WINS Monthly Meeting 11_05_2004
Download
Report
Transcript WINS Monthly Meeting 11_05_2004
WINS
Monthly Meeting
11/5/2004
Agenda
Introductions
Widener Internet Solution
Allot NetEnforcer (Accounting/Shaping/Steering)
Allot Cache Server Pool
Fortigate 3600
Bluecoat Phishing Solution
Bluecoat Spyware Solution
Intermute Spyware Solution
Question & Answers
Introductions
Name
Title
Location
Widener Internet Solution
Allot NetEnforcer
(Accounting/Shaping/Steering)
Implement Application- and IP-Based Accounting
The NetAccountant software add-on for the NetEnforcer collects traffic data per session, gathering
information on source address, destination address, application type and policy. Use your owen application or
the NetAccountant Reporter to create tabular and graphical reports for capacity planning and resource
management.
Three Steps to Policy-Powered Networking
Policy-Powered Networking lets you efficiently manage traffic crossing the LAN/WAN boundary of an
enterprise network. The process of implementing a Policy-Powered Networking solution includes three steps:
1. Monitor network and bandwidth usage
Use the NetEnforcer's NetWizard setup utility to auto-discover applications in your network. Using this
information, you can determine which protocols affect your network performance and should be managed.
2. Define policies that link business priorities to computing needs
Use the QoS Policy Form to quickly define QoS attributes for the desired policies. Assign minimum and
maximum percentages of bandwidth, and prioritize traffic from 1 to 10. For additional policy definition, use
the Policy Editor to define policies based on addresses, protocols, VLAN tags, Type of Service, or time of
day.
3. Enforce the rules
Let NetEnforcer examine all traffic crossing the WAN link. Upon matching a traffic session with a rule,
NetEnforcer forwards the packets per the specified policy actions. Continually monitor network resources
using NetEnforcer's Traffic Monitor and refine policies to maintain maximum network control and
application performance.
Allot Cache Server Pool
Policy-Based Load Balancing Software
Transparently distribute client traffic to Web server farms Distribution of traffic
according to individual server capabilities Assure 100% uptime by automatically
rerouting down-server traffic
Web and other Internet-based server farms are a critical company resource. However, increased
complexity of server farms and the need for improved server performance have created the need
for network managers to more efficiently control and distribute server traffic.
Widener Fortigate 3600
Installed in July
Detects, quarantines, and eliminates viruses and
worms in real-time. Scans incoming and
outgoing email attachments (SMTP, POP3,
IMAP), HTTP and FTP traffic including web-based
email, and encrypted VPN tunnels – without
degrading Web performance
Detection and prevention of over 1300 intrusions
and attacks, including DoS and DDoS attacks,
based on user-configurable thresholds. Automatic
updates of IPS signatures from FortiProtect
Network
Processes all Web content to block inappropriate
material and malicious scripts via URL blocking
and keyword/phrase blocking
Industry standard stateful inspection firewall
Industry standard PPTP, L2TP, and IPSec VPN
support
FortiGate units can be deployed in conjuction
with existing firewall and other devices to
provide antivirus, content filtering, and other
content-intensive applications
Interfaces
10/100Base-T Ports 1
1000Base-SX Ports (Fiber) 4*
1000Base-T Ports (Copper) 2
System Performance
Concurrent sessions 1,000,000
New sessions/second 25,000
Firewall throughput (Gbps) 4Gbps
168-bit Triple-DES throughput (Mbps) 600
Unlimited concurrent users •
Policies 50,000
Schedules 256
Fortinet FortiGate-3600 –
Product of the Year - Gold Award –
Enterprise firewall system
searchNetworking.com
February 2004
A fortress in a box –
FortiGate 3600 offers a smorgasbord
of security services on one machine
FCW.com
October 2003
Bluecoat Phishing
What is a Phishing Attack?
A phishing attack is an attempt by fraudsters to fool a user into divulging confidential information over the
Internet. Phishing attacks often start by spammers sending out email messages and asking customers to
“confirm” their account information by clicking on a link found in the message. The user is then asked to enter
their personal information such as name, social security number, bank account number, password, and PIN.
Once captured spammers can use this information to deplete bank accounts, charge credit cards, and steal user
identities.
Blue Coat keeps employees safe while on the Internet at work. The ProxySG can be configured to deflect
phishing attacks in two ways. Earlier (and less sophisticated) phishing attacks employ the use of a pop-up ad to
request additional information. The ProxySG provides a pop-up blocking feature that allows you to permit only
required pop-ups such as those needed for Outlook Web mail.
The second method to control phishing scams by the ProxySG is to recognize and display the origin of any
secondary form presented to the user. The ProxySG does this by determining the origin of any Web site that
has a form and then posting a banner noting the origin. Because the most recent phishing scams deploy a
separate form when requesting personal user information, the ProxySG can prompt the user with the origin
address (URL or IP) of the form. Typically, a legitimate site with a form will be displayed with the actual URL
such as www.cnn.com. An IP address displayed indicates that a user is being redirected to another server and
should use extreme care. The banner is only displayed if the page contains a form.
Bluecoat Spyware Solution
What is Spyware?
Spyware is a general term for software that covertly monitors the actions of a PC. Spyware can either be
deployed with or without the consent of the user. Commercial spyware (also known as adware) occurs when a
user accepts (often through an arcane license agreement) the placement of software agents on their PC in
exchange for free software. Usually the software being downloaded provides no business benefit to a
corporation. The no-cost version of Kazaa desktop client, for example, requires the user to accept downloads
of numerous spyware (adware) agents.
Blue Coat provides the necessary on-proxy performance and policy extensions required for URL filtering to
comprehensively block Websites known to host spyware and adware. The Blue Coat ProxySG supports five
leading on-proxy URL filtering databases, plus custom categories, overrides and exceptions to advise, coach and
enforce users.
Administrators can block ‘Drive-by-Installs’ from any locations that may be installing Spyware. By blocking
downloads of .CAB, .OCX, .EXE and .DLL files the installation of spyware can be prevented.
Intermute Spyware Solution
Spyware in the Corporation, the latest Enterprise Threat
It is no secret that spyware has promoted itself from simply a PC nuisance to a highlevel enterprise problem. IT and network managers are seeing the enterprise
implications of desktop spyware - and realizing that staggering costs and risks are
associated with spyware running on corporate PCs.
Productivity is declining in organizations where PC users suffer from spyware
distractions, sluggish, infested computers, and broken Internet connections that can
result from manual attempts to remove spyware from PCs. IT help desk staffs are
being flooded with calls for assistance with PCs that "don't work", are painfully slow,
or have web browsers behaving strangely. In addition, after years of defending the
corporate network from outside threats such as hackers and viruses, spyware threats
are now routinely found running within the walls of the organization. Spyware easily
slips past traditional network security barriers. Spyware is threatening organizations
confidential information, productivity and overall network integrity. Traditional
security solutions can't stop spyware.
InterMute, Inc. ▪ 100 Grossman Drive ▪ Braintree, MA 02184 ▪ www.intermute.com
Questions & Answers
Next Meeting Friday Dec 3rd