Profiler makes it easier to troubleshoot and manage up to five McAfee Enterprise firewalls from one central console and help you keep up with changes to your network and applications. You can examine the implications to real-time changes in your network before you commit them and also quickly do ad hoc analysis on rule sets.
Version 1.5.1
Price: $19,500 for appliance model
http://www.mcafee.com/us/local_cont
My latest video screencast review for the Dell sponsored site ITExpertVoice has been posted, on using Windows 7 new whitelisting feature called Applocker. You can watch it here:
http://itexpertvoice.com/home/i-kno
This week Brightcove begins a new lower-priced video service called Express that starts at $100 a month and offers some impressive features. I'm glad to see them in this space, which is still very much in the pre-Guttenberg publishing era. I thought I would take this moment to talk about some of the issues involved in publishing Web videos for corporate uses, putting aside all the tectonic shifts that are happening in the Web entertainment arena for another essay.
http://www.brightcove.com/en/video-plat
To put things in perspective, realize that it took only a few years for the Web to evolve from its first crude text-only efforts to a full graphical experience. Yet it has taken more than a decade to get videos inside the browser page. And while there are dozens of video streaming service providers, including Brightcove, Wistia, Fliqz and Kaltura, that offer ways of delivering videos, none of them are as easy to use as they could be, and almost none of them offer one-stop solutions for publishers.
In the last year I have spent a lot of time with video publishing as a result of my five-minute screencast videos, where I write, review, narrate and produce everything about a particular product. The product's vendor sponsors each video that appears on my WebInformant.tv site along with 20 other places around the Internet.
Just take a look at the most popular Web content creation tool of the moment, Wordpress, as a good case in point. If you create your own blog and host it using Wordpress.com, you can purchase a "space upgrade" for $20 a year and start uploading video content. But if you decide that you want more control over your page design and host your blog on your own Web server, this space upgrade option isn't available and you have to dive into the nasty world of third-party video player plug-ins. Even though you are still using Wordpress software. It is these sorts of gotchas that can drive you crazy, or keep me fully employed explaining them.
All of these video services operate in some broad basic ways. After you prepare your video, you upload it to their server and then annotate it with any supporting text, keywords, and other information. You are then given a bunch of HTML code to embed the video player into your Web page. When you view the page, you see a player that you can click on and control the video playback, just as you would come to expect from YouTube et al. The special embed code contains tracking information that the service collects and then offers reports so you can see who watched what videos.
The service that I use at the moment is Wistia.com. Their most basic plan starts at less than $40 a month, and offers some very sophisticated tracking and embedding features. Their video player is very clean and crisp, and I haven't had too many reports about playback quality issues from my site. I recommend that you start with them and see if they meet your needs, and if not then you might want to ask the following questions:
First, do you need a branded player for your videos? Meaning that you have your logo somewhere on the first or end screen, or underneath the video image. For some people, this is important. Some services offer a single player, like Wistia, while others, such as Brightcove, give you more stylistic choices.
Second, do you need control over the ultimate size of the video image on your Web site? The various hosting services either offer this explicitly, or else (like the basic plan from Fliqz.com) leave it up to you to edit their embed codes that they provide for you to copy and paste into your Web page. If you have to manually edit the code, you want to maintain the aspect ration (horizontal to vertical) so your video displays correctly. (It helps if you produce your video for the ultimate intended size that it will appear on your Web site, too.)
Third, how big of an audience do you expect for your videos? Given that these are targeted at potential customers and not people looking for the latest skateboarding cats or guys gone wild, you should set expectations accordingly: several thousand views over a period of a few months is a good audience. Some of the services, like Wistia, charge by playbacks per month. Brightcove charges on the number of individual videos and on your bitstream consumption, which is harder to estimate. Kaltura offers a free Wordpress plug-in for hosting up to 10 GB of monthly video data.
Fourth, what kinds of reports and features are available from your service provider? With some services like Fliqz and Brightcove, their more expensive plans give you more features and choices.
Finally, what else is or isn't included in the service? One of the things that I like about Wistia is the ability to share the video project with a number of collaborators, such as my clients, who can view the video directly, without my having to email them a huge attachment.
As you can see, there is a still a lot to deal with when it comes to Web videos. If you have another site that you would like to recommend, please let me know on my Strominator blog. And if you are a subscriber of Sam Whitmore's Media Survey, you can listen to me and Sam talk about some of these video hosting and production issues on a Webinar that we will host this coming Thursday afternoon. For those of you that aren’t subscribers, I will post my Powerpoint slides on my slideshare.net/davidstrom account afterwards.
My latest screencast video on how to use Windows 7 libraries and built-in backup features has been posted to IT Expert Voice here;
http://itexpertvoice.com/home/windo
Proxy servers have been in the news as of late, both as a result of the Iran putative election and a new legal case where Microsoft is suing purveyors of advertising click fraud. I thought I would take you through what proxies are, how they can be used for both good and evil, and what all the fuss is about.
First, here is a little background. When you bring up your Web browser, you are asked how you want it to connect to the Internet. Most of us that have home PCs don't use any proxy, and go out to the raw Internet without any fuss or bother. But enterprises that want to cut down on their bandwidth usage, improve performance and security, and have control over what their users see use them all the time. Each browser first checks and sees if the Web page that is being requested is on the proxy's cache, or memory, and if so, it saves a few milliseconds or more by grabbing the page directly, without having to traverse the Internet at all. So proxies are often combined with caching servers to deliver the best combination of features and management. As far as the browsing user is concerned, all this happens without any notification, other than the pages seem to load quicker on their PCs. About the only configuration option is the IP address of the server, which is placed inside the browser options or network settings. And proxies are available for more than just Web protocols, although that is their most popular use case.
That is the good side of proxies. What about the evil side? Proxies are supposed to be for internal users of an enterprise, but if a hacker can find out the IP address of an internal proxy, they can gain access to lots of network resources. This was a common MO for the hacker Adrian Lamo, among others, and you still find corporations that haven't locked their proxies down with the appropriate security. It is also possible for proxies to operate on a user's PC without their knowledge, which is a common way botnets are created.
There are also proxies that are used to make your browsing history anonymous, which can be used for both good and evil; depending on what information you are trying to hide.
Now to the news. Microsoft filed suit in federal court yesterday against three people it claims were defrauding Internet advertisers by having automated programs mimic users clickstreams. They found the fraudulent activities by tracing the actions to two proxy servers. And once they blocked the particular IP addresses of the proxies, the fraudsters would simply alter them in a continual game of cat and mouse. The fraud involved is significant, and ClickForensics estimates that 14% of the total ad clickstream is faked.
http://www.nytimes.com/2009/06/16/busin
When the Iranian government wanted to block Internet access, several private individuals from around the globe took it upon themselves to set up the open source proxy Squid (squid-cache.org) and other tools on their own networks to get around these blocks. They then publicized (via Twitter) the IP address of their Squid PCs so that anyone could connect to the open Internet, rather than be blocked. Of course, as the government learns of these addresses, they add them to their block list, so another cat and mouse game ensues.
(small self-promotion here) The news is very timely, indeed. I am off next week to work with Blue Coat on producing another of my screencast product review videos on their proxy and caching server line for my WebInformant.tv site. Let me know if you'd like me to do one of these for your product, they are a unique way to promote and explain a product.
Symantec Corp.
http://symantec.com/
20330 Stevens Creek Blvd.
Cupertino, CA 95014
The suite covers three separate products that have been acquired over the years by Symantec for applications delivery via streaming or virtual layers and a connection broker technology that allows enterprises to manage the way their applications are packaged and delivered to users' desktops.
We tested Version 6.1 on various test machines in February 2009.
Requirements: Windows XP SP 1 or better with Java J2SE Runtime 5.0 update 6, Windows Server 2003/2008, Windows 2000, Windows Vista
Price: $360 (concurrent license), $270 (per node) for entire suite, Streaming + Virtualization $68, Virtualization only $44. Substantial volume license discounts.
Pros:
-- Powerful software management for multiple use cases so that enterprises can configure and deliver a wide variety of applications and situations
-- Granular virtualization layer technology
-- Competitive price for the features that are included
Cons:
-- Complex setup with multiple moving parts
-- No common policy management across the various software modules
-- Multiple management consoles for each software module
Summary:.Data loss protection is still a new field, but Code Green Networks brings a comprehensive solution to stopping leaks of confidential data to unauthorized users. Is your IT leaving with employees that are getting downsized? Is your customer list now the property of one of your competitor's? Then you might be interested in the latest data leak prevention appliance from Code Green Networks Called True DLP, it consists of hardware and software tools that can detect when critical information is being copied from your network to a Web mail account, a removable USB thumb drive, or placed inside a document that is emailed as an attachment, even over an encrypted connection or hidden inside a compressed file ZIP archive.
True DLP
Code Green Networks Inc.
http://codegreennetworks.com
385 Moffett Park Drive, Suite 105
Sunnyvale, CA 94089
(408) 716-4200
Code Green works in conjunction with the Blue Coat Web proxy (to decode SSL traffic) and a series of email encryption products from Zix, Cisco, and Voltage.
Requirements: Just about any network and server configuration is supported. More monitoring and control is available using Windows-based agents for both servers and desktops.
Price: $10,000 for 50 users, more for larger networks. Maintenance fee is an additional 18% annually, and agent support is an additional 20% fee
Pros:
Both structured and unstructured data protected
Automatically encrypts sensitive outgoing data
Straightfoward Web management interface
Cons:
There are a number of ways to install and configure the product, depending on your own network connectivity and which servers you choose to protect
Only Windows endpoints supported with its agents.
Symantec Corp. http://spn.com
Summary:
An online backup service that works automatically in the background to make copies of your most critical files and is very easy and economical to use. Online backups have several advantages:
-- To aid in recovering files from a lost or stolen laptop
-- To provide a simple but effective offsite storage solution for your data
-- To keep the costs of backups low and within reach of most businesses
Requirements: Windows 2000/2003 Server, Windows XP, Windows Vista with latest service packs installed, with at least 15% free disk space on the volumes that you want to backup.
Price: $9.99 a month for basic service for 10 GB storage. Premium service is $35 a month for 10 GB with seven year history of backups. Additional fees for more storage capacity, remote access, and online storage for Backup Exec v12 users.
Pros:
-- Easy to setup and operate
-- Free 30 day trial helps you test out the service and become familiar with its operation
-- 24x7 support included
Cons:
-- Requires a fast broadband upload connection particularly on the first backup or for very large file collections. Only incremental changes are sent on subsequent backups
-- Lack of progress indicators make troubleshooting more difficult
As enterprises depend more on Internet-based applications, it becomes harder to defend your network against blended exploits and attacks that target your specific applications. You need something like this product which is more than a standard firewall that typically relies on intrusion prevention and signature based defenses. Secure Firewall is a network and application security device with numerous protective features built-in that are especially useful for protecting your critical applications and data. Secure Firewall has a great track record in the industry when it comes to emergency security patches and CERT advisories, and comes with solid reporting and analysis features as well as the ability to create rules to defend Web applications.
We tested version 70007 on a small network in October 2008.
Pros:
• Combines inbound and outbound network & application protection for both known and unknown attack vectors
• Simple configuration of the TrustedSource global intelligence, and Geo-Location provide unique protections to reduce your organizations exposure to attack
• SSL & SSH inspection (decryption and filtering) protects against these holes in most deep inspection firewalls today
• Rules can be customized for particular defenses and very granular controls over applications
Cons:
• Uses a variety of management tools, some Windows-based, some browser-based
• Setting up different administrative roles is fairly complex
Info: www.securecomputing.com 55 Almaden Boulevard, Suite 500, San Jose, CA 95113
Product category: Email security appliance
Pricing: Least expensive unit $1,900 up to $70,000 for the largest networks
Secure Computing's Secure Web Protection service offers a proxy server to protect both malware and not-worksafe Web sites. It is a simple and unbotrusiveway to protect your browsing. It isn't useful for protecting Web servers from inbound attacks, for example, and shouldn't substitute for a fully-featured intrusion appliance, but it can protect individuals and small networks especially with a lot of home-based and remote office users. It is based on the company's experience with both its TrustedSource reputation management (see the separate review here) and its Secure Web security appliances.
Version: 1.0
Secure Computing www.securecomputing.com 55 Almaden Boulevard, Suite 500, San Jose, CA 95113
Product category: Web filtering and malware protection service
Pricing: 30-day free trial of the service for up to 250 users.
12 month subscription for both malware and filtering is $5 a month per user for 25 users. Quantity discounts available, and just filtering is less.
We tested the beta version of the service on a small network in September 2008.
Pros:
• Dashboard shows you status at-a-glance and easy to setup
• All critical features managed by a Web browser
• Uses the global intelligence features of TrustedSource.org
Cons:
• Service needs improvement to stop malware from entering via SSL connections
Napera N24 v1.2.1
Summary: Napera's appliance works in conjunction with Microsoft's Network Access Protection (NAP), and will support three different operating systems: XP with Service Pack 3, Vista, and Mac OS X. It allows for guest and identity-based access. It installs a small agent on each device that is used for the health check, and to help secure your computer and guide you with the remediation process. It also works with both wired and wireless networks too.
Category: Endpoint network security appliance
Pricing: $3495 for 24 gigabit managed ports. There are also stackable add-ons when you have larger networks. While this is expensive compared to other managed switches (Dell sells one for $500), it is a bargain when compared to full-featured NAC products from Cisco and others.
Pros:
Easy to use and setup
No Windows servers required to operate NAP
Cons:
Only Windows XP with SP3supported
Browsers must be at least IE7, Firefox 2 or Safari 3
Windows agents use Active X to install themselves
Napera Networks Inc 9423 SE 36th St Mercer Island, WA 98040
425 747 7142 http://www.napera.com
We tested VSN on a Windows XP running Outlook Express v6 in September 2008, using a pre-configured version of the software supplied by Voltage. This is how a typical customer would use the software.
Summary: VSN is a plug-in for Outlook/Outlook Express that makes for sending and receiving encrypted emails literally a snap. There is a Web portal for users outside the enterprise, and a secure file transfer application add-on to Windows Explorer as well.
Advantages: VSN is extremely easy to use once setup.
Enterprises should consider VSN if they are looking for more control over things like user experience, which help desk number to call, control over cryptographic elements like root certificates, integration with other systems like Blackberry Enterprise Server. Also, if they are looking to off-load managing third-party authentication and providing help desk support, then VSN should be on your radar.
Disadvantages: You will probably need to coordinate the installation among several different IT departments. The online documentation is somewhat confusing.
Voltage Security Inc. 4005 Miranda Avenue #210, Palo Alto, CA 94304 (650) 543-1280, http://voltage.com/products/vsn.htm
Requirements:
Windows only, works with Outlook (2000-2007), Outlook Express and Vista Mail applications
Price: $65 per seat per year, includes both secure email and secure file transfer
Secure Computing's Secure Mail email security appliance combines several different but complementary protection technologies for both inbound and outbound emails in one easy-to-setup box. While lots of vendors have anti-spam products, Secure Mail offers a superior way to stay ahead of the constantly changing and increasingly sophistication of spammers, and the company guarantees it can block 99% of unwanted inbound emails. It also has a wide range of outbound protective features that can help corporations be in compliance with various reporting rules such as SoX and PCI.
Product category: Email security appliance
Pricing: Base unit starts at $1,995, plus an additional $13.00 per user/year, lower for multi-year contracts and for more than 500 user networks. There are more powerful and costly appliances for larger networks.
We tested version the S10 appliance, which is the smallest and least expensive unit, running software version 6.7 on a small network in September 2008.
Secure Computing www.securecomputing.com 1-800-379-4944
55 Almaden Boulevard, Suite 500, San Jose, CA 95113
Pros:
• Dashboard shows you status at-a-glance
• Almost all critical features managed by a Web browser
• Combines inbound and outbound email protection with global intelligence features of TrustedSource.org
Cons:
• Changing startup configuration values once you complete the wizard can be tricky to find the right input screens
• Reports can be difficult to interpret
Symantec's Altiris Workflow Solution v 6.0 is a series of products that were acquired from LogicBase called TLogic. Used together, they can help you automate virtually any IT process or workflow and imbed business logic into the processes too. The product can be useful for something that requires repetitive human interaction, such as designed an automated system for gambler's comp packages at a casino to keeping track of cleaned rooms at a hospital. Almost any type of process or Workflow can be automated with Workflow Solution.
We tested the product in August 2008 on a prebuilt virtual machine that was supplied by Symantec.
AltirisSalesInfo@symantec.com, 888-252-5551
http://www.symantec.com
Requirements: Windows Server 2003 or later. Symantec's Altiris Notification Server and several other Altiris SDK and developer tools (free)
Price: $25,000 for server and designer, additional designer licenses are $4,000 each
Category: Workflow management
Pros: Sophisticated models can be built with little programming expertise
Cons: There are a lot of moving parts to assemble before you can begin working
TrustedSource and other sites are used to answer questions such as – is someone sending spam that looks like it is coming from my domain, called spoofing? Has my Web site been compromised recently? Do I have an open relay email server that I don’t know about? The Internet is a nasty place, and the idea that a service can be watching globally for exploits is a good one.
TrustedSource.org
Secure Computing Inc.
55 Almaden Boulevard, Suite 500
San Jose, CA 95113
408.494.2020
Category: Internet reputation management
Free service, although registration required for additional features
Summary: TrustedSource has a variety of tools to investigate spoofing, spamming, and bot net proliferation that is taking place using your domain names. It is also included as part of a series of products offered by Secure Computing and others as a way of providing real-time threat blocking services.
Pros: Easy to use, a wide variety of information is presented in clear detail
Cons: It is a lot like brushing your teeth; you need to develop a daily habit of checking your site.
TimeDriver isn't a shared calendar or simple meeting scheduler. Rather, it is a free service that lets you add a self-service scheduling link to Web pages and e-mails so people can book your time without conflicts and manage events on your electronic calendar.
TimeDriver.com, beta
TimeTrade Systems Inc. 100 Crosby Drive, Bedford, MA 01730
781-541-5800
Category: Appointment scheduling software
Pros:
Simple to setup and use, free of charge and feature rich
Appointments can be offered via email or Web pages
Cons:
Outlook users need to be online to sync their appointments and busy time for scheduling to work well
Negotiated group meetings are better handled with other services
Price: Free
Requirements: Works with IE, FF, and Safari on both Mac and Windows
Integrates with Microsoft Outlook (plug-in required) and Google Calendar.
eEye Digital Security's integrated endpoint security agent Blink offers a wide variety of protective measures, including personal firewall, anti-virus and anti-spyware, host intrusion prevention, and overall system registry and executable file protection. We tested the product in August 2008 and demonstrate some of the ways these features work together and how easy they are to configure. There are versions for personal use as well as ones that communicate with a central policy server too.
Summary:
Blink v 4.0.4, eEye.com, runs on Windows 2000 or later versions both 32 and 64 bit too
eEye Digital Security, 111 Theory Suite 250 Irvine, CA 92617
Pricing details: Personal $25/yr (3 for $35), Professional $290 for 10 one-year licenses
For more information please go to http://www.blinkfree.com
Pros:
various security services all covered with a single agent
Powerful policy management tools
Enterprise manager works via hardware or software
Cons:
Individual users can't review report archive
Can't add custom ID theft rules
Servoy Developer is a Java enterprise rapid applications development environment. I have always thought of Java as write once and debug everywhere, but the Servoy tools are changing that with the ability to develop a single code base that can be deployed across Windows, Mac, Linux, and run in a wide variety of browsers too. Let's take a look.
Before you do anything, make sure you have the latest Java JRE from Sun installed from this page.
Next, download the Servoy .JAR package or use the EXE if you are running Vista. One nice thing is this is free and a fully functioning version with up to five licensed clients, what they call their community edition. It includes the application server, support for Eclipse. and a lightweight Web server too.
Servoy Developer v. 4.0
Pricing details: $895 plus $349 per concurrent client
Product category: Java app development enviroment
Servoy USA, 299 W. Hillcrest Drive Suite 115, Thousand Oaks, CA 91360
(805) 624-4959, http://www.servoy.com
Summary: Servoy has a lot to offer Java developers and a nice way to deploy multiuser Web 2.0 applications from a single code base.
Pros:
• All open source tools and methods here.
• A very rich visual programming environment that can quickly build apps.
Cons: There is a lot to get used to and the user interface is a bit hard to navigate.
General 4.0 Resources - Flash Movies, PDF Files, Reviewer Guide
http://www.servoy.com/generic.jsp?mt=39
We review endpoint security product StormShield from SkyRecon. There are two parts to the product: The server components (including the relational database and server) and the various agents that run on each endpoint. Among other things, the agent contains a host-based firewall and policy engine that can be customized to control applications and particular endpoint device features such as USB peripherals and registry entries. We tested version 4.801 on a simple network in July 2008.
Unlike anti-virus software, it doesn't rely on signatures but on behavioral patterns of malware and exploits, to block them. It replaces the weak Windows personal firewall with a powerful host IPS engine and applications control features.
SkyRecon Systems Inc., 1440 Broadway, 23rd floor, New York, NY 10018
Tel: (877) 239 3057 | Fax: (646) 512 5167 | www.skyrecon.com
Product category: Endpoint security software
Pricing: $39-$132 per seat, depending on quantity and features purchased.
Information: http://skyrecon.com/stormshield
Summary: Application control and host IPS make for some powerful endpoint security features.
Pros:
• Variety of ways to lockdown particular endpoint components
• Runs in Windows kernel so can be used to block keyloggers without the need for signatures
Cons:
• Windows XP and 2000/SP4 only, somewhat cumbersome policy creation process
• Somewhat verbose logging can be difficult to parse
David Strom
St. Louis, MO
310-857-6867
david (at) strom (dot) com
Profile
![[info]](http://l-stat.livejournal.com/img/userinfo.gif)
webinformant- David Strom
- Strominator blog
Syndicate
