Sunday, December 20, 2009

Unified Threat Management

What's next in security with respect to edge appliances? Unified Threat Management (UTM). Over the past couple of years, we have witnessed more and more integration and consolidation of services within the Datacentre under the label 'Unified' Communications. This does not only pertain to Voice over IP but deals with how multi-systems that serve different purposes can be brought together for centralized management and providing centralized services for end-users i.e. ability to use one device for messaging, secure application serving and voice.

The same thing is now happening with backend edge security architecture. The days whereby several appliance boxes are deployed to secure data-flow in and out of the Datacentre are almost over. While the UTM market is still in its infancy, but Juniper Networks has shown what we expect with their SSG Series products. Fortinet is also now offering UTM and using that to push their vision of what future should be like for security appliances.

These products usually provide the following in one appliance:
  1. Stateful firewall
  2. IPSec VPN
  3. SSL VPN
  4. Intrusion Prevention Systems
  5. Antivirus (anti-spyware, anti-phishing, anti-adware)
  6. Anti-spam
  7. And Web filtering
Fortinet UTM
I had a first close up look at Fortinet's UTM product, the Fortigate Appliance. At first glance, it looks pretty good. I will be playing with the 110C appliance in my lab and will also conduct some benchmark tests against other competitors e.g. compare it's firewall capability with another firewall vendor (Checkpoint, Juniper), Proxy (Blue Coat), Anti-Spam (Ironport). Expect more soon!


Posted by Luke E. Babarinde, CISSP at 2:18 PM 0 comments

Sunday, December 06, 2009

Technology and Solar Power

As I'm sitting typing this entry and listening to a story on CBC which talks about how Portugal has become the leading country in the world in use of alternative source to provide electricity through of renewable energy - it caught my attention because just yesterday I was having a conversation with my friend who had come to Canada from Nigeria. He was debriefing me on how things are in Nigeria. We spoke of many issues affecting the country. Then started to talk about technology in the Nigeria society and how electrical power provided by the state has become completely undependable. I was thinking at the time what should be done outside the box to fix the problem because without power, technological advancement becomes a drag.

That then got me thinking about solar power. Sunlight is very much in abundance in Nigeria. A common Nigerian city gets around 6hours of sunlight in the rainy season and as much as 10hours in the dry season. In contrast, Toronto gets 2.4 hours of sunlight in Dec during Winter and around 8.9hours in July at the height of summer. This presents Nigeria a great opportunity to utilize this natural resource. Ironically, as I started doing some research, I came across a developing story in Nigeria that the government has just approved licenses for companies to for solar projects.

If Nigeria and other developing cities in around the world can find ways to harness the power of renewable resources such as sunlight, it would help build a platform for technology such as the Internet to become easier and more inviable to invest in and provided at a reasonable cost to the citizens. China realized this a while ago. Heck, I even invested in a Chinese solar stuck (Solarfun - SOLF)Look at them today!
Posted by Luke E. Babarinde, CISSP at 5:28 PM 0 comments

Thursday, December 03, 2009

Cyber-crime on an exponential rise

Here is an interesting article that came out last year on the trend of security threats. http://www.mcafee.com/us/local_content/reports/sage_2008.pdf This chart shows how Trojans attacks have doubled each year since the internet went public. Thank you Mike Kolasa for drawing my attention to this chart.

Posted by Luke E. Babarinde, CISSP at 5:57 AM 0 comments
Labels:

Saturday, November 28, 2009

Adobe annoyance with 64bit

Here's a rant entry...

I noticed lately that 32bit apps overheat my computer. For that reason, I always try to use 64bit apps whenever I can. Just like everybody else, my most used application is a, yes, you guessed right, an Internet BROWSER! So, I would pop up my native Internet Explorer (IE), Chrome or Firefox and by the time I have 6 tabs opened, my CPU and fan would start going crazy and burning my lap.

But today, I decided to give IE64bit a shot. After all, it comes pre-installed with Windows 7. Instantaneously, I could see the difference in CPU utilization and how steady my laptop generally operated under 64bit native IE. BUT, when I tried to visit a flash page, I realized that I needed to install the 64bit version of the software. I subsequently went to Adobe’s website to do this and was met with the following...


What that picture shows in a nutshell is that Adobe Flash does not support 64bit browsers. I find this really ridiculous and annoying. If I saw this message in the year 2006, I would have been more forgiving, but to think that we are almost in the 2010 yet a major company like Adobe are unable to get with the times is complete negligence of their doing their due diligence. This is a perfect example why monopoly kills innovation.


Posted by Luke E. Babarinde, CISSP at 4:12 AM 0 comments

Tuesday, November 17, 2009

Cyberwarfare is upon us!

It is indeed upon us, The Age of Cyberwarfare! Be afraid, be very afraid!!!

Well, OK, maybe not exactly an atomic bomb and I'm just exaggerating a little bit. But I always pay attention to news of this kind and it came as no surprise to me when I came across an article on this subject on bbc's website this morning that nations of the world are constantly engaged in cyberwarfare. Am I shocked? Not exactly! This is exactly why I chose to become a security specialist. I love living on the edge in anticipation of the inevitable and being able to use technology as the tool to put up a fight.

It is said that in April 2009, China and Russia infiltrated the US electric power grid. The effect of what could happen can be seen in Bruce Willis' last Die Hard movie, Live Free Die Harder, where power outages were used to bring chaos and confusion that lead distraction for the government against a bigger attack, take down the government. Thank goodness, Bruce Willis came to the rescue in that movie. But if this kind of cyber-attack happened in reality, the effect will be dire.

The article went further to talk about the biggest problems with cyberwarefare - Understanding the motives of the attacker and knowing exactly who attacker is at the zero hour. This why it's best to do the best to avoid attacks and remain proactive than taking a reactive approach. I was asked once during an interview for a Security Architech position with a police department in Ontario what I would recommend for an Intrusion Detection System (IDS). My answer was, "why talk about IDS when you should be focusing on IPS (Intrusion Prevention System)". But they still insisted that I talk about IDS. The point is that this kind of attitude and reasoning is going to have to change to mitigate impact of attacks. Implement solutions and controls that will protect the infrastructure rather than just implementing solutions that audit attacks when the damage is done. After all, prevention is ALWAYS better than cure.
Posted by Luke E. Babarinde, CISSP at 7:02 AM 0 comments
Labels: ,

Friday, November 06, 2009

Accelerating the Internet

I've been in San Francisco since November 1st taking training on Riverbed Steelhead Technology. Riverbed Steelhead is a WAN optimization appliance which is number one is Gartner's Magic Quadrant. This lab-intensive course is intended to impart knowledge of deployment and administration of Steelhead appliances in complex network environment into network professionals. Prerequisites for this class includes certifications such as CCNP/CCIP or advance knowledge of routing protocols, TCP/IP, network design and troubleshooting. Also, basic knowledge of Linux is essential.

This training has helped me understand TCP's behaviour when transversing devices such as routers, switches and firewall.

WAN Optimization basically solves these problems
  • Enable effective branch consolidation*
  • Cut bandwidth costs*
  • Improve application performance*
  • Make IT more effective while spending less*

*Riverbed Technology Overview

I will update this after the training comes to a close.

Posted by Luke E. Babarinde, CISSP at 7:16 AM 0 comments
Labels: ,

Friday, October 23, 2009

Cloud computing - Reality and Visions

Cloud computing is now the current 'buzz word' out there in the Enterprise world. Every major vendor talks about their strategy to provide or enable cloud computing and how it is the next best thing. But the question is; Is cloud computing a new thing? Absolutely NOT! In essence, cloud computing is no more than a data centre that resides outside an enterprise infrastructure. This is not a new concept and has actually been deployed for sometime now. The only difference now is that with technologies such as virtualization and enhanced Internet bandwidths now provide good backbone to host services off-site for enterprise. This now becoming what we know as utility grid-computing. Enterprises are charged based on usage of the service. Usage is monitored and metered off and translated into a bill - Just as we have with traditional electricity and gas bills.

Benefits

  • Web enabled software services is accessed via web from anywhere at anytime
  • No need to have experts in house to maintain the infrastructure
  • Reduced cost of purchasing hardware or building the infrastructure
  • Scalability or capacity planning becomes a 'no' issue

Things to consider

  • Legal issues - An enterprise must be fully aware of the laws in the country where their information resides. Every country has different regulatory laws that govern information, who can access it and what it can be used for. This becomes even more of an ensure in today's global market.
  • Encryption technologies - This is another important point. It simply touches on how a country may allow a particular encryption technology that may be illegal in another country. For instance, if an enterprise is using a provider that's based in a different country and consequently using an encryption technology which may be perfectly legal in their region, the enterprise may actually face legal issues if the encryption technology used is not allowed in the country which they operate. This issue is common with 'Key strengths' used to encrypt data. Read more about this here - http://en.wikipedia.org/wiki/Electronic_Communications_Privacy_Act
  • Cloud computing does not translate to freedom from Operating Systems - Contrary to what you may have read in several articles that translate the term 'cloud' into a world without the need to no longer use an operating system, This is not yet technically viable. Operating systems are not just used to access the Internet. If you want to print documents to your local printer, upload pictures from an imagine device, listen to CDs or watch DVDs; you still need some form of Operating System to coordinate all those functionalities. So don't start planning on ditching your PC or MAC support contracts just yet - they are still very much a part of this cloud equation!
Posted by Luke E. Babarinde, CISSP at 12:23 PM 0 comments
Labels: ,
Subscribe to: Posts (Atom)