Wednesday, February 20, 2013
Tuesday, February 19, 2013
Frontier Computer Corp. Offers Dell SonicWALL Firewall Products
Frontier Computer Corp. Offers Dell SonicWALL Firewall Products
Frontier Computer Corp., a Traverse City Michigan based provider of quality IT solutions, expands their relationship with Dell and is now certified to provide and implement Dell SonicWALL Firewalls.
Traverse City, MI (PRWEB) February 19, 2013
With the growing number of connected networks in businesses today, it
is important to have firewall protection that will keep your network
safe and secure. Frontier now has the capability to offer this
protection through Dell SonicWALL Next-Generation Firewalls.Dell SonicWALL Next-Generation Firewalls are ICSA Labs Enterprise Certified and offer superior intrusion prevention, application intelligence and control, and real-time visualization. Being an advanced security platform, Dell SonicWALL Next-Generation Firewalls have a Reassembly-Free Deep Packet Inspection (RFDPI) engine that scans every byte in every packet. This provides increased productivity as well as a unified single integrated suite that is easy to manage. Other features include optimized existing bandwidth, secured password-protected internet access, reliability, scalability and traffic analysis. Whether you are a small or large business, Frontier can help provide you with the right firewall to fit your business security needs.
Founded in 1976, Frontier Computer Corp. is a comprehensive products and solutions provider that helps companies plan, build and maintain their IT infrastructure. Professionally configured and tested enterprise level IT solutions are provided to companies of any size. Frontier works with small, medium and large businesses to address infrastructure challenges and provide technology solutions that improve efficiency, reduce costs and extend technology lifecycles. The same prompt attention to detail is given on each transaction to ensure successful delivery and implementation regardless of scope.
For more information regarding Dell SonicWall or any Dell product, please contact Dave Eggli at (231) 668-9410 or Mike Maitland at (231) 668-9451.
Article originally posted on this site: http://www.prweb.com/releases/2013/2/prweb10430439.htm
Monday, February 18, 2013
SonicWALL uses Ixia for Next-Gen Firewall Shootout at Interop
SonicWALL uses Ixia for Next-Gen Firewall Shootout at Interop
OverviewAt Interop 2012, in SonicWALL’s booth (#751), we will be conducting a live network security effectiveness face-off using six of the top next generation firewall (NGFW) products. The following solutions will take place in the competitive comparison:
- Check Point UTM-1 Total Security 138
- Fortinet FortiGate-40C
- Juniper Networks SRX210
- Palo Alto Networks PA-200
- SonicWALL NSA 250M
- WatchGuard XTM 21
- Security service effectiveness using pure network security attacks
- Security services effectiveness testing along clean network traffic
The detailed statistics further highlight a product’s behavior under attack – i.e. TCP resets, TCP FIN, TCP time out retry etc. We used Ixia’s real-time statistical capability while running tests on all the products in parallel, showing that the feature’s effectiveness does not change based on product size. The attack terminology used here is equivalent to published vulnerabilities.
Test Topology
Ixia simulated multiple client PC on the trusted side (LAN) and servers on the untrusted side (WAN). We deployed a total of six competitive boxes for this demo as outlined below:
Test Configuration
On each product we used ten simulated client PC’s on the LAN side with ten unique IP addresses communicating with ten servers with unique IP address on the WAN side. We selected all 534 CRITICAL attacks within the Ixia attack library for a total of 8777 attacks. The test objective was 10 concurrent attacks, meaning that 534 total attacks will be divided by ten and each group use a unique IP’s on the client side – sending about 53 attacks each in parallel. The time to complete the test is determined via how fast a product can close the TCP connection/session. All the products were configured for maximum protection, and we synced with the latest available signature update prior to the test. The attacks were initiated both from trusted and untrusted sides.
Below you can see an IxLoad-Attack screen capture for the test configurations used.
Test results
The test result for effectiveness shows the difference in block rate as well as the time each product takes to kill attacks.
Product
|
Block ratio %
|
Attack Kill time in Seconds
|
Total attacks
|
| SonicWALL NSA 250M |
97%
|
20
|
534
|
| Palo Alto PA 200 |
67%
|
93
|
534
|
| Juniper SRX 210 |
59%
|
74
|
534
|
| Fortinet FortiGate-40C |
93%
|
357*
|
534
|
| CheckPoint UTM-1 138 |
57%
|
55
|
534
|
| WatchGuard XTM 21 |
51%
|
56
|
534
|
The charts below illustrate the data: 
The fastest product to kill/stop the attack was SonicWALL NSA 250M. The appliance managed to reset all the incoming attacks as they were coming in. The test showed other products to use reset, FIN while some just timeout on the TCP connection /session created via an attack.
The second test followed the same setup but added a HTTP file transfer of 10Mbytes per second for a 50MB file. The below table illustrates the change in effectiveness for Fortinet’s appliance while the remaining appliances show hardly any change in performance. Under attack the Fortinet Fortigate-40C also showed fluctuating throughput.
Product
|
Block ratio %
|
Block ratio % with HTTP file transfer
|
| SonicWALL NSA 250M |
97%
|
97%
|
| Palo Alto PA 200 |
67%
|
67%
|
| Juniper SRX 210 |
59%
|
59%
|
| Fortinet FortiGate- 40C |
93%
|
78%
|
| CheckPoint UTM-1 138 |
57%
|
57%
|
| WatchGuard XTM 21 |
51%
|
51%
|
Using the same methodology and attack vectors, we establish a product’s effectiveness ratio. However there could be updates to both attacks and signatures from all the vendors. In our test we identified SonicWALL NSA 250M as the appliance with the highest block rate and WatchGuard XTM 21 as the appliance with the lowest rate of protection when exposed to pure attacks. The test also showed a change in protection effectiveness of some appliances under additional clean traffic. Here the effectiveness of Fortinet’s FortiGat-40C dropped significantly and allowed attacks to pass the protection. Finally, the test showed variations in the attack kill time for different appliances – with some devices leaving the TCP connection open until timeout occurs.
These results show that test labs should pay special attention to attack kill time, an as increase of this value results in higher CPU and memory usage to keeping connections open. We believe the most successful way to test the protection effectiveness of next-generation firewalls is to conduct correlating attacks that directly produce logs on the product under testing conditions. The correlation between log generated on the product and attacks log generated by Ixia are very important, as the product can experience a reliability issue under testing conditions and enter a no response state where test tools could falsely mark the attack as successfully blocked.
Sunday, February 17, 2013
Trojan Uses Google Docs to Communicate with Attackers
Trojan Uses Google Docs to Communicate with Attackers
November 21, 2012By Anish Patil
The Dell SonicWALL Threats Research Team received reports that a new Trojan variant is using Google Docs to hide while it infiltrates a victim's system. Although Google Docs have been used for phishing attacks in the past, this new Trojan takes advantage of a Google Docs viewer that loads and displays files via URLs. The Trojan uses this “viewer” service as a proxy to communicate with the command and control (C&C) servers to cloak the communication between itself and the C&C servers. Since Google Docs encrypts all communication, it makes it difficult for network security solutions and analysts to identify the type of information being exchanged. And because the Trojan's traffic is coming from Google Docs, it sneaks through some defenses without detection.
Identified as a Backdoor.Makadocs variant, the Trojan disguises itself as a Microsoft Word document icon within the Google Docs viewer and transfers information, such as the infected computer's host name and operating system, to attackers.[1]
But the damage doesn't stop there—as the name implies, this Trojan opens a backdoor so thieves can send more commands to steal sensitive information. So far, the Trojan seems to focus on Brazilian users, and uses social engineering techniques to infect the machine.[2]
Backdoor.Makadocs's use of Google Docs' viewer feature is a violation of Google's policies, but that is unlikely to stop cybercriminals.
If you're a Dell SonicWALL with a valid subscription, Gateway AntiVirus provides protection against this threat through the following signature:
- GAV: Makadocs (Trojan)
- Get more details about this Trojan variant from the Dell SonicWALL Threat Research Team
- See other SonicAlerts: View a complete history of all SonicAlert research
[1] Trojan Uses Google Docs to Communicate with its Control Server. The H Security, Heise Media UK. November 17, 2012. http://www.h-online.com/security/news/item/Trojan-uses-Google-Docs-to-communicate-with-its-control-server-1752343.html
[2] Kirkland, Marquisa. Backdoor Trojan Uses Google Docs to Connect to C&C Servers. Hyphenet. November 21, 2012. http://www.hyphenet.com/blog/2012/11/21/backdoor-trojan-uses-google-docs-to-connect-to-cc-servers/
SonicWall - How to Block Pandora Using App Rules
SonicWall Instructional Video from Firewalls.com:
How to Block Pandora Using App Rules
http://www.firewalls.com/videos/video/how-to-block-pandora-using-app-rules.html
How to Block Pandora Using App Rules
http://www.firewalls.com/videos/video/how-to-block-pandora-using-app-rules.html
Subscribe to:
Posts (Atom)