- Email: [email protected]
Symantec's Thompson pronounces old style IT security dead
February 2005 ISSN 1353-4858
Featured this month
Contents NEWS
Microsoft pushes further into anti-virus and anti-spyware territory Microsoft bought another piece of the IT security market this month with its recent acquisition of anti-virus company, Sybari Software. Bill Gates announced at the RSA show in San Francisco that Microsoft will release a new a-v scanning engine based on the acquired technology. The resulting product will also come from technology gleaned from Microsoft's acquisition of the Romanian anti-virus vendor, GeCAD in 2003. The big question is, however, whether, a-v protection will come bundled with the Microsoft operating system. Microsoft already plans to give a spyware program away free to PC consumers. It has released a beta version of Spynet, which already has five million downloads so far. However the industry is still in the dark about how the company will make its future anti-virus offering available. Turn to page 2...
Microsoft pushes further into anti-virus and anti-spyware territory
1
Symantec’s Thompson pronounces old style IT security dead
1
Profession drive gathers momentum
2
Cisco widens security span in network
2
Gates announces security invasion
3
FEATURES VoIP Voice over IP: security pitfalls
4
Career
Symantec's Thompson pronounces old style IT security dead Brian Mc Kenna John Thompson, chair and CEO of Symantec told delegates at RSA 2005 that the "security game changed forever with Slammer."Security as traditionally delivered was no longer good enough", he said. And, in a side-swipe at his fellow keynote speaker Bill Gates, he said: "Nor is Microsoft sufficient for large enterprises. Slammer slammed Windows. A focused company like Symantec will always offer a better security solution than a player distracted by computer games," he added. Turn to page 3...
Getting ahead in security
8
Staff training When ignorance is not bliss
1o
Internet worms Worm cure is a hard act
12
Bluetooth Bluetooth attacks start to bite
14
Microsoft Microsoft tackles viruses and spyware at last, but will it be trusted on security? 16
Telecom fraud Telecom fraud: the cost of doing nothing just went up
VoIP - expanding the perimeter of attack Voice over IP (VoIP) is being embraced at a rapid rate. But for a business the decision to implement is complicated. The verdict needs to take into account network capacity, possible equipment upgrades and staffing and training costs. VoIP opens a company up to many security risks such as loss of service, DoS and compromise and eavesdropping among other risks. Turn to page 4...
17
Vulnerability roundup IE patched after ‘extremely critical’ warning
19
REGULARS News in brief Events
3 20
ISSN 1353-4858/05 © 2005 Elsevier Ltd. All rights reserved This journal and the individual contributions contained in it are protected under copyright by Elsevier Ltd, and the following terms and conditions apply to their use: Photocopying Single photocopies of single articles may be made for personal use as allowed by national copyright laws. Permission of the publisher and payment of a fee is required for all other photocopying, including multiple or systematic copying, copying for advertising or promotional purposes, resale, and all forms of document delivery. Special rates are available for educational institutions that wish to make photocopies for non-profit educational classroom use.
NEWS The company is aiming to cover threats at multiple layers of the network to control traffic, endpoints, users and applications. John Chambers, president and CEO of Cisco said, the“announcement is part of Cisco's ongoing commitment to deliver a more secure portfolio designed around the evolving demands of global businesses from their design and architectural needs at inception to helping protect their longterm network investments." Speaking at RSA, Chambers said that network integration is essential for security. And network defence must be largely automated. The portfolio of new Cisco additions is geared to keeping out viruses, spyware and DDoS attacks, providing application security and controlling and containing the network. Cisco has released version 5 of its Intrusion Prevention System, updated its anomaly detectors for switches and routers, and delivered Cisco Security Agent Version 4.5. These tackle viruses, DDoS attacks and spyware respectively. The company is also promising strengthened application security through enhancements to its SSL VPN products and proactive application control through a new version of its application firewall, PIX Software Version 7. In addition, Cisco is offering network control and containment though its security management products. These appliances resulted from Cisco's acquisition of Protego and monitor network traffic through correlation and anomaly detection.
Gates announces security invasion Brian McKenna, from RSA 2005, San Francisco ill Gates told delegates at RSA 2005 that Microsoft will enhance the security of its products in areas that include anti-virus, anti-spyware, and remote access.
B
In his opening keynote, 'Raising the security bar', the Microsoft chairman and chief software architect, flagged up the recent acquisition of Sybari as a key
February 2005
part of his company's perimeter isolation strategy. "Eighty-eight per cent of malware incidents still come via email", he said, and Sybari Antigen will be a Microsoft product by the end of 2005. The company has put its 2004 acquisition of Giant to use in the form of antispyware product and reporting network, Spynet. The beta product has had five million downloads and Microsoft is clocking up half a million spyware reports per day. The product "should be available at no extra cost to Windows users", said Gates. VPN vendors also may be given pause for thought by forthcoming security enhancements to Outlook Web Access, using ISA Server 2004, demonstrated during Gates' speech.
Symantec's Thompson pronounces old style IT security dead ...continued from page 1
Buoyed by the applause those remarks elicited, the chief of Symantec-plus-Veritas, continued in a pugnacious mood. He commented that he would not have been invited to keynote in the early years of RSA, when his company's "mundane" anti-virus technology was considered beneath the cryptographic focus of the event. "RSA's evolution beyond crypto is a microcosm of our industry", he said. And the role of security professionals will change towards risk management, he stated. "The market is moving towards more integrated infrastructure management", said Thompson, "with the integrity of actual information being more important than the technology." He told delegates that Symantec stepped back after Slammer to concentrate on re-orienting the company around asset and storage management. Hence the acquisitions of PowerQuest, On Technology, and now Veritas. As for Wall Street negativity over the Veritas acquisition, he countered: "this is a momentous change that we are determined to get done, and investors will come back."
In brief IBM to use Qualys software for managed security IBM is to offer Qualys's vulnerability scanning service to underpin its 24x7 managed security services. The system combines a hosted Web service and behind-the-firewall appliances to scans devices for 3,000 security holes and configuration errors that could be exploited by attackers.
Sophos joins Cisco's NAC program Antivirus software company Sophos will integrate the Cisco Trust Agent (CTA) into Sophos Anti-Virus when it joins Cisco Systems Network Admission Control (NAC) program, along Computer Associates, McAfee and Trend Micro. The CTA collects information from other security software clients, including antivirus clients, and relays that information to Cisco devices on the network. Machines that don't meet network security policies are denied access, quarantined or given partial access.
Tsunami hacker charged A 28-yearold London man, Daniel James Cuthbert, has been charged under Section One of the Computer Misuse Act for allegedly trying to hack into the Disasters Emergency Committee website that co-ordinates relief for tsunami victims last New Year's Eve. No money was lost.
Flaws show Microsoft needs Sybari The release by Microsoft of eight patches this month and announcement that it is to buy antivirus tools vendor, Sybari Software, underlines its increasingly desperate effort to shore up its reputation and market share, analysts say. "Microsoft has a long way to go when it comes to information integrity," said Dave Jordan, chief information security officer for Arlington County, Va. Eric Beasley, a senior network manager at Baker Hill Corp said Microsoft "may be issuing patches only once a month, (but) eight at once is a lot." Jon Oltsik, an analyst at Enterprise Strategy Group "Do you really want the fox to guard the chicken coop?" Sybari gives Microsoft a server-level security suite that will protect Exchange and Lotus Notes messaging servers as well as its SharePoint Portal Server collaboration software.
Network Security
3
Featured this month
Contents NEWS
Microsoft pushes further into anti-virus and anti-spyware territory Microsoft bought another piece of the IT security market this month with its recent acquisition of anti-virus company, Sybari Software. Bill Gates announced at the RSA show in San Francisco that Microsoft will release a new a-v scanning engine based on the acquired technology. The resulting product will also come from technology gleaned from Microsoft's acquisition of the Romanian anti-virus vendor, GeCAD in 2003. The big question is, however, whether, a-v protection will come bundled with the Microsoft operating system. Microsoft already plans to give a spyware program away free to PC consumers. It has released a beta version of Spynet, which already has five million downloads so far. However the industry is still in the dark about how the company will make its future anti-virus offering available. Turn to page 2...
Microsoft pushes further into anti-virus and anti-spyware territory
1
Symantec’s Thompson pronounces old style IT security dead
1
Profession drive gathers momentum
2
Cisco widens security span in network
2
Gates announces security invasion
3
FEATURES VoIP Voice over IP: security pitfalls
4
Career
Symantec's Thompson pronounces old style IT security dead Brian Mc Kenna John Thompson, chair and CEO of Symantec told delegates at RSA 2005 that the "security game changed forever with Slammer."Security as traditionally delivered was no longer good enough", he said. And, in a side-swipe at his fellow keynote speaker Bill Gates, he said: "Nor is Microsoft sufficient for large enterprises. Slammer slammed Windows. A focused company like Symantec will always offer a better security solution than a player distracted by computer games," he added. Turn to page 3...
Getting ahead in security
8
Staff training When ignorance is not bliss
1o
Internet worms Worm cure is a hard act
12
Bluetooth Bluetooth attacks start to bite
14
Microsoft Microsoft tackles viruses and spyware at last, but will it be trusted on security? 16
Telecom fraud Telecom fraud: the cost of doing nothing just went up
VoIP - expanding the perimeter of attack Voice over IP (VoIP) is being embraced at a rapid rate. But for a business the decision to implement is complicated. The verdict needs to take into account network capacity, possible equipment upgrades and staffing and training costs. VoIP opens a company up to many security risks such as loss of service, DoS and compromise and eavesdropping among other risks. Turn to page 4...
17
Vulnerability roundup IE patched after ‘extremely critical’ warning
19
REGULARS News in brief Events
3 20
ISSN 1353-4858/05 © 2005 Elsevier Ltd. All rights reserved This journal and the individual contributions contained in it are protected under copyright by Elsevier Ltd, and the following terms and conditions apply to their use: Photocopying Single photocopies of single articles may be made for personal use as allowed by national copyright laws. Permission of the publisher and payment of a fee is required for all other photocopying, including multiple or systematic copying, copying for advertising or promotional purposes, resale, and all forms of document delivery. Special rates are available for educational institutions that wish to make photocopies for non-profit educational classroom use.
NEWS The company is aiming to cover threats at multiple layers of the network to control traffic, endpoints, users and applications. John Chambers, president and CEO of Cisco said, the“announcement is part of Cisco's ongoing commitment to deliver a more secure portfolio designed around the evolving demands of global businesses from their design and architectural needs at inception to helping protect their longterm network investments." Speaking at RSA, Chambers said that network integration is essential for security. And network defence must be largely automated. The portfolio of new Cisco additions is geared to keeping out viruses, spyware and DDoS attacks, providing application security and controlling and containing the network. Cisco has released version 5 of its Intrusion Prevention System, updated its anomaly detectors for switches and routers, and delivered Cisco Security Agent Version 4.5. These tackle viruses, DDoS attacks and spyware respectively. The company is also promising strengthened application security through enhancements to its SSL VPN products and proactive application control through a new version of its application firewall, PIX Software Version 7. In addition, Cisco is offering network control and containment though its security management products. These appliances resulted from Cisco's acquisition of Protego and monitor network traffic through correlation and anomaly detection.
Gates announces security invasion Brian McKenna, from RSA 2005, San Francisco ill Gates told delegates at RSA 2005 that Microsoft will enhance the security of its products in areas that include anti-virus, anti-spyware, and remote access.
B
In his opening keynote, 'Raising the security bar', the Microsoft chairman and chief software architect, flagged up the recent acquisition of Sybari as a key
February 2005
part of his company's perimeter isolation strategy. "Eighty-eight per cent of malware incidents still come via email", he said, and Sybari Antigen will be a Microsoft product by the end of 2005. The company has put its 2004 acquisition of Giant to use in the form of antispyware product and reporting network, Spynet. The beta product has had five million downloads and Microsoft is clocking up half a million spyware reports per day. The product "should be available at no extra cost to Windows users", said Gates. VPN vendors also may be given pause for thought by forthcoming security enhancements to Outlook Web Access, using ISA Server 2004, demonstrated during Gates' speech.
Symantec's Thompson pronounces old style IT security dead ...continued from page 1
Buoyed by the applause those remarks elicited, the chief of Symantec-plus-Veritas, continued in a pugnacious mood. He commented that he would not have been invited to keynote in the early years of RSA, when his company's "mundane" anti-virus technology was considered beneath the cryptographic focus of the event. "RSA's evolution beyond crypto is a microcosm of our industry", he said. And the role of security professionals will change towards risk management, he stated. "The market is moving towards more integrated infrastructure management", said Thompson, "with the integrity of actual information being more important than the technology." He told delegates that Symantec stepped back after Slammer to concentrate on re-orienting the company around asset and storage management. Hence the acquisitions of PowerQuest, On Technology, and now Veritas. As for Wall Street negativity over the Veritas acquisition, he countered: "this is a momentous change that we are determined to get done, and investors will come back."
In brief IBM to use Qualys software for managed security IBM is to offer Qualys's vulnerability scanning service to underpin its 24x7 managed security services. The system combines a hosted Web service and behind-the-firewall appliances to scans devices for 3,000 security holes and configuration errors that could be exploited by attackers.
Sophos joins Cisco's NAC program Antivirus software company Sophos will integrate the Cisco Trust Agent (CTA) into Sophos Anti-Virus when it joins Cisco Systems Network Admission Control (NAC) program, along Computer Associates, McAfee and Trend Micro. The CTA collects information from other security software clients, including antivirus clients, and relays that information to Cisco devices on the network. Machines that don't meet network security policies are denied access, quarantined or given partial access.
Tsunami hacker charged A 28-yearold London man, Daniel James Cuthbert, has been charged under Section One of the Computer Misuse Act for allegedly trying to hack into the Disasters Emergency Committee website that co-ordinates relief for tsunami victims last New Year's Eve. No money was lost.
Flaws show Microsoft needs Sybari The release by Microsoft of eight patches this month and announcement that it is to buy antivirus tools vendor, Sybari Software, underlines its increasingly desperate effort to shore up its reputation and market share, analysts say. "Microsoft has a long way to go when it comes to information integrity," said Dave Jordan, chief information security officer for Arlington County, Va. Eric Beasley, a senior network manager at Baker Hill Corp said Microsoft "may be issuing patches only once a month, (but) eight at once is a lot." Jon Oltsik, an analyst at Enterprise Strategy Group "Do you really want the fox to guard the chicken coop?" Sybari gives Microsoft a server-level security suite that will protect Exchange and Lotus Notes messaging servers as well as its SharePoint Portal Server collaboration software.
Network Security
3