Sales
Support Zscaler, Inc., the market leader in cloud security, today announced the worldwide availability of the industry's first fully integrated email and web security service. With the addition of email security to its existing web security portfolio, Zscaler now offers enterprises with the most comprehensive cloud-delivered service that protects against most Internet-based risks. It also consolidates multiple point products, simplifies IT administration, increases security, while reducing costs and risk to the business.
"Web and messaging security are no longer mutually exclusive," says Christian Christiansen, Program Vice President for IDC's Security Products and Services group. "Malicious URLs appear in emails, phishing attacks, and sophisticated blended threats that target multiple protocols. The use of web-based malware forces organizations to adopt security technologies that can address both web and messaging threat vectors to an equal degree. Offering potential solutions, Zscaler's security SaaS offerings provide integrated web and email security that reduces cost and complexity while improving security."
Extending Cloud Security from Web to Email Gateway
Zscaler launched its game-changing cloud-delivered web security service in 2008 and is now protecting millions of users in 140 countries. Customers range from G2000 enterprises to governments to SMBs. To complement the web security offering, Zscaler has now extended its infrastructure to also provide a deep and comprehensive email security service that provides protection against spam and malware.
Key features include:
- Accurate filtering to block spam and phishing
- Deep protection against viruses and spyware before they enter the enterprise perimeter
- Flexible policies to define granular mail flow and encryption
- Data Loss Prevention (DLP) for SMTP and webmail
- Rich, interactive and correlated real-time reporting
"We have been a happy Zscaler web security customer," said Bob Fairclough, Manager of Technology Services at Raritan Bay Medical Center (RBMC), a leading healthcare institution in New Jersey. "Replacing our email security appliances with Zscaler's email service was almost effortless. Integrated email and web security has provided us holistic reporting and common security policies as well as saved us time and money."
Defining a New Standard for Integration
While many vendors talk about web and email integration, offerings are limited to a common dashboard. Beyond that lie two disparate user interfaces as well as multiple policy managers and reporting systems. Truly integrated web and email security is a key factor setting Zscaler apart from the competition.
Service highlights include:
- Single Policy: Truly one policy manager for email and web security
- Integrated Security: Cross-leveraging threat intelligence with full inline real-time content inspection of email and web traffic for better detection of advanced threats and data loss, as well as dynamic classification of web pages to proactively stop suspicious and malicious code. For example, detection of transaction by botnets sending spam is leveraged by the web security service in real-time.
- Integrated Reporting: Holistic visibility for email and web, with unified real-time reporting down to the transaction level at incredibly fast response speeds, powered by Zscaler's patented NanoLog technology
- Common DLP: A single, common user interface and policy manager for Data Loss Prevention (DLP), eliminating the need to maintain separate sets of policies and dictionaries for email and web
"Driven by cost, complexity and growing security risks, enterprises of all sizes are looking for integrated cloud security services," said Patrick Foxhoven, CIO of CentraComm, a managed security and network services company based in Ohio servicing Fortune 50 to mid-market customers. "Unlike other offerings, Zscaler email and web are truly integrated, enabling us to serve our customers better by addressing all threat vectors they face with a single unified platform."
In addition, the Zscaler services offer policy-based protection for mobile users anywhere and at any time. With 40+ data centers globally, re-routing latency is minimum and 100% reliability and availability is ensured.
"The new version of Zscaler gives new meaning to, and defines a new standard for, integrated web and email security services," said Jay Chaudhry, CEO of Zscaler. "It also provides us unrivalled visibility into evolving threats across mail and Web globally."
Product Details
[ add comment ] ( 1 view ) | [ 0 trackbacks ] | permalink
This neat product combines with iOS 4 has just helped make the iPhone more enterprise capable.
Core Components Include a New Model for Enterprise Application Discovery and Zero-Touch Security .
MobileIron, have announced a broad set of capabilities to accelerate the adoption of iPhones in the enterprise.
MobileIron's new application discovery, zero-touch security, and real-time cost control services leverage the APIs available with iPhone 4 and iOS 4 to provide the first complete management solution for iPhone, iPod, and iPad.
MobileIron enables IT organisations to secure and manage iOS 4 devices end-to-end while preserving the full user experience of the platform.
With MobileIron for iOS 4, businesses can now take advantage of that same power to easily develop, secure, and publish their own in-house apps to their employees. iOS 4 is a watershed release for the industry that will catalyse mobile application development and shift the battle for the mobile enterprise from email to apps."
MobileIron for iOS 4 addresses three core enterprise requirements:
Application discovery: For the first time, application discovery for in-house apps will be easy for both IT and the end-user. IT can publish a catalogue of the company's in-house apps for users to download over-the-air, without iTunes required. Different apps can be made available for different users, based on policy. For example, the sales team might have access to CRM and expense reporting apps while the engineering team has access to knowledge management and collaborative apps. IT can now also maintain an accurate inventory of what apps are on what iPhones and restrict access to enterprise email if non-compliant apps are present.
Zero-touch security: User intervention is no longer required to update iPhone security and application configuration profiles. IT can now push profiles to iPhones without requiring any action on the part of the user. Certificates can be used to authenticate user and device identity. All devices accessing the enterprise can now be managed 24x7, with constant management connectivity. Modified iPhones can be kept out of the enterprise and all iPhones can be kept up-to-date and in-sync with corporate security policy.
Real-time cost control: One of the largest and most unpredictable business telecom costs is data roaming charges from apps and web browsing. With MobileIron for iOS 4, IT can now monitor international roaming in real-time. Whenever an iPhone user travels to a new country, both the user and IT are notified to ensure that costs are tightly managed and service plans are appropriate.
MobileIron for iOS 4 strengthens iPhone security and manageability for all organisations, regardless of whether they are deploying just email or email plus apps. However, as apps usage in the enterprise explodes, MobileIron's management platform will allow IT to keep pace with both iPhone innovation and user demand.
[ add comment ] | [ 0 trackbacks ] | permalink
We have been doing lots of installations and proof of concepts with Riverbed Cascade (Network Behavioural Analysis) all across Europe recently and have collected together a few of those jaw dropping moments when people suddenly realise they don’t know quite as much about their network as they thought they did!!
ByLocation
Cascade allows you to group devices (servers, clients etc) by different variables, one of which is geographic location. Sometimes the result show a whole range of IP addresses and devices which were completely unknown to the central network team.
When creating/importing the ByLocation host group view members of all existing host locations. Then add a new group “0/0 unassigned”. This will pick up all internal addresses that have not yet been allocated into one of the location groups. This has 1 or 2 effects – it identifies those locations that were missed from the network location list, and/or identifies networks/IP addresses that hitherto were unknown to the network administrators.
Server Delay / Network Delay
Being able to track real-time responses of real application traffic anywhere in the network is powerful, after all that is the whole purpose of the systems, to provide decent responses and performance to end users no matter where they are or what application they are running.
Whilst navigating through the various reports look out for any large numbers around the RTT / Server Delay / Network Delay fields. Whilst they may not in themselves be cause for alarm, it should warrant further investigation to prove that these large numbers are acceptable. Remember, because we are just installing the profiler we have no concept of normal behaviour on this network. It is equally likely that we have identified a problem area as it is this is normal behaviour (server delay should never be excessive though)
Suspicious connections
Because Cascade can see all traffic traversing the network, it can see stuff that should be there and perhaps stuff that shouldn’t.
A tough one for us to identify as we do not fully “understand” the customer’s network - but go with their instincts. On a couple of occasions we have noticed client host systems connecting to other hosts (server or client) that have required additional investigation e.g. why is that system in Italy connecting to another in Finland? In this particular instance we noticed that the volume of traffic between this client and the Exchange server was far greater than its contemporaries. Drilling into this client then identified a number of other suspect connections including the Finnish one.
Daily Reports
The reporting capabilities of Cascade are vast. Whether you are a network person, a server person, an application person, a security person, a line of business person, a data centre person..... (the list goes on), Cascade has reports which are useful to you in your daily life. As a line of business person, for example, getting a report showing end to end performance of an application and variations across the reporting period and from normal, gives a clear view that all is well, or otherwise. So that report turning up in your inbox every morning along with the ability to look at your customised dashboard in real0-time, means you have a real handle on your critical service delivery.
Try and configure a daily report that emails to the principal contact – say WAN Utilisation report, and/or a mission critical application reports such as SAP Utilisation or Exchange. This will help to keep Cascade in the forefront of their daily activity. We don’t want them to forget it’s there two days after leaving site.
Product details
[ add comment ] ( 1 view ) | [ 0 trackbacks ] | permalink
Many organisations will typically have backup network paths between the datacentre and their branches protecting against failure on their primary WAN circuits. The technology options for these backup circuits may vary from dial-up circuits such as ISDN to low speed serial circuits such as lease line or frame relay. Many organisations today use xDSL for this purpose.
An important factor in this is ensuring the backup circuit is alive and operating correctly at all times – it will be too late when the primary system goes down to then find that the backup circuit also isn’t working with a preventable problem leaving the branches disconnected from the datacentre.
The PathView software sequencers located in each branch are used by the PathView system in the datacentre to monitor the network paths between the datacentre and the branch sequencers. The PathView system reports on a variety of metrics including: latency, jitter, capacity, utilisation, and (of course) connectivity. If any of these metrics breach the predetermined thresholds then alerts are automatically issued so that remedial action can be taken if necessary.
This is all well and good for the primary circuit, but how can we monitor the backup line? The sequencer by default is installed with just one network interface. By adding an additional interface to the sequencer and monitoring systems on a VLAN dedicated to monitoring the backup route we can now test both the default and backup paths.
The diagram above shows a typical MPLS architecture with IPSec backup paths. For clarity the routing for just one branch has been detailed.
Having sequencers with two interfaces at each branch location will allow for simultaneous monitoring of either WAN type from either direction. This will provide great visibility into path performance for each scenario.
Paths are defined as a triple in PathView Premise (sequencer, target, target type).
To take advantage of the dual interface create and assign a duplicate target type for the IPSec VPN paths.
Example:
SeqA=head office
SeqB=some branch office
10.10.10.x=MPLS WAN IP numbering
172.16.1.x=IPSec WAN IP numbering
Possible Paths:
SeqA(10.10.10.x) to SeqB(10.10.10.x) using Server WAN (MPLS)
SeqA(172.16.1.x) to SeqB(172.16.1.x) using Server WAN (IPSec)
You could also perform UDP monitoring at the same time:
SeqA(10.10.10.x) to SeqB(10.10.10.x) using Server WAN (MPLS - UDP)
SeqA(172.16.1.x) to SeqB(172.16.1.x) using Server WAN (IPSec - UDP)
Furthermore, you could perform monitoring in the opposite direction…..
SeqB(10.10.10.x) to SeqA(10.10.10.x) using Server WAN (MPLS)
SeqB(172.16.1.x) to SeqA(172.16.1.x) using Server WAN (IPSec)
SeqB(10.10.10.x) to SeqA(10.10.10.x) using Server WAN (MPLS - UDP)
SeqB(172.16.1.x) to SeqA(172.16.1.x) using Server WAN (IPSec - UDP)
[ add comment ] ( 2 views ) | [ 0 trackbacks ] | permalink
Citrix have upped the ante in the server virtualisation stakes by offering their “enterprise-class, cloud-proven” XenServer platform at no cost.
This is an interesting twist in the server virtualisation wars. They have decided their very capable product can be free, presumably to step on VMware ESX sales by differentiating themselves at the entry point. In the current cash strapped times this should do them no harm at all.
It is not a cut down or incapable version, it comes with a feature set that will be all many organisations need, with features such as centralised multi-node management, and full live motion.
They are reverting to a classic Citrix model of adding value to “standard” products by producing a range of chargeable add-ons for those who need them. Citrix Essentials™ for XenServer, a new product line that includes a rich set of capabilities specifically optimised for the XenServer environment. These optional features including:
• lab automation
• dynamic provisioning
• workflow orchestration
• high availability
• seamless integration with leading storage systems
will be directly visible in the XenCenter administration console in grayed-out mode, making it easy to understand the additional capabilities available. As Citrix adds new enhancements to the Citrix Essentials product line, all active XenServer users will have the option to be automatically notified of these new capabilities through their XenCenter management console.
Customers using Microsoft Windows Server 2008 Hyper-V for their virtualisation platform will also be able to add similar advanced virtualisation management capabilities to their environments by purchasing Citrix Essentials™ for Hyper-V™. With the Citrix Essentials product line, Citrix is committed to adding significant value to both XenServer and Hyper-V, the two fastest growing virtualisation platforms in the market, helping customers in all market segments achieve more manageable, scalable and agile data centres in a way that leverages their existing investments in the most efficient way possible.
[ add comment ] ( 16 views ) | [ 0 trackbacks ] | permalink
Calendar
