Google has taken steps toward protecting is users from malware and phishing attacks by alerting webmasters of malicious content and bad URLs.

Now Google offers a service for Network Administartors that allows system owners to receive early notifications for malicious content on their network. Its called “Google Safe Browsing Alerts“. As an example of how powerful this can be, imagine an Internet Service Provider have such a service.

I can already hear the “nayers of google” crying, “what about the privacy of the networks and your users?” To this I say, “SHUT THE HELL UP!” Google loves you. Google died for your sins. Repent, for the kingdom of Google is at hand.
http://safebrowsingalerts.googlelabs.com/

That is all.

http://googleonlinesecurity.blogspot.com/2010/09/safe-browsing-alerts-for-network.html

I was given the honor of reviewing GFI LANguard network and security scanner. Right off the bat I notice that the interface is very intuitive & easy to use, which is important to a busy security professional that have better things to do with their time than fight with a messy
security tool.

The network scanning tool I normally use is called Retina.
When lining the two up, I have to say Retina is much more powerful, with many more options built in. It can drill way down and do intrusive scans where GFI LANguard v.9 is pretty vanilla. It gives you what you need and that is it.

The simplicity could be an advantage to a system admin doing a security job, because it really is straight to the point. The cost is definitely and advantage. GFI LANguard is about ½ the cost of the Retina Scan tool.

Retina Professional Edition 16 IP Pack – $995.00

GFI LAN Guard goes for about 300+ for 10 licences.

Nessus is considered one of the best network scan tools but its more expensive then both.

What I really like about Retina is that it allows you to scan in accordance with Department of Defense standards, SAN, and others. Languard does look at the SANS Top 20 report vulnerabilities.

If your looking for basic, down to Earth network & security scanner for your small to medium business needs, than GFI Languard is definitely the way to go because you will not beat the cost for the quality and support you get. Its going to give you a thorough assessment of the your systems and even tell you how to fix them. Buy this product!

The Internet has become an in disposable tool for research, commerce, art, education and virtually every part of modern life. It was the inquisitive, intelligent, intuitive and creative nature of humanity that created the Internet and its those same qualities that put individual systems linked directly to the Internet in peril. The three pillars of information security are at stake for all systems with connectivity to the Internet. The challenge is in the implementation of the necessary security controls to achieve those three pillars.

Confidentiality:

Confidentiality pertains to protecting sensitive information. Sensitive information can be anything from private user information to classified defense data. Many organization live and die by the protection of proprietary information from competitors. During wartime, the armed services literally LIVE or DIE based on how well certain sensitive information is guarded. In the US Department of Defense is called Operational Security. Since the Internet is a critical part of the DoD (and defense organizations around the world) the confidentiality is a HUGE challenge for their Information systems exposed to the Internet. Some of the threats to there systems include: social engineering, leaks of information and accidental release of sensitive data. All of these threats can be enabled via the Internet.

Organizations must educate their user who have access to sensitive information. I’ve heard some security professionals say that educating users is bad.

But if your users have access to sensitive information (and need to have that access to do their jobs) it is imperative that they not only know WHAT is sensitive, but WHO it can be give to, WHEN it can be shared, HOW it can be share and WHY it can be shared.

Integrity:

Data integrity is very important to all systems passing data on the Internet. Integrity has to do with whether or not the message on the other end of your connection is the same one you actually sent. Whether its your passwords being passed to your bank or the DoD passing data over the Internet, the integrity of the data is imperative. Its often taken for granted until, we are sending an email and the receiver says they got the email but the message can’t be read. Sometimes if the messages integrity is garbled or malformed it simply won’t reach its destination. If the integrity of a message can not be protected in some way or verified and checked, it is possible for someone to intercept your message, alter it, and send it on its way. Integrity is especially critical in banking and financial transactions which is why encryption and authentication take on such an important role for sensitive transactions such as ATM withdrawals, and online banking.

The challenge to maintaining Internet integrity is to ensure that link is encrypted when necessary.

Availability:

If there is no availability there is no mission, no business, no functionality. One of the major challenges of Internet security has been Denial of Services attacks. A Denial of Service attack is when your system on the Internet (or within a network) is flooded with useless traffic such that no one else (not even you) can use it. With a misconfiguration, a denial of service can happen by accident. Its important to test the availability of an online system. Its also a good practice to see what kind of availability and access you are giving. After all, too much availability can compromise the security of your system.

Most challenges of Internet security can tie into one or more of the big three: confidentiality, confidentiality or availability. With those in mind most challenges can be overcome. But the double edged sword of security.. the very nature of it on the Internet is to constantly change and evolve with the Internet. The constant change of threats to those three aspects of security is perhaps the biggest over arching challenge.

Dangers of the Internet are relative to the perspective of those accessing it. That is to say, on the Internet “dangers” are completely dependent on who is accessing what data from where and what their intentions are for accessing it. For example, researching a list of poisons could be a considered “dangers to the Internet” if a seriously disturbed person intends to kill his or her spouse. On the other hand, if a parent is just wondering what house hold products are poisonous with the intention of protecting her children, can that be considered a danger?

So protection from dangers on the Internet should be proactive and involve human judgment at some level. Policies must be written, planned and implemented in advanced or ad hoc to suit the environment and the users accessing the Internet. Children at a school with access from the classroom will more than likely be different from employees at a skating rink.

Even the items commonly considered dangers on the Internet relate directly to how much access individuals and organizations allow to and from the web. Common “dangers” may include (but should not be limited to) the following:

Accessibility to personal – applies to educating users on the dangers of putting personal information on the Internet and protecting organizational data bases

Sensitive data – For a school sensitive data is likely linked to the grades and personal information of staff and student, but for a business sensitive information could include proprietary information that would hurt the bottom line if it were leaked to competition.

Financial fraud & criminal hackers/scammers- This applies to educating users about criminal hacker techniques such as malware, social engineering, email and website phishing

The access of impressionable and/or psychologically disturbed individuals to potentially harmful and destructive information – This is rather subjective however it should be a concern to schools from elementary – colleges, rehabilitation facilities and mental institutions. There are ways to block certain obvious material with web-blocker type applications, but no one can stop them all. Monitoring is a must if this danger is to be handled seriously.

The risks and damage of these dangers are dependent on the environment & the users involved. It is up to the system owners to ensure that the policies are properly planned, implemented and maintained as exposure to any Internet danger can disrupt the safety, mission and/or values of an organization or individual.

Network Management Systems

The rumor on how Disney uses Network Management.

When the temperature
rises on the park grounds at Disneyland all the prices of the beverage
vending machines automatically goes up by 10% to fully capitalize on
consumer demand.  I believe that is an old Information Technology rumor to explain how network management works… at least I hope it is a rumor.

Why Network Management is important.

More and more organizations depend on their networks.  Business’ the depend heavily on the status of their networks must have network management tools as they grow.  If
a network dependent business such as ebay, Google, Yahoo and many
others go down for even a few minutes, they can loose literally
hundreds of thousands of dollars in sales and even a small piece of
their customer’s confidence which could in turn affect the value of
their stock.  When every second of network time counts the system must be monitored continuously.  The most cost effective way to do this is to use an automated network management tool. 

Network Management Standards

The International
Organization for Standards (ISO) addresses the five major functional
area of the Network Management Model as performance management,
accounting management, configuration management, fault management and
security management.

Performance Management

Performance
management is monitoring, assessing, and adjusting the available
bandwidth and network resource usage in order make a network run more
efficiently.  Performance management is a
very important part of the network management model particularly to the
business and/or organization that wants to streamline their network's
performance. 

An example might be a
business that has an administrative office who works from 9-5 and
requires steady use of the network all day.  Everyday at right after lunch the network seems to slow down to a halt and slows down the production considerably.  Using a program like Solar Winds might show an increase in actual nodes and data flowing on the network in the afternoon.  Solar Winds
would actually help an Network Managers pinpoint the group of new nodes
and find that the reason for the after lunch network performance slow
down is due to a group of contracted programmers who come in everyday
at 1pm to do work.  After identifying the performance issues, System Administrators would then be able to balance the usage of bandwidth.  Devices from companies such as Orbital Data and Cisco even support Performance monitoring over Wide Area Networks connection.

Accounting Management

Accounting management monitors and assesses the usage of data and/or resources for the purpose of billing.  This aspect of the network management is by Internet Service Providers to bill customers for the resources they use. 

Configuration Management

The configuration
side of network management is for tracking the hardware and software
versions on the network to identify their effects on the network's
operation.  An example of this is
Microsoft’s System Management Server (SMS) which has the capability to
monitor, manage and track every piece of software and hardware on a
given network.  Configuration management
tools are great for establishing assurance for business owner who know
the importance of maintaining control of the networks baseline.

Fault Management

Fault Management is what most people think of when they think of network management.  The
purpose of this area of network management is to detect, log and alert
the system administrators of problems that might effect the systems
operations.  An organization such as Tivoli,
HP Openview or WhatupGold could be used to actually page the Network
Manager when a particular node or section of the network goes down.

Security Management

Security Management
deals with controlling access to resources and even alerting the proper
authorities when certain resources are accessed.  In
the same way that a network manager can be paged or emailed when a
resource goes down, network management systems can be used to send
messages when certain files, servers or routers is accesses.  Intrusion detection systems such as Symantec’s Intruder Alert have this security management capability.

There are many products that support some or even all of these areas of network management.  What
most network management systems have in common is their use of
protocols such as Simple Network Management Protocols (SNMP), SNMPv3,
and Common Management Information Protocol (CMIP). There are a variety
of Network Management tools ranging from Intuit's Network Management
Software to IBM's Tivoli, Fidelia's Helix to AdventNet.  Maybe
your network management solution does not include a system that
increases vending machine prices as the heat rises, but you can
definitely find what you need among these and other excellent tools on
the market.

References:

Cisco. Network Management Basics. Cisco.com. Feb 2002

            http://www.cisco.com/

RFC 1157. Simple Network Management Protocol.

            http://www.faqs.org/rfcs/rfc1157.html

Wikipedia. Network Management. Wikipedia.org.

http://en.wikipedia.org/wiki/Network_management

ITPRC. Network Management. Itprc.com

http://www.itprc.com/nms.htm