If you are not already familiar, Windows Live Mesh 2011 is Microsoft’s file synchronization and remote desktop access application that evolved out of its earlier products, FolderShare and Live Sync. It is a part of Microsoft’s vision for how users will manage their data across multiple devices – using a blend of cloud services and PC-based apps. According to this recent announcement by the Live Mesh team, the service connects 5 million devices, with over 3 million users syncing 2.2 petabytes of data, since being first introduced six months ago. Although it is primarily targeted for the consumer market, users are very likely to be connecting their work PCs to Live Mesh, meaning corporate or personal data will flow across the enterprise perimeter presenting important implications for IT security.
Available as part of the Live Essentials 2011 package, Live Mesh allows users to sync files and program settings like favorites in IE or templates in Office between different PCs and additionally to SkyDrive, a cloud storage service. The service also allows remote desktop access from both the application and if you don’t have it installed, via a web browser on its Live Devices website. It surely enhances personal productivity, but from an enterprise perspective, it poses a risk to sensitive corporate data – SSNs, credit card numbers, financial data, and employee information, falling into the wrong hands; or malware spreading across machines as an unintended result of file and folder synchronization.
For admins that are mindful of these risks, Palo Alto Networks’ App-ID technology provides a way to enforce security policy based on individual applications and in some cases, individual functionality of the applications, rather than just ports and protocols. In this case, traditional firewalls will report the traffic simply as HTTP or HTTPS based on the fact that the traffic is on TCP ports 80 and 443. With App-ID, you can identify and control live-mesh-snyc, live-mesh-remote-desktop, or skydrive, separately. Of course, this isn’t limited to just Live Mesh – the App-ID database has over 1250 applications including many of the popular file synchronization applications such as Dropbox, MobileMe, Google Docs, SugarSync, Wuala, …just head to our Applipedia page to browse through the various other applications identified by the firewall.