there are more than two dozen products on the market. Even the popular TV show “Shark Tank” recently evaluated a password manager startup.But this level of activity doesn’t necessarily indicate quality. We found that some of the products we reviewed two years ago haven’t improved as much as they could have. And some of the newer products are still a work in progress.Password managers are an important first step for organizations that want to strengthen their security by helping users cope with multiple logins. While browsers have gotten more intelligent about storing passwords and synchronizing them across different platforms, you might want to have more control over the way your users manage passwords, which is where these tools come into play. Password managers are often seen as a less expensive and easier to implement solution than single sign-on products, which we’ve also reviewed.To read this article in full or to leave a comment, please click here(Insider Story)
The password is ....Image by ThinkstockPassword managers are an important first step for organizations that want to strengthen their security by helping users cope with multiple logins. In this review, we looked at 10 tools: Dashlane for Business, Keeper Security Enterprise, LastPass Enterprise (now part of LogMeIn), Lieberman Enterprise Random Password Manager, LogMeOnce Enterprise Edition, Manage Engine Password Pro, Agilebits1Password for Teams, StickyPassword, SplashID TeamsID, and SingleID. Here are the individual reviews. See the full review along with a related story on how to evaluate password managers.To read this article in full or to leave a comment, please click here
We know by now that traditional anti-virus doesn’t work, or at least doesn’t work well enough to be the sole line of defense against endpoint exploits. And while the traditional endpoint protection vendors have learned some new tricks and offer some solid features, most enterprises need more.They want an endpoint product that can prevent zero-day infections from happening and they want to be more proactive.To read this article in full or to leave a comment, please click here(Insider Story)
Differing approaches to endpoint securityTraditional anti-virus doesn’t work well enough to be the sole line of defense against endpoint exploits. And while the traditional AV vendors have learned some new tricks and offer some solid features, most enterprises need more. They want an endpoint product that can prevent zero-day exploits and they want to be more proactive. We looked at two relatively new products, Carbon Black (now owned by Bit9) and Cylance Protect. Both are designed to approach securing your endpoints from a different and more complete perspective. Read the full review.To read this article in full or to leave a comment, please click here
Email encryptionRecipients of encrypted emails once had to share the same system as the sender. Today, products have a “zero knowledge encryption” feature, which means you can send an encrypted message to someone who isn’t on your chosen encryption service. Today’s products make sending and receiving messages easier, with advances like an Outlook or browser plug-in that gives you nearly one-button encryption. And the products we reviewed have features like setting expiration dates, being able to revoke unread messages or prevent them from being forwarded. (Read the full review.)To read this article in full or to leave a comment, please click here
Email encryptionRecipients of encrypted emails once had to share the same system as the sender. Today, products have a “zero knowledge encryption” feature, which means you can send an encrypted message to someone who isn’t on your chosen encryption service. Today’s products make sending and receiving messages easier, with advances like an Outlook or browser plug-in that gives you nearly one-button encryption. And the products we reviewed have features like setting expiration dates, being able to revoke unread messages or prevent them from being forwarded. (Read the full review.)To read this article in full or to leave a comment, please click here
I once co-wrote a book on enterprise email where I likened email encryption to a “sucking chest wound.” That was in 1997, when you had to do all the encryption key management on your own, a daunting task to say the least.
While things have improved considerably since then, encrypting messages is not as simple as it could be, and requires careful study if you want to have truly private communications that can’t be viewed by your competitors – or your government.
In the past, recipients of encrypted emails had to share the same system as the sender, and many email clients were difficult to configure. Today, many products have a “zero knowledge encryption” feature, which means you can send an encrypted message to someone who isn’t on your chosen encryption service. Just provide them a passphrase to decrypt their message and to compose a reply to you, or in some cases they can read the message by just authenticating themselves. After this first communication, your recipient is able to exchange encrypted messages with you quite easily.To read this article in full or to leave a comment, please click here(Insider Story)
Single mindednessSince we last looked at single sign-on products in 2012, the field has gotten more crowded and more capable. For this round of evaluations, we looked at seven SSO services: Centrify’s Identity Service, Microsoft’s Azure AD Premium, Okta’s Identity and Mobility Management, OneLogin, Ping Identity’s Ping One, Secure Auth’s IdP, and SmartSignin. Our Clear Choice test winner is Centrify, which slightly outperformed Okta and OneLogin. (Read the full review.)To read this article in full or to leave a comment, please click here
Remember when network access control (NAC) was all the rage? Remember the competing standards from Microsoft, Cisco, and the Trusted Computing Group? Back around 2006, there were dozens of NAC products, many of which turned out to be buggy and difficult to implement.
Over time, other network-based security products – mobile device management (MDM), intrusion prevention systems (IPS) and next-generation firewalls – came along and squeezed NAC into a narrower part of the market.
But NAC hasn’t disappeared. In fact, NAC products have evolved and improved as well. For this review, we were able to bring the following five vendors together: Enterasys/Extreme Networks Mobile IAM, Hexis Cyber Solutions NetBeat NAC, Impulse Point SafeConnect NAC, Pulse Policy Secure, and Portnox NAC. (Cisco, ForeScout, Auconet, and Aruba declined our invitation.)To read this article in full or to leave a comment, please click here(Insider Story)
When it comes to unified threat management appliances aimed at the SMB market, vendors are finding a way to fit additional security features into smaller and more powerful appliances.
In 2013, we looked at nine UTMs. This time around we reviewed six products: the Calyptix AccessEnforcer AE800, Check Point Software’s 620, Dell/Sonicwall’s NSA 220 Wireless-N, Fortinet’s FortiWiFi-92D, Sophos’ UTM SG125 and Watchguard Technologies’ Firebox T10-W. (Cisco, Juniper and Netgear declined to participate.)
We observed several megatrends across all the units that we tested:To read this article in full or to leave a comment, please click here(Insider Story)
If you are ultra paranoid, what could be better than hiding your network traffic in such a way that no one could possibly intercept it? This is what Unisys is offering with its new Stealth appliance, which could make man-in-the-middle attacks and keylogger exploits obsolete, or at least more difficult to mount.Stealth has been around since 2005 when it was developed exclusively for the Defense Department. Several years ago Unisys took it to commercial enterprises and has paid for various independent tests to try to compromise the system, all of which have failed.This is because Stealth uses four layers of security: each packet is encrypted with AES256, then split into three separate pieces and dispersed across the network, destined for a particular group of users that have to be running its protocols.To read this article in full or to leave a comment, please click here
David Strom