http://www.networkworld.com/topics/firewalls.html The latest firewall news, analysis and reviews on NetworkWorld.com. Network World, Inc. Copyright(C) 1994 - 2009 Network World, Inc. http://www.networkworld.com/news/2009/111209-h1n1-drives-demand-for-secure.html Vendors of remote access technologies are reporting an unexpected increase in demand for their products over the past several months as a result of companies' H1N1-related concerns. Jaikumar Vijayan 2009-11-12T12:00:00-04:00 http://www.networkworld.com/news/2009/111009-hundreds-of-facebook-groups.html An anonymous group calling itself "Control Your Info" has taken over hundreds of Facebook groups to highlight what it claims is a major security weakness on the social networking site. Eric Lai 2009-11-10T12:00:00-04:00 http://www.networkworld.com/news/2009/110909-cisco-doubles-down-on-collaboration.html Cisco Systems Inc. massively expanded its portfolio of collaboration technologies today, announcing 61 products, including a corporate-grade hosted e-mail system and a social networking application. Matt Hamblen 2009-11-09T12:00:00-04:00 http://www.networkworld.com/news/2009/110509-ssl-hole-cracks-open-secured.html A critical new flaw in SSL, or the Secure Sockets Layer used to protect Web traffic for online banking, shopping, and any other https connection, allows an attacker to break into any theoretically secured connection and add malicious commands. Erik Larkin 2009-11-05T12:00:00-04:00 http://www.networkworld.com/news/2009/110309-firewall-upgrade-tames-nasty-flash.html The nuisance posed by Flash-based games and Internet viral advertising is now so significant that security vendor SmoothWall has decided to offer a web filter capable of ‘intelligently' blocking the application. John E. Dunn 2009-11-03T12:00:00-04:00 http://www.networkworld.com/news/2009/110209-ms-security-intelligence-report-has.html Microsoft has released the latest version of the semi-annual Security Intelligence Report (SIR). Microsoft gathers data from millions of Windows computers and high-traffic Internet sites to compile a detailed analysis of the current threat landscape and highlight attack trends. The Microsoft SIR contains some valuable insight, particularly given the recent release of Windows 7. Tony Bradley 2009-11-02T12:00:00-04:00 http://www.networkworld.com/news/2009/110209-ms-security-architect-windows-7.html Jimmy Kuo, principal architect for Microsoft's Malware Protection Center, has high hopes that Windows 7 security features will help reverse attack trends identified in the seventh volume of the software giant's Security Intelligence Report. Bill Brenner 2009-11-02T12:00:00-04:00 http://www.networkworld.com/reviews/2009/110209-sonicwall-firewalls-test-how.html We installed the TZ200 and TZ210 firewalls on a production network in Rome, Italy, for a one month period to get a feel for their responsiveness, the new features of SonicOS, and reach and performance of the built-in wireless. Using the documentation provided by SonicWALL, we walked through all of the major new features in this hardware version and this software version to see how well they worked and how easy or difficult configuration was. Our production configuration was not overly complicated, but we did make an effort to test out multiple zones, NAT, and a variety of firewall policies as well as dynamic routing with Cisco, Juniper, and Nokia routers using OSPF. To test VoIP compatibility, we configured the TZ210 to firewall VoIP traffic using SIP between Polycom phones and an Asterisk PBX. To test the new GSM 3G backup features, we used a USB key subscribed to an Italian telecommunications provider, and tested both failover and failback with the TZ210. For other feature testing, such as multicast and SSL controls, we either used standard client/server software or developed a small test harness to evaluate how well each feature worked. Once we had a month of solid experience with the hardware under our belts, we took them back to the lab in Tucson, Arizona, for more bench testing. For wireless testing, we used four laptops with recent software images from Apple, Dell, and Lenovo. We used the open source TTCP test tool to push TCP traffic between laptops and servers located on the wired side of the network. Our wireless testing was not intended to be rigorous, but to give an idea of typical performance limits in an office environment with commonly deployed hardware and normal levels of RF interference. We used the same laptops to test the SSL VPN feature of the TZ210. To test anti-malware, we used our corporate Sophos scanner’s quarantine to identify 15 recent viruses, which we then re-transmitted through the TZ210 firewall using SMTP, FTP, and HTTP protocols over both standard and non-standard ports. Out of the 15 viruses, the TZ210 failed to identify 2 suspected viruses. We submitted these to the Virustotal multiple-engine scanning service, which gave a 78% “is a virus” score for one of them, and an 87% score for the other. To test performance, we used Spirent WebAvalanche 2700 tools to generate HTTP traffic across the firewalls. We set up a profile using a typical Internet mix of traffic, ranging in size from 1K-byte objects to 1.5M-byte objects, and ran HTTP transactions through the firewalls at a rate designed to place a load of up to 1 Gbit/second throughput. Joel Snyder 2009-11-02T12:00:00-04:00 http://www.networkworld.com/reviews/2009/110209-sonicwall-firewalls-test.html SonicWALL recently started shipping six new firewalls to replace the low-end of their product line. The new firewalls are the TZ100, TZ200, and TZ210, each also available with 802.11n wireless integration. This product release completes SonicWALL's transition to the Cavium Networks' Octeon processor line, putting all of their firewalls on the same code base and with a similar feature set. Joel Snyder 2009-11-02T12:00:00-04:00 http://www.networkworld.com/news/2009/103009-leaked-house-ethics-document-spreads.html A document containing the names of more than two dozen members of the U.S. House of Representatives who are being scrutinized for conduct violations is getting widely distributed over the Internet after being leaked on a peer-to-peer network earlier this week. Jaikumar Vijayan 2009-10-30T12:00:00-04:00