Testing All-in-one Firewalls; MySpace problems predate Keys hack

Latest security news.

Testing All-in-one Firewalls, 11/12/07: Are there unified threat management (UTM) firewalls with the chops to provide the perimeter security functions that an enterprise needs? After all, enterprises generally employ best-of-breed security products, not the all-in-one devices popular with the small and medium business set. In this test of 13 enterprise UTM products Network World Lab Alliance member Joel Snyder puts these products through their paces in eight categories. Overall, he finds that good enterprise firewalls are plentiful, but adding in UTM features like intrusion prevention and anti-virus scanning will yield very spotty performance. The overall top performers in this test are Juniper, Cisco and Check Point.

MySpace problems began days before Alicia Keys hack, 11/10/07: The widely reported problems with pop singer Alicia Keys' MySpace profile have been cropping up on the social networking site for the past ten days and are likely to continue, a security expert said Friday.

Hacker pleads guilty to creating botnets, 11/10/07: A hacker has pleaded guilty to infecting hundreds of thousands of computers with malware in order to steal money from Paypal accounts. He could spend 60 years in prison and face a $1.75 million fine.

Microsoft stands by its invite to arrested hacker, 11/09/07: Microsoft's security team took a bit of a chance a few weeks ago, when it invited Roberto Preatoni to give a talk at its Redmond campus.

17 charged in massive identity theft bust, 11/09/07: The operators of a New York business have been charged with running a massive identity-theft and money-laundering operation that raked in more than $35 million over a four-year period.

Virus database tracks vendor performance, 11/09/07: A new online malware database details the latest virus outbreaks from around the world, and shows which antivirus tools were able to block the threats and which ones failed.

Credit card transaction security fortified by new risk assessment system, 11/09/07: Researchers Friday announced a bulked-up vulnerability risk assessment system that they say will help ensure the security of credit card transactions. The Common Vulnerability Scoring System (CVSS) Version 2 was coauthored this year by researchers at the National Institute of Standards and Technology and Carnegie Mellon University in collaboration with 23 other organizations.

NIST calls for a new security ‘hash’ algorithm, 11/09/07: The National Institute of Standards and Technology (NIST) this week opened a competition to develop a new cryptographic hash algorithm, a tool that converts a file, message or block of data to a short fingerprint for use in digital signatures, message authentication and other computer security applications. Such hash algorithms are ultimately one of the key security technologies for federal and public systems.

DOJ cracks down on Internet pharmacy, 11/09/07: Six men face charges of illegally distributing drugs through an Internet pharmacy, and the U.S. Department of Justice is seeking forfeiture of more than $40 million in profit from the operation.

LAN switch security: What hackers know about your switches with Cisco's Christopher Paggen: Contrary to popular belief, Ethernet switches are not inherently secure. Security vulnerabilities exist all over the place. Did you know that there are vulnerabilities in the control plane protocols like STP and CDP? There are holes in the data plane protocols too. Christopher Paggen is prepared to tell you how to avoid these problems. Paggen is a technical marketing engineer for Cisco focusing on high-end firewalls. Join us for a live chat Tuesday Nov. 13 from 2 p.m. to 3 p.m. EST, where you can ask him about configuring and securing switches, firewalls or anything else you want to talk about.

The Network World IT Buyer's Guides provide comprehensive, detailed information on how to select, test, buy and deploy thousands of network and IT products. The new Network World IT Buyer's Guides offer even more features than before, here's just one that's worth checking out: Wireless LAN Security

Editor's note: Starting the week of Nov. 19, subscribers to the HTML version of this newsletter will notice some enhancements to the layout that will provide you with easier and clearer access to a wider range of resources at Network World. We hope you enjoy the enhancements and we thank you for reading Network World newsletters.

Learn more about this topic


Copyright © 2007 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022