Although it can be exploited in some cases, the good news is that not all implementations can be exploited, and only certain services and applications allow a hacker to exploit this issue. Please see our article on Naked Security for an explanation of the vulnerability itself.

In addition, we have examined our products and we are confident that the Shellshock vulnerability can’t be exploited in any Sophos product. Our IT systems have also been patched or were not vulnerable. For the latest information on how this bug affects Sophos products, please refer to our knowledgebase article from Sophos Support. 

You can read the original article, here.

So here are some tips on how you can use Sophos products to maintain security for your yet-to-be-decommissioned XP systems during the transition period.

1. Run the Sophos endpoint

With the Sophos endpoint you will of course get our award-winning anti-malware scanner, but you’ll also get Host Intrusion Prevention System (HIPS), Application Control, and Patch Assessment (if you are licensed for it).

• Using HIPS is easy and requires no work on your part — HIPS is enabled by default. The guys and gals at SophosLabs are constantly tweaking the detection rules for HIPS to make sure we detect and block exploits of new vulnerabilities.
• By using Application Control you reduce the threat surface further by blocking thousands of applications from running at all.
• Bonus tip: While you are at it, make sure you uninstall any software on your XP systems that isn’t absolutely necessary.
• Our endpoint is also available with Patch Assessment. Use this to find vulnerable software on your XP machines. Missing patches will be listed in order of priority starting with the most critical (currently exploited), making it easy for you to decide where to start.

2. Use Sophos Client Firewall

Sometimes overlooked, the client firewall allows you to really lock down the machine as much as you like — to the point of making it near unusable if you so wish!

• Train the firewall to only allow traffic to and from your known good processes.
• You can also enable checksumming  to identify known processes. It’s more secure, but will require more work from your side to maintain.
• You can also manage ICMP request to stop the system from responding to Ping requests.

Learn more about Sophos products

Those are the choices for the top two technologies you really should consider for any remaining XP systems. There are more  you can use. I haven’t mentioned Device Control, Data Control, Web Control or Full-Disk Encryption — they all play a part in endpoint security. Or you may want to take it one step further and take full control of the network traffic using our SG Series network appliances. Your requirements will of course vary. In any case, we will have a product that can help you stay secure and it will be as easy as possible to implement.

You can read the original article here.

This joint solution provides a highly efficient, scalable and effective network-based platform for service providers and enterprise networks. In turn, they can deliver increased levels of security to their consumer, business and internal customers without any need for end-device software or new network elements.  Utilizing DNS, a lightweight, multi-network, multi-end device protocol, this solution is available for both fixed (xDSL, Cable, NBN) and wireless networks offering protection for PCs, tablets, smartphones, wireless dongles, games consoles, and any IP- enabled device.

“Sophos provides threat intelligence feeds to our network, gateway and endpoint security products. Our partnership with Nominum extends this intelligence to the DNS level, offering security in the core operations of the network,” said Stuart Fisher, Managing Director, Sophos APAC. “SophosLabs identifies more than 30,000 new malicious URLs daily. By adding intelligence from the DNS into the equation, the joint Nominum–Sophos solution offers maximum protection for all network users.”

“Both our companies are highly committed to making the Internet a safer, more secure place for users. Considering the value this partnership will bring into our core markets such as Australia, New Zealand, Singapore, ASEAN, China and India, we anticipate we will see a high-level of adoption.”

“By joining our partner ecosystem, Sophos and Nominum can provide increased protection to Internet users across multiple platforms,” said Brian McElroy, Vice President of Business Development, Nominum.  “A joint Nominum-Sophos security solution offers near real-time (zero day) in-network protection, like the Interpol-fed Nominum Content Blocking solution deployed in Australian carrier networks, which protects Internet users from child sexual exploitation content. Adding this new policy and protection in-network from malicious threats makes great sense.”

This list was conceived to put a spotlight on the professionals driving one of the most important customer segments in the industry today. These executives were nominated by peers, colleagues, customers and partners because of the strong relationships they have built with midmarket customers, for their leadership, strategic thinking and solution excellence they demonstrate. Valentine was also named a “top disrupter,” a listing of the 25 executives who shook up the IT industry this year.

Kris Hagerman, chief executive officer for Sophos, said, “Mike has been with Sophos for less than a year, but he’s already making an enormous impact. As the architect and driver of our “Channel First” sales strategy, Mike has enabled Sophos to make major strides to work better and more closely with the channel than ever before. Mike is well-known by the channel as a great leader, recruiter and winner. We’re thrilled to have Mike at Sophos leading our global sales team, and this validation from CRN and our partners provides added evidence that we’ve become the leading choice for delivering complete IT security without complexity.”

Commentary from the Sophos Channel
“Our partnership with Sophos allows us to provide comprehensive security solutions for clients, datacenters, and the cloud. We are excited about the leadership and direction Mike brings to Sophos,” said Stephen Perciballi, Security Category Leader, Datacenter Group, Softchoice.

“Sophos’ commitment to the channel is impressive. It has an outstanding partner program and excellent IT security value proposition with award-winning security solutions that are simple to implement and simple to use. Combined with its determination to help partners like us grow our business, Sophos is delivering on his channel first promise,” said Jez Turner, Sales Director, Foursys. Foursys is a specialist in IT security solutions, with over 16 years’ experience and more than 900 customers in the UK.

And, as an IT professional, I faced the same challenge in all of these roles: SMBs have many of the same infrastructure needs as larger enterprises, but I didn’t have the time, budget or expertise to implement enterprise technology. Antivirus is a great example.

When I worked at an educational non-profit organization, we had a couple hundred users and a fast-changing environment. We had students doing who-knows-what with the classroom computers, limited Internet bandwidth that was often brought to its knees by people watching streaming video during peak usage times, and an Executive Director who wanted to use his Blackberry for work.

I was familiar with technologies like device control, host-based intrusion prevention systems (HIPS), web content filtering, and mobile device management. But who had the time or budget to research, acquire, learn, configure and maintain each of these systems?

Like most SMB IT professionals, I was left with a choice: attempt to implement one or more complex enterprise solutions as best I could, or I could compromise on the features and integration by selecting a hodgepodge of “small business” products. Goodbye Active Directory sync and HIPS! Hello separate web filtering, antivirus and mobile solutions!

It is no exaggeration to say that if someone had showed me Sophos Cloud back then, I would have thought it was an April Fool’s prank. No server and console to configure and install? Enterprise-class technology that is both affordable and easy to use? Everything integrated into a single intuitive interface?

Surely that’s not possible! And, to be fair, it wasn’t possible back when I was working in IT. But today it is.

About Sophos Cloud

Sophos Cloud provides everything you need to manage security for all of your organization’s end user devices: Windows, Mac and mobile. From device control to HIPS, Active Directory sync to web content filtering, it’s all there.

More importantly, it’s designed to give you enterprise-level protection with Sophos’s trademark simplicity. It’s almost enough to make me wish I was working in IT again.

Try it out today. You’ll be up and running with the 30-day free trial in just 60 seconds.

You can read the original article, here.

Best in Biz Awards, the only independent business award program judged by members of the press and industry analysts.

The Arkeia Network Backup Suite comprises Arkeia Software’s line of backup-and-restore solutions. Administrators can deploy Arkeia’s backup servers as software applications, hardware appliances or virtual appliances. Arkeia Software protects both virtual and physical environments and manages backups to disk, to tape, and to the cloud.

For more information click here

new Router Utility app. Ready when you are, wherever you are, the Router Utility app gives you instant insight into device status, events, bandwidth usage, and more. And with full support for push notifications, you’ll know immediately whenever there’s an important status change or performance issue, helping you to keep small glitches from becoming major problems.

For more information click here

for next-generation networks.

Bandwidth management using deep packet inspection (DPI) is a relatively new field for enterprises or carriers / network operators. Ipoque technology can help solve many of the issues that arise from growing user numbers generating ever more traffic with a large variety of new applications. PRX Traffic Manager solutions detect applications with a combination of layer-7 deep packet inspection (DPI) and behavioral traffic analysis. The integrated quality-of-service (QoS) management allows prioritization, shaping and blocking of classified traffic.

Click here to watch the webinar

latest threat trends as well as tips for fighting back and keeping your people and devices secure.

In the past year cybercriminals found ways to attack new platforms from Android to cloud services. And Sophos saw a resurgence of old malware techniques with new twists. Hackers got smarter and better organized, developing better ways to spread their crime packs and to evade detection.

Fortunately, Sophos security experts at SophosLabs are always on the case.

Download your free copy of the 2013 Security Threat Report here
Playlist of Threat Report videos here
Check out Sophos 2013 security trend predictions here

will be called BasicGuard; this will target smaller businesses giving them all the essential features of a market leading UTM at an affordable price.

What is Sophos launching?

Sophos is launching three new components:

1) Two new entry level appliance bundles UTM 100 and UTM 110 with Basic Guard Subscription. Both are based on the existing Sophos UTM110/120 hardware. BasicGuard is the only feature bundle available for UTM100 and also available as an alternative option for UTM110.

2) With customers connecting more and more devices to their network Sophos is removing the 10 IP/user limitations of the UTM110 and introducing a throughput limitation instead, which is different for UTM100, 110 and 120 (hence depending on the license type while all using the same hardware).

3) A price reduction for UTM110 FullGuard.

Furthermore, BasicGuard contains:

• Web Application Control
• Network Firewall & IPS
• Remote Access and VPN
• Wireless Protection
• Web Antivirus and URL filter
• Email Antivirus and Antispam

Vendor Landscape Report entitled, “Vendor Landscape: Application Delivery Controllers: It’s a Lot More than Just Load Balancing”.

The report assessed the strengths and weaknesses of 10 leading application delivery controller (ADC) vendors. Array received a high score in the “Innovator” category based on its features for support and migration toward IPv6 before much of the competition and for being on the leading edge of SSL acceleration, offering 2048 bit encryption.

Array’s AppVelocity server load balancing appliances optimize the availability, security and performance of enterprise applications, IP data services and data center equipment. Powered by Array SpeedCore™, AppVelocity server load balancing appliances leverage parallel multi-core processing to achieve breakthrough scalability and performance for application delivery.  Available on Array’s APV Series Application Delivery Controller hardware and engineered for modern datacenter, cloud and virtual environments, AppVelocity server load balancing appliances boost application performance and speed return-on-investment from the small enterprise to the large service provider.

For more information click here

improved economics for protection of private and public clouds.

Powered by Array’s award-winning 64-bit SpeedCore platform, the new product gives enterprises and service providers the ability to run Array’s proven AG Series secure access gateways as virtual machines on commodity servers running VMware ESXi, Citrix XenServer or OpenXen hypervisors.

Each vxAG Virtual Secure Access Gateway supports all of the features and functions found on Array’s dedicated hardware AG 1000 Series secure access gateways. Available for 64-bit versions of VMware ESXi 4.1 or later, XenServer 5.6 or later and OpenXen 4.0 or later, the vxAG Virtual Secure Access Gateway gives enterprises and service providers the agility and flexibility to create and offer dynamic secure access services.

For more information click here

adding more bandwidth.

ipoque announced that four more large enterprises have finally said “enough” with adding more bandwidth to solve their open-loop problem of trying to meet their continuous thirst for more throughput. These companies instead turned to ipoque to improve the performance of their traffic by better monitoring and managing their networks.

ipoque’s new white paper illustrates the advantages of a multi-tier architecture of loosely coupled, well-integrated systems that is extensible, flexible and scalable enough to meet present and future challenges of network operators. The document regards the technical background and explains the functions of each network component, focusing mainly on the policy enforcement system.

Fo more information click here

Broadband Traffic Management Congress 2012.

The Broadband Traffic Management Congress takes place in London between 06/11/2012 – 08/11/2012.

Royal Garden Hotel, London

For more information click here

adds new features like dual-band wireless for even greater range, reliability, and speed.

Manage from Anywhere
Like all AP One series products, the AP One 300M offers anywhere, anytime remote management via the InControl cloud-based management platform. And starting with Firmware 5.4, Balance users can centrally manage up to 20 AP One devices for free with the Balance’s built-in WLAN Controller.

Deliver Wi-Fi Everywhere
The AP One 300M also features two Gigabit Ethernet WAN ports and a 2.4GHz/5GHz 802.11a/b/g/n radio for more flexibility and speed, as well as greater signal coverage and reliability.