Feeds:
Posts
Comments

Archive for August, 2012

Vulnerability Assessment

The majority of security breaches are caused by people that already have access to the internal network. Insiders pose a potential threat to the very foundation of your network security if you do not take proper precautions. E-SPIN and the technology supplier we represented is dedicated to offering turnkey solutions based on a true proactive approach in securing their valuable assets and ensuring compliance with policies and regulations. Our solutions can be immediately deployed and are always accompanied by our well-appreciated 24/7 security expert support.

Being placed inside the network, E-SPIN Vulnerability Management Appliance become a wider approach on security breaches. Vulnerabilities can be successfully identified and managed on all servers, workstations and other devices that are available from within the network. By using the built-in workflow tools, identified vulnerabilities can easily be delegated and later on verified for successful remediation. The vulnerability findings can be compared over time, to monitor trends in risk exposure.

Key Features

  • Network mapping support – Automated enumeration of network components and services in order to determine appropriate scope of vulnerability assessment.

  • World leading security technology – Based upon our partnering world leading core vulnerability scanning technology.

  • Cross platform support – All commonly used operating systems, applications and network types can be successfully assessed.

  • Maintains network availability – Several mechanisms to minimize possible network interruptions are implemented and the user can schedule the scans with respect to individual requirements.

  • Alignment with standards – Vulnerability information is aligned with the CVE (Common Vulnerabilities and Exposures) standard for Information Security Vulnerability Names.

  • Multi-user environment – Unlimited number of users accompanied with a rich-featured permission control system and support for task assignment.

Unique Benefits

  • Scalability – Cluster support that allows for smooth extension of number of co-working appliances as needed.

  • Information privacy – The sensitive vulnerability reports never leaves your network, but resides on the HIAB appliance.

  • 24/7 technical support – Unlimited phone and email support provided by security experts.

  • Ease-of-use yet flexibility – An easy-to-use web interface. By using the standard configuration you are quickly up and running, whereas more advanced features can be used on-demand.

  • Best value for money – Competitive pricing and reduced burden on your own organization.

Contact E-SPIN for your vulnerability management requirement.

Advertisements

Read Full Post »

WhatsUp Gold features

WUG Core Features

DISCOVER

Automated and fast Layer 3 device discovery using multiple types of discovery options including SNMP SmartScan, IP address range scan, single device scan or host file import. Wizard-based tools simplify and make network discovery fool-proof, no matter the size or complexity of your infrastructure

 MAP

Get hierarchical maps of the Layer 3 view of your network, including a complete representation of your real network and application environment with drill downs to subnets and virtual LANs. Drag and drop icons make it easy to change device positions and attributes and create relationships.

 MONITOR

Using a sophisticated strategy of both active and passive monitoring, WhatsUp Gold tracks the status and health of all your network devices. Get early alerts listening for SNMP traps and syslog messages from the devices in your infrastructure.

 ALERT

WhatsUp Gold’s Alert Center gives you a single integrated dashboard that consolidates all alerts, notifications and alert acknowledgements for easy configuration and management. The Alert Center can only be found in WhatsUp Gold.

 REPORT

Get complete visibility of the health and performance of your network with WhatsUp Gold’s reporting – just the way you want to with configurable Dashboards. Includes over 200 out-of-the-box, customizable reports to meet your most discerning needs.

In addition of the innovative Mobile Access capability makes WhatsUp Gold the first solution to allow monitoring of networks in real time from smartphones or personal digital assistants (PDAs). Offering you key features such as: one-click login, Device Views with access to device maps, as well as DirectLink notifications, WhatsUp Gold gives you complete portability in monitoring your network.

With WhatsConnected you will:

  • Save Time: Spend time effectively managing the network instead of wasting it on tedious, time consuming manual documentation tasks of network topology and port to port connectivity.
  • Lower Cost of Operations: WhatsConnected best value combined with its ability to free up valuable IT personnel time and lower mean time to repair directly helps lower cost of operations.
  • Manage Assets and Inventory: Gather, filter, and export a wide variety of inventory and configuration information across networking devices and systems as required for compliance and network audit process.
  • Optimize your Hardware Investment: WhatsConnected Layer 2/3 discovery let’s you find “forgotten” hardware or hardware without an IP address. These can then be decommissioned or reassigned to new tasks, or moved to an internal cloud.
  • Stay in Control: Know exactly what inventory is deployed on your network, even hard to track associations between physical servers & virtual resources. Understand device interdependencies and how they are affected by changes and failures.
  • Track Changes: With scheduled discoveries, and up-to-date dynamic maps, diagrams and topology views you can accurately understand, track and document the evolution of your network, with no effort – it just works.
  • Simplify Troubleshooting tasks: Rapidly pinpoint the root cause of connectivity issues to minimize downtime and gain insight into how your network topology and infrastructure can be configured to minimize potential conflicts and optimize performance.
  • Compliance Support: Ensure an accurate discovery, audit, documentation and archiving of network assets, topology maps and configurations over time to support regulatory requirements like SOX, FISMA, PCI DSS and HIPAA.

WhatsUp Gold is the most intuitive, comprehensive, and cost-effective network management tool set. Further information, please visit http://e-spincorp.com/espinv3/index.php/ipswitch/whatsup-gold-network-management.

Read Full Post »

WhatsUp Gold has grown in features and capabilities from an SMB (small and midsize business) network management tool to something appropriate for the enterprise, yet the product still remembers its roots as an easy-to-master tool. However, virtualization has added another layer of complexity for WUG and its network management peers.

WhatsVirtual brings a great deal of functionality to WhatsUp Gold and will turn out to be a must-have tool for WUG users who are incorporating ESX or ESXi into their server environments. Of course, as part of WUG, WhatsVirtual is only applicable to shops running WUG, and while the new module is a valuable addition.

whatsvirtual

A closer look at WhatsVirtual

WhatsVirtual is designed to do exactly as the name implies: show what is virtual in the enterprise. Following are the component that necessary

  • Visualization of the world of virtual components is only the starting point.
  • A good management tool needs to deliver discovery, inventory, reporting and control,
  • Auditing capabilities, all of which WhatsVirtual delivers effectively, albeit indirectly.


As an add-on module for WUG, WhatsVirtual leverages many of the management and reporting capabilities native to WUG.

With WUG, that is accomplished using a discovery wizard, which I launched from the tools menu on the main WUG GUI. The wizard starts when you choose “discover devices” from the menu, which then allowed to initiate a discovery session.
Discovery sessions can be launched manually or set up to run at predetermined times via a schedule. That proves to be a handy feature on networks that change a lot. The scans can use a range of IP addresses or a single IP address to discover a VMware host. There are also advanced options available under a submenu, which allows a discovery scan to be customized.

WhatsVirtual works hand-in-hand with VMware’s API, which means users will have access to threshold configuration information and Alert Center workflows. In other words, it becomes quite simple to define alerts for VM hosts and guests. Those alerts can be fine-tuned to create notifications of potential problems, such as utilization exceeding preset levels or disk space issues.

The idea here is that I no longer needed to use VMware vSphere in conjunction with WUG to monitor VM hosts and guests—it can all be done from within WUG. That brings virtual and physical machine management much closer to the single dashboard ideology, where all major functions can be accomplished from a single management application.

WhatsVirtual  is new technology which bring virtual and physical machine into much more real and closer to reality, any further information please refer to http://e-spincorp.com/espinv3/index.php/ipswitch/whatsup-gold-network-management

Read Full Post »

The WhatsUp Gold VoIP Monitor accesses information generated by Cisco IP SLA (service level agreement) enabled devices to monitor parameters essential to VoIP performance, including jitter, packet loss, latency and other calculated performance values. The VoIP Monitor leverages the core services of WhatsUp Gold v12 and seamlessly integrates with its versatile network management capabilities, giving customers with combined data and voice networks 360 degree visibility, actionable intelligence and complete control for VoIP.

VoIP Monitoring

Addressing Convergence Challenges

Voice/data convergence poses new challenges for network managers. Introducing voice traffic onto your data network can result in degraded overall performance for both traffic types. To validate and ensure acceptable response times for both voice and data you must be able to accurately measure network performance in real-world scenarios.

The WhatsUp Gold VoIP Monitor precisely measures your converged IT network’s ability to provide the quality of service (QoS) necessary for your VoIP calls on your LAN and WAN links. A configuration wizard minimizes the time required to identify IP SLA sources and destinations and to configure the VoIP Monitor. After the simple setup, the VoIP Monitor provides everything you need to assess the readiness or current ability of your network to support VoIP based traffic. Moreover, because it is fully integrated with the

WhatsUp Gold network management platform, you can drill down into the underlying WhatsUp Gold functionality to view and graph metrics for bandwidth and interface utilization or troubleshoot network issues affecting VoIP performance.

WhatsUp Gold VoIP monitor is available now, any further information please refer to http://e-spincorp.com/espinv3/index.php/ipswitch/whatsup-gold-network-management

Read Full Post »

Tenable’s Unified Security Monitoring (USM) solution uniquely solves that challenge by integrating active and passive vulnerability management with SIEM capabilities –- providing a contextualized and prioritized view of events and activity. USM helps users quickly focus their attention and energies on the most pressing security issues, as well as ferreting out suspicious activity that would otherwise go undetected.

teable_LCE

New release of Tenable’s Log Correlation Engine (LCE) version 4 adds several new features that enhance its ability to support complex enterprise environments, as well as make the day-to-day jobs of users easier and more productive. Here are some of the key upgrades:

  • Much faster processing speeds. LCE v4 can process more than 30,000 events per second. That’s up to 20 times faster than version 3, made possible through multi-core support and other engine improvements.
  • ‘Smart’ load balancing. LCE v4 automatically routes tasks to new or underutilized servers when workloads increase, enhancing efficiency.
  • Enhanced event full-text search. Allows LCE users to identify specific events and network-based activity by rapidly sifting through mountains of log data, saving time and improving efficiency.
  • Easier deployment, administration, and operation; centralized administration of LCE Client systems. Existing LCE users will welcome operational enhancements, including the ability to update remote client configuration settings through changes on a central LCE server, saving time and reducing the potential for errors.

Tenable Log Correlation version 4 increases employees work efficiency by implementing easier user guide for further understanding to reduce product complexity.

For more information about Tenable LCE v4, please visit

http://e-spincorp.com/espinv3/index.php/tenable-network-security/tenable-solutions

Read Full Post »

We often hear about vulnerabilities in client software, such as web browsers and email applications, that can be exploited by malicious content. The repeated stories about botnets, infected web sites, and viruses which infect us with malicious documents, movies, and other content have ingrained the concept of an exploitable client in our minds.

In this blog entry, we will discuss auditing client software for vulnerabilities and describe the three different types of client-side exploits and how they can impact the risk of your network.

Auditing Client-Side Exploits

The largest misconception I’ve encountered from security auditors who test client-side software is a focus on the operating system or application. Nessus audits hundreds of different manufacturer patches and will readily identify issues in an operating system that were not shipped with the operating system.

The solution is to perform a complete patch audit of a scanned system. Passive Vulnerability Scanner will identify client vulnerabilities based on DNS lookups, web queries, dedicated client protocols, and analysis of unencrypted conversations over FTP, SMTP, IMAP, SMB, and many others.

tenable-pvs

Type 1 – Traditional Client-side Exploits

These exploits target browsers, browser plugins, and email clients. Today, there is a fine line between email and web applications since many email applications share libraries when viewing emails that have been formatted with HTML content.

Type 2 – Clients with Exposed Services

Many types of client software will actually open up a socket and run a service that communicates on the network. If the host is directly connected to the Internet or to mobile broadband networks and it does not have a firewall, it may be attacked directly without any need for user interaction such as opening an email.

Within Nessus 5, this can be refined further within your scan policy by adding a filter for a “plugin type” of “remote” as compared to a credentialed “local” check. Combinations can be further added to target specific classes of software.

Type 3 – Clients Exposed to Hostile Servers

This type of client exploit may seem very similar to our first type, but the differentiation is that the server isn’t hosting hostile data –- the server itself can be manipulated to attack a client directly.

Vulnerabilities like this can be used to hop through firewalls in a much more direct manner than by attempting to compromise an administrator’s system with some sort of Internet-based social engineering exploit. If the administrative access to the DMZ systems is allowed from an internal network and there is vulnerable client software in use, a DMZ server under control of an attacker could modify the service to conduct attacks against the client.

Some example vulnerabilities detected by Nessus that could be used to run code from a maliciously controlled server:

Code execution in FTP clients:
21565 FileZilla FTP Client Unspecified Overflow

Code execution in SSH clients:
37021 FreeBSD : putty — buffer overflow vulnerability in ssh2 support (19518d22-2d05-11d9-8943-0050fc56d258)

Code execution in SNMP clients:
38099 USN-685-1 : net-snmp vulnerabilities

Code execution in web clients:
49102 USN-982-1 : wget vulnerability

45133 Firefox < 3.6.2 Multiple Vulnerabilities
51162 MS10-090: Cumulative Security Update for Internet Explorer (2416400)

To find out further code that can help your organization to enhance your network security  explore the information given below in

info@e-spincorp.com

http://e-spincorp.com/espinv3/index.php/tenable-network-security

Read Full Post »

Tenable Network Security, Inc., the leader in Unified Security Monitoring(USM), today announced the availability of the Nessus® 5.0 vulnerability scanner, new version of Industry’s Most Widely-deployed Vulnerability and Configuration Assessment Solution Enhances Usability, Policy Creation, Efficiency, and Communication.

“Version 5.0 builds on the solid foundation Nessus has established for quality and accuracy, and now makes it easier and faster to install and use.”

Nessus 5.0 delivers top-line business benefits by introducing enhancements that streamline and optimize each of the major phases of thevulnerability and configuration assessment process. Specific benefits include:

1_Nessus5_HostSummary

  1. Streamlined startup – New installation wizard and web interface ensure Nessus 5.0 is up-and-running, completely configured in minutes.
  2. Rapid policy creation – More than two dozen new plugin filters make it fast and easy to create policies for targeted scans. Selecting multiple filter criteria, such as, vulnerability publication date, public vulnerability database ID, information assurance vulnerability alert (IAVA), and more, makes it simple to identify easily-exploitable vulnerabilities.
  3. Industry-leading efficiency – Real-time scan results combined with on-the-fly filtering allow users to quickly see risk level and act upon vulnerability data without waiting for the scan to complete. One-click navigation makes it easy to jump from critical vulnerability to vulnerable host to the details of the vulnerability. Five severity levels quickly separate informational data from actionable results.
  4. Fully customizable reports – Multiple filters, results management, and new pre-configured report formats allow users to produce targeted reports tailored to fit the needs/interests of executives, systems administrators, and auditors. Users can also combine multiple report templates into a single, comprehensive report, which can be delivered in a variety of formats, including PDF.

LCE Version 4 introduces several new enhancements that speed results, optimize workflow, and improve system reliability including:

  1. Event Processing Speeds in Excess of 30,000 events per second give network, security, and compliance teams near-instant visibility, pinpointing threats and misconfiguration.
  2. ‘Smart’ Load Balancing goes beyond simple “round robin” server switching capabilities by automatically targeting new or underutilized servers when workloads increase. Users can dynamically add new instances of LCE that will aggressively accept workloads until it has caught up with its peers.
  3. Enhanced Event Full-text Search allows LCE users to identify specific events and network based activity by rapidly sifting through mountains of log data. 

These updates, along with additional functionality enhancements embedded in LCE Version 4.This integration delivers two key business benefits: 

  1. Cost Savings: Integration between log correlation and vulnerability management improves operational efficiency and reduces costs by eliminating the need for a standalone log management solution that requires additional staffing and financial resources.
  2. Rock-Solid Security:The integration of log correlation data with vulnerability intelligence results in streamlined compliance, faster and more reliable attack mitigation and detection, and deeper intelligence and reporting on existing and emerging risks. 

If you want to access to the full detailed topic over of the above information, please feel free to subscribe for our free newsletter and get access to the professional reading book: database security. The article is cater for vulnerabilities, threats, and compliance data, delivering real-time network vulnerability intelligence and threat correlation. 

For more information please visi

http://e-spincorp.com/espinv3/index.php/tenable-network-security

 

 

 

Read Full Post »

« Newer Posts