Just over a year ago, the tech industry and its customers alike were jolted the by revelation of a new and potentially very serious vulnerability in OpenSSL. Dubbed Heartbleed, or CVE-2014-0160, the security bug affects certain versions of OpenSSL that do not properly handle heartbeat extension packets. This could allow attackers to craft packets that trigger a buffer over-read, resulting in the exposure of sensitive information from clients and servers.

Array’s application delivery controllers and secure access gateways use our own proprietary SSL stack, and thus were not affected by Heartbleed. Many competing products are based on OpenSSL, however, and their respective manufacturers raced to implement patches and fixes to protect their customers.

With the 20-20 hindsight afforded by a year’s distance from the Heartbleed announcement, what has changed and what have we learned?

1. Heartbleed wasn’t the first, nor the last. OpenSSL had multiple vulnerability announcements prior to Heartbleed, as well as over the last year. For Man-in-the-Middle (CVE-2014-0224), and ClientHello (CVE-2015-0291), once again neither Array’s AG Series SSL VPNs nor APV Series ADCs were vulnerable due to our proprietary SSL stack. For the FREAK vulnerability (CVE-2015-0204), only certain of our products were affected (i.e. end-of-sale ADCs and SSL VPNs, and some functions of our aCelera WAN optimization controllers). New software versions for these products were released and are available on the Array Support site to mitigate these vulnerabilities.
2. Security is a mindset, not a feature. SSL/TLS itself, as well as other components of application delivery networking, had vulnerability announcements in the last year. However, as an SSL company, Array eats and breathes security. From the beginning, we’ve been fanatical about removing unnecessary features and loopholes in our software to improve both security and performance. This security mindset paid off with the Bash vulnerability (CVE-2014-6271 et al.), for example, because Array APV and AG Series do not expose Bash for remote access.
3. Web and application servers may still be vulnerable to Heartbleed. Security industry firm Venafi recently issued a report that found that as of April 2015, nearly three quarters of Global 2000 firms had public-facing systems that remained vulnerable. The primary reason cited by the report was incomplete remediation, typically by failing to replace SSL keys and certificates. Note that adding a Heartbleed-proof application delivery controller (shameless plug) like Array’s APV Series can provide an additional layer of defense while providing load balancing, SSL offloading and other functions that improve server and application performance.
4. The nature of malicious attacks has changed. At the dawn of the Internet, it was mostly kiddie scripters and other idle minds. Now, headline-grabbing malicious attacks are perpetrated by organized criminals (or even nation-states) with a goal of compromising personal financial information, sensitive corporate and government information, and even a nation’s infrastructure. It’s all about money now, or causing real damage, and the stakes are very high.

While OpenSSL is but one potential attack vector, Heartbleed and other OpenSSL vulnerabilities point out the new reality for IT professionals: They must remain ever mindful, ever vigilant, and ever diligent to protect the networks they manage against malicious attacks.

Let’s be careful out there.

Υou can read the original article here.

Sophos is pleased to announce that its Sophos SG Series UTM appliances were recognised by a panel representing the audience of SC Magazine, as the winning solution in the Best UTM Solution category at the 2015 SC Magazine Awards Europe 2015. The announcement was made Tuesday, 2nd June, 2015 at the awards presentation held at The Ballroom,Grosvenor House on Park Lane, London.

“We are delighted that our SG Series UTM came out on top at the SC Magazine Awards. Winning this award is a real honor and just shows that the features and models we have been adding to our SG series, such as the new integrated wireless models, are making Sophos a real leader in the UTM Firewall market” said Chris Weeds, Director, Product Marketing, Sophos. “Our network security product team are rightly proud of this achievement, but credit also goes to our partners and customers, whose input and feedback helps us to continue to build great products.“

Sophos’ SG Series UTM was also recently awarded five stars by PC Pro Magazine, and added to their A-List.

Each year, hundreds of products are entered in the EXCELLENCE AWARDS: THREAT SOLUTIONS categories. Each product is judged by a panel representing a cross-section of SC Magazine readership, which is comprised of large, medium and small enterprises from all major vertical markets including financial services, healthcare, government, retail, education and other sectors. Entrants are narrowed down to a select group of finalists before undergoing a rigorous final judging process to determine the winner in each category.

“It’s more important than ever to recognise the tireless efforts of the men and women across the globe who work to combat these threats and provide cyber-security. Sophos’ SG Series UTM is a significant achievement and one that shows Sophos’ dedication to innovation and protecting against the ever-changing threat landscape,” said Tony Morbin, Editor in Chief, SC Magazine.

The SC Magazine Awards Europe are well known as one of the most prestigious awards for information technology (IT) security professionals and products. The awards recognise the best solutions, services and professionals that work around the clock to defend against the constantly shifting threat landscape in today’s marketplace. For more information and a detailed list of categories and winners, please go to scawardseurope.com/winners/.

Υou can read the original article here.

Today we announced that we have acquired Reflexion Networks. I’d like to say I was clever in searching out and finding the perfect cloud email security company to help us accelerate Sophos Cloud.

I’d like to say that, but the truth is that people have been trying to tell me about Reflexion ever since I joined Sophos in 2013. I’ve had sales people ask me about them, partners rave about them, and product managers encourage me to look at them. In the end, rather than describe me as clever, deaf might be more accurate.

As I’ve gotten to know David Hughes and the team at Reflexion this past year, I’ve grown more and more excited about what we can do together. It’s a strong team and an important space.

Email continues to be a major threat vector, allowing malware to get inside the network and sensitive data to get out. Cybercriminals rely on spam as an easy and efficient way to propagate malware threats. In an effort to get around anti-spam filters, cybercriminals need to produce huge amounts of it – and spam currently accounts for nearly 70% of all email, according to SophosLabs.

The Reflexion team lives and breathes email every day. It’s their whole world and they are experts. Combining this team with our existing expertise from our email appliance business and our Sophos Cloud business really helps us double down on email security. They also speak our language: cloud-first; channel-first; simplicity in design; transparent communication; great support. They fit.

Not only is it a great fit for Sophos, it’s a great opportunity for Reflexion’s partners and customers. By combining our two companies we’ll be able to accelerate progress on Reflexion’s vision as well as bring email security to Sophos Cloud.

We’re glad to welcome the Reflexion partners to Sophos and we’re excited about the business we can build together.

You can find out more of the details of the acquisition in our press release and more details on Reflexion’s products on their website.

Bill Lucchini, who wrote the blog post, is Senior Vice President and General Manager, Sophos Cloud.

Υou can read the original article here.

Sophos announced that it has acquired Reflexion Networks Inc., a leader in cloud-based email security, archiving, email encryption and business continuity services. The acquisition will enable Sophos to add cloud-based email security to Sophos Cloud, the company’s single, integrated cloud-based management console. Together, Reflexion and Sophos will deliver enterprise-grade email security in one affordable and simple-to-manage solution.

Reflexion Networks offers a complete portfolio of cloud-based email security technologies that help organizations meet their needs for secure communications. Reflexion Total Control blocks spam and viruses before they ever get to the corporate network. Archiving, discovery, and recovery services allow fast search and retrieval capabilities, while encryption services ensure that email communications are only readable by intended recipients. In addition, Reflexion offers business continuity services to ensure uninterrupted business communications in the event of an outage.

Sophos Cloud, which was launched in mid-2013, provides endpoint security, mobile device management and security, server security, and application whitelisting through a single, integrated cloud-based console.

“The Reflexion platform has been built from the ground up to run in the cloud at scale and will strengthen and accelerate our ability to offer email protection when and where the customer wants it,” commented Bill Lucchini, senior vice president of Sophos Cloud Security Group. “As we integrate this technology with Sophos Cloud it will complement our Sophos Secure Email Appliance giving IT professionals the choice of a cloud-based solution, or an on-premise solution. We are excited about the opportunity this brings and welcome the Reflexion Networks team to Sophos.”

Based in Woburn, Mass., Reflexion Networks has over 17,000 customers around the world. More than 2,000 managed service providers (MSPs) sell its cloud services every month.

“Reflexion is a great fit for Sophos because, like us, their sales model is 100 percent channel,” added Kendra Krause, vice president of Global Channels, Sales for Sophos. “The solutions developed by Reflexion Networks bring opportunity for Sophos partners to offer new services in the attractive growth market of cloud-based email security, and Reflexion partners have the opportunity to expand their security offerings with the broad Sophos security portfolio.”

“At Reflexion Networks we’ve always been passionate about serving the vast global market of small and midsize businesses with easy to use services delivered through MSPs,” commented David Hughes, CEO of Reflexion Networks. “Sophos shares our vision, and has the global reach and partner commitment to make it a reality. We couldn’t be more excited about joining the Sophos team.”

Υou can read the original article here.

At our We’re delighted to announce that our Sophos SG Series UTM has won Best UTM at the SC Awards Europe 2015 and also received a 5-star A-List rating from PC Pro Magazine. To win not one but two big honors like these in the same week just goes to show how our UTM is a real leader in the market, and a winner for organizations of any size.

First up at the SC Awards Europe 2015 event held this week to coincide with the Infosecurity Europe Conference, Sophos SG Series won the Best UTM category, beating out other nominees Fortinet, Check Point and Barracuda.

The judges said the SG Series and Sophos UTM software “provided a superb feature-set that can enable businesses of any size or structure to operate their business safely and securely”.

Which is difficult to argue with especially when you look at the list of features and the performance results. And as if that wasn’t good enough, the SG Series has also received a 5-Star A-List product rating from UK based PC Pro Magazine.

This was an in-depth review of one of our new integrated wireless models – the SG 115w – conducted over six months. The reviewer really put the box through its paces and it performed extremely well, with the conclusion: “It all adds up to an appliance that gets it right on almost every level: easy deployment, a huge range of features and a tempting price make the SG 115w the perfect choice for SMBs.”

You can check out the full review here.

Our network security product team are rightly proud of these achievements, but credit also goes to our partners and customers. Without the great feedback you all give us, we wouldn’t be able to build products that are so well received and that really deliver security made simple. Thanks to everyone – inside and out of Sophos – who make what we do possible.

Υou can read the original article here.

At our annual EMEA Partner Conference in Rome, attended by over 400 of our fantastic partners, I was fortunate to meet a true pioneer – our guest speaker Reinhold Messner, who made the first solo ascent of Mount Everest without supplemental oxygen. Reinhold is an inspiring figure. He has climbed all 14 of the world’s 8,000-meter peaks. He is also an author, politician and businessman. 

His speech got me thinking about ways Sophos is a pioneer too. Which is why I’m so excited that we have achieved an industry first with our new Sophos SG Series SG 125w and SG 135w – the first (and for now the only) UTM appliances on the market with 802.11ac integrated wireless. Now you might be thinking, “I’ve heard of Everest, but why is 802.11ac such good news?” Put simply, because it’s much faster. 

Because wireless is a shared media, the higher performance AC standard is the best choice for high-density environments like public hotspots or conference rooms with lots of wireless clients and smartphones. 

The new standard increases the theoretical throughput to 1.3 Gbps – three times more than the wireless 802.11n standard, although in the real world you are more likely to see speeds doubling. That means if you are a Sophos partner or customer, you now get all the security you need from our UTM, with access to the fastest Wi-Fi standard too. 

Now, you have to keep in mind that the AC standard only operates in the 5 GHz band, which means an access point (AP) has a lower range compared to 2.4 GHz band. However, the combination of the fact that 5GHz is a “quieter” range that suffers less interference and uses “beamforming” to detect where devices are and intensify the signal in their direction more than makes up for this range deficiency. Older clients can also slow down the network significantly, which is why we recommend creating a different SSID for those clients. 

Like Reinhold and other true pioneers, we don’t stop by tackling just one challenge. Our AC support goes beyond the new integrated appliances. We’ve also extended the range of our Wi-Fi access points by adding four new 802.11ac desktop and ceiling mount versions. Plus, we’ve added a new, rugged 802.11ac outdoor model for greater Wi-Fi access everywhere – it could even cope in the freezing temperatures of base camp!

Tightly integrating your Wi-Fi and security is a no brainer – and with our new SG Series offerings, you can give users a better Wi-Fi experience, and at the same time eliminate the drama from Wi-Fi configuration and security. For more information on the Sophos SG Series UTM/Firewall appliances, including the built-in wireless models and controller and the full range of wireless access points, please check out sophos.com/utm.

SG 125w/135w Desktop Firewalls with 802.11ac Wi-Fi 

The new SG Series integrated wireless models mean customers can now choose from sixteen models in the SG Series range including four with integrated Wi-Fi capabilities: 

• SG 105w and SG 115w with 802.11n integrated wireless 
• SG 125w and SG 135w with 802.11ac integrated wireless 

Sophos Wi-Fi Access Points 

All Sophos access points are built on enterprise-class 802.11n and 802.11ac chipsets, with custom designed antennas, extra CPU and memory resources. Our new AP 100 802.11ac access point offer three times the performance of its predecessors but at the same competitive price point. The new products are: 

• AP 55 series – 2 new models desktop and ceiling mount, 2×2 MIMO, 2 radios
• AP 100  – 3 new models are all 802.11ac enterprise-grade access points with 3×3 MIMO and 2 radios: AP 100 desktop/wall-mount and AP 100X, an IP67 certified outdoor 
• AP 100C, a smoke detector style ceiling-mount 

Both the integrated wireless and separate access points can be managed directly from the Sophos SG Series appliances. More information on the Sophos SG Series UTM/Firewall appliances including the built-in wireless controller and the full range of wireless access points can be found here.

You can read the original article here.

LogPoint has released Security Update 5 for LogPoint version 5.2.4. This update covers a number of fixes for vulnerabilities in the Linux operating system, which LogPoint runs on. 

The Security Update can be downloaded from the Customer Site and should be installed under “Security Updates” in Settings in the UI.

If you have any questions, please don’t hesitate to contact us – you can direct your questions to the party responsible in your region or directly to our support team.

LogPoint enables the correlation of events and reporting on critical business operation in real-time, allowing enterprises to gather insight and understand the context of the billions of events generated daily by both core business applications as well as the infrastructure supporting and enabling the business. 

LogPoint provides a rich analysis platform and out-of-the-box dashboarding and reporting for infrastructure and critical business applications, enabling effective management and measurements of the enterprise security, and compliance to quality standards.

Sophos announced the availability of a new advanced server protection product that combines whitelisting and anti-malware technologies in a single, simple to use product. Sophos Cloud Server Protection Advanced integrates server application whitelisting with anti-malware to deliver single-click server lockdown, using the simple, intuitive Sophos Cloud management console that makes it easy to deploy, manage and maintain.

By locking a known-good server configuration, and building in automatic trust of known good updaters and linked DLLs, Sophos Cloud Server Protection Advanced dramatically reduces the administrative time needed to lock down multiple servers from weeks to just minutes, by simplifying configuration and only allowing approved or whitelisted applications to run. 

The simple one-click lockdown puts the server in a default/deny mode so that only approved or whitelisted applications can run. With integrated anti-malware, HIPS and whitelisting, Sophos Cloud Server Protection improves overall security, and can more effectively prevent zero-day attacks, especially content and memory-based attacks that typically target servers and can by-pass products that just use whitelisting. 

“Servers are the work-horses of any organization central to storing sensitive data, facilitating communications and executing business processes,” commented John Shaw, vice president product management at Sophos. “With this level of integration, IT administrators at small to mid-sized organizations can now easily upgrade protection of their critical Windows servers – whether on-premise or in the cloud – and prevent attacks without spending weeks or months to configure, test and deploy white-listing applications.” 

Previously, “lockdown” server protection products have gone largely unused in the mid-market because of the complexity of setting them up, putting the technology beyond the reach of all but the well-resourced enterprise. 

Sophos’s new approach not only makes lockdown of servers easy to configure for the mid-market, but also reduces concerns about impact on performance and availability. Server performance is optimized with the use of “no-overhead” whitelisting approach that blocks every attack without resource intensive scanning. Server availability is maximized via the quick setup and configuration process that automates the time-consuming and manual-building of the whitelist. 

“Sophos Cloud Server Protection Advanced is particularly easy to implement, very resource efficient, and reliable while protecting Windows Server operating systems. We have already tested it successfully and are excited about this new functionality. We at dicom appreciate the partnership with Sophos and look forward to adding Sophos Server Protection Advanced to our portfolio,” states Maik Luehrs, Technical Consultant, dicom Computer Vertriebs GesmbH. 

Sophos Cloud enables the simple and effective management of security, with an integrated cloud-based management console. The single ‘pane-of-glass’ interface provides visibility into all users, showing all their devices and their protection status on each. For more information visit www.sophos.com/servers. 

You can read the original article here.

Sophos announced the immediate availability of the first and only UTM appliances with 802.11ac integrated wireless. The new SG Series SG 125w and SG 135w models tightly integrate wireless access with firewall protection to allow small and mid-sized businesses (SMB) to achieve the performance gains offered by 802.11ac wireless, including smarter performance and better hotspot management. 

Sophos has also extended its Wi-Fi access point range by adding four new 802.11ac desktop and ceiling mount versions and the AP 100X, a new rugged 802.11ac outdoor model. Both the integrated wireless and separate access points can be managed directly from the Sophos SG Series appliances. 

Data published by IDC suggests that the new 802.11ac standard is driving growth in the enterprise WLAN market, and is seeing noticeably faster adoption rates compared to the transition to 802.11n. A recent survey, conducted by Sophos amongst IT professionals on SpiceWorks, reflects this trend with over a third of respondents (31%) having either already deployed 802.11ac hardware or are planning to deploy it in the next 12 months. The key drivers for those deploying hardware are the expectation of improved throughput performance (37%) and better wireless coverage (26%). 

“Many businesses are adopting  802.11ac  to extend their Wi-Fi capacity and keep up with the growing demands of users with multiple mobile devices, using increasingly bandwidth intensive applications,” says Bryan Barney, senior vice president & general manager of Network Security at Sophos. “With this new UTM, we enable network managers to offer a better Wi-Fi experience to their users, and at the same time eliminate drama from Wi-Fi configuration and security.” 

“Many of our customers have limited IT resources, and the integration of wireless protection with firewall protection frees our clients’ staff from managing an additional and often expensive enterprise wireless solution,” says, Sam Heard, President, Data Integrity Services. “We’ve tested the SG appliance in our own office and are thoroughly impressed. This is the wireless solution we’ve been waiting for. Now that Sophos has added integrated 802.11ac to the SG Series, we will be able to provide our customers highly secure Wi-Fi and the best available throughput. We look forward to offering this level of protection to our clients.” 

SG 125w/135w Desktop Firewalls with 802.11ac Wi-Fi 

These desktop firewall appliances are available with or without integrated wireless networking. The new SG Series integrated wireless models mean customers can now choose from sixteen models in the SG Series range including four with integrated Wi-Fi capabilities: 

• SG 105w and SG 115w with 802.11n integrated wireless 
• SG 125w and SG 135w with 802.11ac integrated wireless 

New Sophos Wi-Fi Access Points 

As with previous Sophos wireless access points, the new access point models can be managed directly from the Sophos SG Series appliances. All Sophos access points are built on enterprise-class 802.11n and 802.11ac chipsets, with custom designed antennas, extra CPU and memory resources. Our new AP 100 802.11ac access point offer three times the performance of its predecessors but at the same competitive price point. The new products are: 

• AP 55 series – 2 new models desktop and ceiling mount, 2×2 MIMO, 2 radios
• AP 100  – 3 new models are all 802.11ac enterprise-grade access points with 3×3 MIMO and 2 radios: AP 100 desktop/wall-mount and AP 100X, an IP67 certified outdoor 
• AP 100C, a smoke detector style ceiling-mount 

“Our customers are looking to make sure their environments are secure and easy to manage. Because the new Sophos access point models can be managed directly from the SG Series appliances, we believe this is the next logical step for our customers to integrate their security,” confirms Todd O’Bert, President & CEO, Productive Corporation. 

More information on the Sophos SG Series UTM/Firewall appliances including the built-in wireless controller and the full range of wireless access points can be found here.

You can read the original article here.

Recently we asked a bunch of IT professionals if they install antivirus on their servers. Their answers were quite surprising. Out of 486 IT professionals we surveyed, only 284 (58%) said they run antivirus on both Windows and Linux servers. 

The rest said they either don’t bother with antivirus on Linux servers (34%), or don’t run antivirus on any servers at all (8%). 

Apparently, there are a lot of people who think they either don’t need antivirus on their Linux servers because malware isn’t a problem for Linux, or that antivirus will hurt server performance. 

Unfortunately, they are wrong on both counts. Malware for Linux does, in fact, exist – cybercriminals frequently hijack Linux servers to spread their spam and malware. And with the right antivirus protection, performance won’t suffer either. 

Sophos Antivirus for Linux 

One common objection to installing antivirus is that it can affect the machine’s performance. Fortunately, Sophos Antivirus for Linux has a small footprint and minimal impact on system speed. 

Basically, you won’t know it’s there – except, of course, when it detects and blocks a threat from infecting your machine or spreading to your users’ workstations. The best thing about it, Sophos Antivirus for Linux is available now for FREE. Go try it out. 

Lock down servers with Sophos Cloud 

Sophos Cloud is the only solution offering cloud-managed server protection integrated with advanced anti-malware, HIPS and server application whitelisting/lockdown.  

Simply by clicking a button, you can lock down your servers in a safe state. Sophos Cloud automatically recognizes your server applications and adapts the configurations and management settings. Watch this video for more information.

You can read the original article here.

It’s safe to say that no business wants to end up like Target, Sony or Anthem. Those companies suffered massive data breaches at considerable cost – from fines and legal fees, to loss of reputation, and fleeing customers. 

Increasingly, businesses are recognizing that data loss prevention requires security on multiple levels, from protecting the data itself, to the devices where it is stored, and the people who access it. 

Data encryption is essential for keeping your data secure as it moves from one place to another. Because encrypted information is only readable by people with the ability to decrypt it, data becomes useless if it’s lost or stolen.

Deadly IT Sin #6 – Unencrypted files – Watch the video

In this short video, James Lyne, Sophos global head of security research, explains why many organizations are suffering the consequences of data breaches, and how to protect against data loss with network segregation and data encryption. 

As James explains, businesses need security solutions with the ability to selectively and automatically encrypt sensitive data by policy, user and group. You’ll also see James demonstrate how an attacker can jump easily from one compromised computer to others on the network in order to steal confidential files.

7 Deadly IT Sins 

Learn more about encryption by checking out our 7 Deadly IT Sins website. It explains common security mistakes organizations make, and offers videos, whitepapers and other free resources to help you fix them.

You can read the original article here.

It’s been about a decade since we began seeing threats to mobile devices, and a lot has changed in the intervening years. The brief history of mobile threats goes back to 2004 when the first mobile virus appeared, called Cabir, attacking Symbian phones. 

In case you thought Apple iOS devices were immune, jailbroken iPhones are ripe targets for viruses and worms like the ones that showed up in 2009 called Ikee and Duh. 

Since about 2010, Android malware has dominated the mobile threat scene, which makes a lot of sense when you consider that Android represents more than 80% of the global smartphone market. So far, SophosLabs has seen 1.5 million samples of Android malware – a much smaller number than Windows threats, but the growth rate is accelerating rapidly. 

Even though the risk of Android malware is relatively low in Western countries, bad apps have made it into Google Play many times since 2011, when the DroidDream attack saw more than 50 apps containing a root exploit published on Google’s Android market. 

Meanwhile, millions of Android users in China use third-party app markets such as Mobogenie, a market with a history of problems with automatic downloads without permissions. Widespread Android vulnerabilities like MasterKey (discovered in 2013) haven’t really been exploited yet, says Sophos security advisor Chester Wisniewski. However, millions of Android users are at risk if criminals decide to weaponize these exploits. 

Currently, most Android malware relies on cybercriminals tricking users into downloading malicious apps themselves, so make sure you (or your users) have an Android antivirus, stick to Google Play as much as possible, and avoid rooting devices. 

It’s not just Androids you need to look after, as Chet explained in his presentation at the recent RSA Conference comparing the security of the major smartphone platforms. He says Android and iOS are about even in terms of their default security settings – neither one is perfect. Windows Phones have some risky default settings, including automatically connecting to Wi-Fi. 

As mobile threats continue to mature, the amount of data mobile devices are collecting – and a lack of control over who has access to that data – are the biggest threats to the privacy and security of everyday users. 

Infographic: Timeline of Mobile Threats 

We created this timeline of mobile threats going back to 2004. It’s by no means comprehensive, but it gives you a good idea of how threats have evolved in a short period of time. 

To download a PDF of the infographic, click on the image below. You can learn more about the latest mobile threats at our award-winning Naked Security blog. 

Mobile security from Sophos 

Protecting your business from mobile threats is easy with our Sophos Mobile Control (SMC). By securing devices, content, and applications with a user-centric approach, SMC simplifies compliance with corporate security policy across iOS 8, Windows Phone and Android platforms. SMC also manages Sophos Mobile Security to deliver anti-malware for Android devices. 

Check out the new SMC 

Watch this video to get a closer look at SMC, or visit sophos.com/mobile for more information. 

You can read the original article here.

As ISPs, Hosting Providers and Online Enterprises around the world continue suffering the effects of  DDoS attacks, often the discussions that follow are, “What is the best way to defend our networks and our customers against an attack?” Traditional techniques of defense include SYN-cookies, SYN-proxy, redirects, challenges, and of course the black hole routing technique to name a few.  Most of these techniques have been around since the early 2000’s when DDoS attacks first began to surface.

For those that do not know much about black hole routing, (also called null routing) this technique involves creating an IP-traffic route that virtually goes nowhere.  The packets destined for the null route end up in the bit bucket.  Null routing is essentially available on every commercial router today and there is little performance impact to silently drop all traffic to a specific destination. 

It’s no secret in the world of DDoS attacks, that using null routing is a tool of choice for organizations that have no other means of blocking an attack.  For example, an attacker selects a victim and launches a DDoS attack against them.

The victim may not be the only entity impacted. Other users that share the same infrastructure as the victim may also experience the effects of the attack and have their service degraded or be taken offline altogether as their infrastructure, servers, and applications are severely impacted by the onslaught of the phony traffic.

These unintended victims are collateral damage from the attack, which is sometimes referred to as second-hand DDoS.  With no DDoS defenses in place, victims normally call their ISP and ask for assistance with blocking the attack upstream.  The ISP injects a null route with the IP address of the original victim into their routing infrastructure and begins blocking all DDoS traffic to the victim with the hopes of reducing the impact against the rest of their customers who are experiencing collateral impact as a result of the attack. 

Less than desirable approach 

However there is a problem with this approach; it actually perfects the DDoS attack against the original victim!  Not only does this method block all DDoS traffic, but it also blocks all “good traffic” as well.  This technique is calamitous for the Internet connected business whose business thrives on Internet Availability.  If the upstream ISP null routes all good traffic-and-DDoS traffic into the ‘black hole’, it effectively takes the victim offline.   This method of defense is simply not acceptable for organizations that rely on an always-on Internet. Additionally, since most DDoS attacks are highly spoofed, trying to null route on the source IP addresses is nearly impossible. 

More Collateral Damage 

Many ISP’s are utilizing black hole routing as their only means for DDoS defense. With this approach, for example, when an ISP with residential customers comes under attack they must null route into their infrastructure, for the destination (victim). Resulting in hundreds of their other customers being knocked offline. 

With regards to the ISP’s commercial customers, they range from very high-end hosting providers, gaming providers, web-based businesses, and smaller commercial customers.  These customers have also felt the effects of DDoS attack – some quite often. Due to the shared network environment of a Tier 2 or Tier 3 ISP, the risk of collateral damage is a major issue when it comes to dealing with DDoS attacks.  For commercial customers that require 100% uptime, black hole routing is an unacceptable solution. 

There is a better way 

As we have learned by dealing with the DDoS threat landscape, black hole routing is a rudimentary approach to DDoS mitigation, which in many cases does more harm than good. Technology exists today that is completely capable of blocking all DDoS attacks in real-time.   Purpose built DDoS technology is rapidly becoming the standard for real-time DDoS protection. When deployed at the ISPs peer points, this DDoS defense solution can effectively remove all DDoS attack traffic from ever entering the ISP network; blocking the attacks before they can wreak havoc the ISP infrastructure, or impact their customers.

With proper protection the days of dealing with DDoS attack outages are over.  No more 4:00AM wakeup calls, no more complaints, no more downtime, and no more victims.   If you’re an ISP it’s time to admit, you need to deploy these defenses for proper DDoS protection. 

You can read the original article here.

Are you the unofficial IT support person for your friends and family? If you know a thing or two about computers, mobile and other smart devices, you’ve probably had to get friends and family out of tech trouble on occasion.

Maybe you’ve done some troubleshooting with the family printer – or perhaps you were asked to clean up your friend’s PC that got hit with a virus (he wasn’t doing anything wrong, he swears!).

Well, we’re offering three simple things you can do to help those you care about with the often baffling problems of online security.

1. Check desktops and laptops for viruses and malware.

If your family and friends are coming to you with computer problems – maybe they are getting lots of spam, their computer is super slow, or they are seeing annoying pop-ups – chances are high that they have a malware infection.

You can check Windows computers for malware and viruses and clean up any infection you might find using our Free Virus Removal Tool. Just download the tool, run it, and remove malware with the click of a button. Simple!

2. Use Sophos’s free firewall to protect your family and yourself.

If you live in a shared house, try the Sophos UTM Home Edition. It’s a free firewall offering the same benefits as our award-winning product for businesses – email scanning, web filtering, a VPN, web application security, and everything you need to keep up to 50 devices on your home network secure.

Better yet, you get 12 free licenses for Sophos Anti-Virus for Windows that you can install and manage throughout your household, right from the UTM web console.

You can cover more than just Windows computers – our other free tools include Sophos Antivirus for Mac, Sophos Antivirus for Linux, and Sophos Free Antivirus and Security for Android.

3. Give them this easy guide to computer and data security.

It’s hard to explain security without using a bunch of technical jargon. Have you ever tried to explain phishing to your grandmother? We’ve got just the thing to help you – a computer and data security guide that provides simple definitions to everything from Android malware to Zbot. Download the free Threatsaurus security guide to get definitions of tons of computer security terms, loads of security tips, and more.

You can read the original article here.

Just over a month ago we announced the release of version 4.0 of the Sophos Web Appliance. Many customers and partners have asked me when their appliances will receive the new version so here’s an update on our release progress.

We started our usual staged rollout process in early April. Staged rollout allows us to make the product available to early adopters while giving us the chance to address any issues that slip through our extensive testing and QA procedures.

Delivering high quality is a priority for Sophos. During those first stages, our early adopters identified a couple of areas where version 4.0 was not performing as expected, so we decided to postpone the rollout while we addressed those issues.

We currently expect to re-start the staged rollout by 18 May and customers should see the update becoming available in the following weeks.

More information on what to expect in Sophos Web Appliance version 4.0 can be found here.

You can read the original article here.

SophosLabs tracks huge volumes of spam from around the world, and once in a while we pause to take a look at the countries sending the most spam  – we call it our Dirty Dozen Spampionship.

In the results for the most recent quarter (January, February and March 2015), we found that the biggest spam-relaying country in the world is the United States, once again. Vietnam has climbed to number two, followed by Ukraine, Russia, South Korea, and China rounding out the top six.

Check out the rest of the list and you see some familiar places and some countries that come and go from the Dirty Dozen:

Measured per capita, though, and even a small country like Moldova can end up on top. Moldova hasn’t been in the Dirty Dozen before, but this time, spam coming from hosting providers’ servers, coupled with the more usual problem of zombie malware on home computers, have propelled the country to the number one spot. 

The rest of the dirty dozen measured by population is shown here:

So what does this mean? Cybercriminals have figured out that it’s harder to stop spam from a vast number of computers that have been infected by their malware. That’s why we see spam from all over the world.

All spam-sending computers are dangerous, and to stop spam we need to clean up the malware that makes it such a big problem. To scan your computer for malware, download our Free Virus Removal Tool.

For more about spam, and how to make sure you’re protected, check out these articles and podcasts:

• How bots and zombies work and why you should care
• How to send 5 million spam emails without even noticing
• Snowshoe spam and what can be done about it

You can read the original article here.

Τώρα, μπορείτε να αντικαταστήσετε το WD Arkeia στην επιχείρηση σας με ένα από τα καλύτερα υβριδικά συστήματα αντιγράφων ασφαλείας στον κόσμο, το SEP sesam με έκπτωση 20%. 

Η μετάβαση γίνεται εύκολα, γρήγορα και επιπλέον οικονομικά.  Το SEP sesam είναι μία ολοκληρωμένη, ενιαία λύση αντιγράφων ασφαλείας που ενσωματώνεται απρόσκοπτα σε οποιοδήποτε περιβάλλον χωρίς διακοπές ή απώλειες δεδομένων. Είναι ιδανικό για κάθε περιβάλλον IT και προορίζεται για επιχειρήσεις κάθε μεγέθους, από μικρές έως πολύ μεγάλες αλλά και για οργανισμούς. Είναι εξαιρετικά κλιμακούμενο και επεκτάσιμο, και λειτουργεί το ίδιο απλά, είτε βρίσκεται σε έναν, είτε σε πολλές χιλιάδες διακομιστές. 

Αφού εγκατασταθεί, απλώς λειτουργεί, όπως άλλωστε θα περιμένατε (set & forget). Το SEP sesam μπορεί να κρατήσει αντίγραφα ασφαλείας από 1GB έως 1000TB, και μέσω της τεχνολογίας πολλαπλών ροών (multi streaming) προσφέρει εκπληκτικά υψηλούς ρυθμούς μεταφοράς δεδομένων, πολλών terabytes την ώρα σε κατάλληλα διαμορφωμένα συστήματα. Η λύση SEP sesam ειδικεύεται στα αντίγραφα ασφαλείας σε πραγματικό χρόνο σε εφαρμογές, βάσεις δεδομένων και αρχεία σε περιβάλλοντα πολλαπλών λειτουργικών συστημάτων αφού υποστηρίζει όλα τα δημοφιλή λειτουργικά συστήματα, όλες τις πλατφόρμες εικονικοποίησης και  εφαρμογές, όλες τις βάσεις δεδομένων και τις τεχνολογίες αποθήκευσης. 

Πρόκειται για ένα ιδιαίτερα ευέλικτο, και ισχυρό υβριδικό σύστημα αντιγράφων ασφαλείας σε πραγματικό χρόνο. Το SEP sesam μπορεί να προσφέρει εξειδικευμένα αντίγραφα ασφαλείας για συστήματα όπως τα  Microsoft Exchange Server, Groupwise, Lotus Domino Server, Zarafa, Dovecot IMAP, Cyrus IMAP, Courier IMAP, openLDAP, Microsoft SharePoint και άλλα και υποστηρίζει βάσεις δεδομένων Oracle, MS SQL, IBM DB2, Informix SAP R/3, MaxDB κ.ά. 

Το SEP sesam επίσης προσφέρει εργαλεία που ενεργοποιούν την συγκέντρωση της διαχείρισης και των διαδικασιών ελέγχου για την εξασφάλιση της ευκολίας εποπτείας, παρακολούθησης και ασφάλειας του περιβάλλοντος και προσφέρει εκπληκτικές επιλογές αντιγράφων ασφαλείας για πλατφόρμες εικονικοποίησης συμπεριλαμβανομένων των VMware, Citrix XenServer, XEN, Hyper-V και RedHat. Επίσης μπορεί να ενσωματωθεί πολύ εύκολα με οποιαδήποτε πλατφόρμα στο cloud όπως Citrix Cloud Stack, Amazon EC2 ή οποιοδήποτε άλλο ιδιωτικό cloud.  

Αν θέλετε μία εξαιρετική λύση αντιγράφων ασφαλείας, που υποστηρίζει κλωνοποίηση δεδομένων για εφεδρεία σε περίπτωση διακοπής της λειτουργίας του συστήματος, με εύκολη κεντρική διαχείριση, με αποκατάσταση “bare metal”, με τεχνολογία Deduplication και με τεχνολογία πολλαπλών ροών, τότε αποτελεί την ιδανική πρόταση για να αντικαταστήσετε το σύστημα WD Arkeia, επωφελούμενοι της ειδικής προσφοράς – έκπτωσης 20%!

Back in the day, network speed and throughput were limiting factors for the overall productivity of an organization. Gigabit Ethernet came onto the scene in 1999, and offered a quantum leap in performance over previous connectivity standards.

10GbE was approved by IEEE in 2002, and slowly gained more widespread deployment as the switch vendors and others adopted the standard. Now, 40GbE and even 100GbE are available (though industry analyst firm Infonetics predicts that within one to two years, 40GbE will phase out as 25GbE and 100GbE become the norm).

The Rise of the Application

In that same timeframe, individual PC licenses for generalized office applications have been replaced by Software-as-a-Service offerings such as Microsoft’s Office 365 and Adobe Systems’ Creative Cloud. It’s almost the de facto standard to host an organization’s email on Microsoft Exchange Server. Applications such as Oracle’s suite of products, as well as those of SAP, IBM, EMC and many others, are used for tasks from order entry to business intelligence to electronic medical records and have become intrinsic to the operation, competitive edge, and overall success of the majority of businesses and other organizations today. Can you imagine attempting to conduct your job without the myriad applications you use on a daily basis?

So, Which is King?

Sorry, switch vendors. Ultimately the network exists to support the applications – and without applications, the network is just an empty pipe. Given adequate bandwidth and speed, and acceptable uptime standards, applications will run smoothly and end-users won’t flood the help desk with calls about application availability or slowness.

However, there is a caveat to that. What happens when dozens (or hundreds) of applications and their data are traversing the network? What happens when the same data (such as images, data files, etc.) is downloaded hundreds of times a day by end-users? What if multiple simultaneous connection requests overwhelm the application’s server? And how can you optimize application performance for mobile users on smart devices?

Array’s APV Series application delivery controllers (ADCs) and aCelera WAN optimization controllers can maximize the efficiency of servers and network connections, while providing application intelligence to optimize the end-user experience.

For example, APV Series dedicated ADC appliances can offload CPU-intensive connection management tasks, freeing server cycles for client requests. Connection multiplexing, developed by Array, also aggregates client connections to improve server efficiency by 50% or more.

APV Series ADCs can also apply caching, compression and traffic shaping to improve server performance, reduce bandwidth requirements, and assure critical applications take precedence over non-essential traffic.

aCelera WAN optimization minimizes traffic traversing the network, reducing end-user response times by up to 95% and ensuring a LAN-like experience regardless of end-users’ locations. aCelera also offers a mobile client to accelerate traffic between individual devices and aCelera appliances in the data center or cloud.

Long Live the King!

And the winner is: Your IT team, if your network resources are optimized to support the applications your company or organization needs in order to grow, thrive, compete and succeed. Explore our resources on application acceleration, WAN optimization, and application-specific deployment guides to learn more.

Υou can read the original article here.

Sophos makes enterprise-grade security that works for small and mid-sized businesses. Providing sophisticated protection with simple management, Sophos Endpoint Protection is ideal for under-resourced organizations. Sophos Endpoint Protection also offers flexibility. You choose management in the cloud, or on premise—whichever best suits your business.

Here are a few of examples demonstrating how real Sophos customers benefit from either choice. Midway Energy Services uses Sophos Cloud to secure 600 workers spread out at 11 locations in 5 states – with an IT staff of just one person.

Sophos Cloud offers web-based access to a unified console with policies that follow users across devices and platforms. That means the IT admin can check on remote workers on their laptops or mobile devices in one easy view. Plus, it’s easy to find and block threats and even clean up infections without the need to travel.

Deployment is a snap, because with Sophos Cloud there’s no server to install, so you’ll be up and running in just 60 seconds. And the cloud-based management console is designed with simplicity in mind, so you don’t need to be security expert to use it.

The on-premise Sophos Endpoint Protection is easy to deploy as well. Lassen County, in California, chose Sophos to replace its existing solution, partly because of how easy it was to switch.

“Most of the other vendors promised ease of deployment, but removal and rollout didn’t work when we tested it,” says Lassen County IT Director Robert Talley. “Sophos provided an automatic migration that was smooth, fast and easy.”

We make it even easier for you with default policies that are configured to balance protection, usability and performance – for simple security that works right out of the box.

More reasons to choose Sophos Endpoint Protection

If you’re looking to switch to endpoint protection that’s simply better, we give you five big reasons why you should consider choosing Sophos Endpoint Protection.

Learn more about how you can secure your organization with protection that offers these benefits:

• Innovative technology from an industry leader
• Lighting performance that won’t slow your users down
• Sophisticated simplicity – saves time and easy to manage
• User-based licensing to accommodate a modern workforce
• Flexible deployment – on-premise or in the cloud

You can read the original article here.

As much as we complain about email as an annoyance, a distraction, and a productivity killer, we depend on it for vital business and personal communications. We might hate email, but we’d probably be lost without it. What many people don’t realize is that email is quite old as a technology, and it’s very insecure. Not only are spam and phishing rampant, email snooping is a problem, too.

Because email traverses the Internet in plaintext, it’s only as private as sending a postcard. If you’re not encrypting your email, what you might think is a private communication could be read by anyone – whether it be Google, the NSA, or perhaps one of your competitors.

Sophos Global IT Security Manager Ross McKerchar wrote about the problem of email in a blog post on Naked Security: “Despite its lack of security, we keep using email because it’s become so ingrained in the way we do business, and it’s not going to be replaced any time soon“. To get email security right, you should think about all the ways email can be misused and abused.

Ross’s advice is to look at the options for email encryption, and figure out which one is best for your users – because, ultimately, you rely on them to make it work. Solutions range from the somewhat impractical (PGP and S/MIME), to the not totally secure (file encryption), to what we consider the simplest and least problematic – Sophos’s own SPX encryption technology.

To protect data and your organization from email-borne threats, you should look for a solution that also offers spam filtering and policy-based data loss prevention (DLP).

We can help you crack the problem of email security. Learn more about why unencrypted email is a “deadly IT sin” by checking out our 7 Deadly IT Sins website. It’s got lots of information about the ways organizations commit security “sins,” and it offers videos and other free resources to help you.

You can read the original article here.