[metaslider id=2951] … Read More
Archives for September 2014
Shellshock is a newly-discovered vulnerability in Bash (the Bourne Again Shell), one of the most commonly used shells on Linux, UNIX and OS X.
Although it can be exploited in some cases, the good news is that not all implementations can be exploited, and only certain services and applications allow a hacker to exploit this issue.
Please see our article on Naked Security for an explanation of the vulnerability itself.
In addition, we have examined our products and we are confident that the Shellshock vulnerability can’t be exploited in any Sophos product. Our IT systems have also been patched or were not vulnerable.
For the latest information on how this bug affects Sophos products, please refer to our knowledgebase article from Sophos Support.
Chances are that you have had the firewall for some time and unless there has been a problem, you simply keep renewing the product year after year. Security and productivity challenges have changed a lot lately, and so has firewall technology.
Unified Threat Management systems provide a layered defense without having to buy each component separately- Firewall, Email Firewall, Web Application Firewall and manage the wireless access Points.
Network Protection – Configurable intrusion prevention with flexible VPN options for site-to-site and remote access
Email Protection – Stops spam and viruses while keeping sensitive data safe with DLP and policy based encryption
Web Protection – Protect users from web threats, control online productivity and manage your web application bandwidth
Webserver Protection – Reverse proxy protects servers from exploits while providing authentication for external users
Wireless Protection – Centrally manage Wi-Fi access points and set up hotspots and guest access in minutes
Endpoint Protection – Provides desktops, laptops, and servers with antivirus, device control and web security
The Sophos UTM provides all of the above, and more. Contact us for more information.
The latest version has some added features/enhancements:
- Implement Exclude Rules in Linux agent
- LastLogins options needs to be implemented
- Various UI pages are formatted incorrectly
- Config file permissions need modification
Download the Release Notes for Snare Agent for Linux 4.1.0.
Some of the features of the Snare Enterprise Agent for Linux include:
- Caching of events in case of a network disruption, ensuring that events are not lost
- Log message delivery with TCP.
- Log to multiple destinations
- Encrypt messages between the agent and the Snare Server.
- Allowing the event log record to be formatted so it is accepted by a SYSLOG server.
- UTC (Coordinated Universal Time) timestamp format for events instead of local machine time zone format.
- Allow security administrators to either locally or remotely monitor changes to the agent’s configuration through a standard web browser.
Contact us with any questions
The Snare Product Suite is comprised of the Snare Server and the Enterprise Snare Agents allowing an organization to capture and report on the relevant security events to assist with compliance and best security practices.
The Snare Product Suite is an enterprise class Security Event Management system that has been designed as either a standalone product or can be used in large organizations to facilitate collection of the security events and send them to a master collector for further analysis or to another SIEM.
To learn more about the Snare Product Suite including the Enterprise Snare Agents, contact us.
Virtualization promises to boost efficiency and cut costs, making it an important element in your IT department’s efforts to do more with less. Whether you’re running applications on physical or virtual machines, you still need to stay vigilant to guard against the constant and growing hazard of malware and other cyberthreats that can put your business at risk.
Kaspersky Lab security experts have created this practical guide to help you learn about:
- The benefits and perils of virtualization
- How to fold virtualization into your existing security policies
- The difference between agent-based and agentless security software
- Choosing and implementing the right virtualization security solution for your organization.