If you use one of those ever-popular social networking applications for work purposes, or just for personal business while on the job, then you aren't alone, according to a recent industry report, but such usage can harm your network security as well.
The use of social networking and collaborative applications for business purposes has 'skyrocketed in the past six months. With increased adoption of Web-based applications come new business and security risks that go far beyond potential productivity losses.
DTE Energy is a Detroit-based diversified energy company involved in the development and management of energy-related services nationwide. "With Palo Alto Networks we found the visibility into our network we were seeking. Now we get better visibility into what's going on inside our network and into the applications attempting to access our network. From a bandwidth perspective, we don't want to be too restrictive, but we do want to ensure appropriate resources for our business traffic."
Greg Young and John Pescatore just authored an excellent note on next-generation firewalls. In the note, “Defining the Next-Generation Firewall,” Greg and John do an excellent job laying out the definition, the requirements, and their recommendations for next-generation firewalls in the enterprise.
Sometimes, the problems we experience with computers are a result of a legacy design. Hardware or software might have been architected 10 or 20 years ago when the world of computing was vastly different from the way it is today. As a result, the product in use today isn't as effective as it could be because of aging or obsolete design.
Texas A&M University at Galveston (TAMUG) houses the Texas Maritime Academy, which is one of six state maritime academies in the U.S. preparing graduates as officers in the United States Merchant Marine.
Texas A&M University is a land-grant, sea-grant, and space-grant institution located in College Station, Texas. "Palo Alto Networks next-generation firewalls are multi-function devices that do more than the other products combined, and give us everything we need."."
Details Here are some checks that should be made when Panorama is out of sync with one of many managed firewalls, or simply cannot connect to a firewall. Check IP connectivity between the devices. Make sure port 3978 is open and available from the device to Panorama. Make sure that
Overview By default, the maximum number of domain controllers that can be queried by the User-ID Agent is set to 10. This document describes how to change this limit. Steps Use a text editor to open the config.xml located in the install directory for the User-ID Agent Default locations:
The firewall is still relevant but needs a complete overhaul for it to work efficiently.
Commenting on the issue raised by the SC Studio debate on the future of the firewall, Lee Klarich, vice president of product management at Palo Alto Networks, stated that the firewall is definitely not dead, but traditional firewalls are so far behind the application and threat developers that it sometimes feels like it.
Often we talk about how destination port is not an accurate classification for controlling network traffic. At this point, hopefully that is obvious. Everyone knows that just about anything can get out of an enterprise network via port 80 or 443. Lately I have had several discussions with customers curious about protocol validation and ensuring that only “valid” traffic is being allowed. Being “valid” has become a mostly useless concept. How do you control traffic on 80 and 443? You put in a proxy, right? Hmm. That is useful if …
Mafia Wars. FarmVille. YoVille. PetSociety. Hot or Not. Texas Hold ‘Em. Many of you will have played, or seen updates from your friends on the above games – they represent some of the most popular applications on Facebook. Some of my friends talk about “lost weekends” with various Facebook games, where they get so involved in online play, hours or days go by without pause – and as a result, my news feed is peppered with evidence of their progress in this month’s hottest game.
We often use the term evasive as a means of describing how an application can bypass a traditional stateful inspection firewall. “Applications use tactics such as port hopping, non-standard ports, SSL encryption and emulation to evade the firewall.” While wholly accurate, the term carries negative connotations, implying the application is behaving badly. In reality, the application developers are using these techniques primarily for purposes of improving user accessibility.
The most recent discovery of the first lady’s safe house (Laura Bush) and a detailed list of the civilian nuclear complex, including precise locations of weapons grade nuclear fuel follows closely on the heals of previous P2P discoveries of Marine One blueprints and healthcare records. Should we really be surprised? No not really, given the findings form the latest Application Usage and Risk Report: * An average of six P2P variants were found in 9 out of 10 organizations. * In one extreme case, 17 P2P variants were found.
The emergence of Palo Alto Networks (hereby referred to as 'Palo Alto') has undoubtedly injected a lot of buzz into the network security segment that has been devoid of any epochal leap, ever since the introduction of stateful inspection and the marriage between firewall technology and IPSec VPN gateways.
Remember the movie Jaws where sheriff Browdy(Roy Schieder) sees the shark and says “We’re gonna need a bigger boat?” Enterprise IT managers might say the same thing when they see move networks or hulu networks on their network – if in fact they could see them. Problem is, many of these applications use port 80, and possibly HTTP-video – which means that they will flow right through every firewall on the market. And they will wave hello and goodbye as they scream past the URL filtering. These are just a …
This NetworkWorld article talks about the new LotusLive suite of collaborative applications from IBM. The cool thing about this article is that it is taking LotusNotes, one of the original “enterprise applications” and making it available as a set of cloud-based applications. Even cooler is that it is IBM – known to be more conservative than most in terms of how it develops and deploys applications. The article also notes that LotusLive will be partnered with LinkedIn, Skype and salesforce.com. Now the question becomes this: if a user browses to …
In this Read-Write-Web article, the author highlights what many corporations are struggling with: how best to balance the technology desires of the new generation of employees with the associated security and business risks. The old days of summarily blocking an unknown application is no longer an appropriate response since the user may be the CIO or CEO. Today, the IT department must look at the sum of all parts including what the application is, how it operates, who is using it, and what type of security threats does it introduce. …