Grant Hegerberg

Grant Hegerberg has written 32 posts for Smart Security

Virtualized Security Capabilities You’ll Need for Ultimate Protection

One of the most critical aspects of virtualized security is the ability to manage the environment. Most virtualized security solutions today need to support rapid deployment and be used to implement virtualization security policies, not just on an inside-vs.-outside basis, but also between organizations or applications within the same infrastructure. It needs to provide compliance and privacy within the organization and be able to migrate within the virtual infrastructure, and protect using the high-availability capabilities of the virtual infrastructure, offering protection continuity even as the infrastructure changes dynamically. It needs to be easily preconfigured and deployed along with the virtual machines that serve multi-component applications, making it easy to protect them and their data by default. Policies should be defined not only at the intersection of physical networks, but also between virtual-only networks within server farms or even on individual servers. Full threat prevention policies must be implemented at the physical perimeter and at the connection point for mobile and personal devices. In short, virtualization security is not a simple task.

Today’s virtualization security solution needs to defend against botnets, Advanced Persistent Threats (APTs), and other attacks, while keeping your organization in control when using Web 2.0 applications. The architecture should consist of different security layers that work cooperatively with one another to dynamically detect, block, and report on malicious traffic while passing benign traffic through as efficiently as possible. It should be able to protect your organization from new, unknown threats – often called zero day threats.

  1. As you explore your virtualization security options, here are six capabilities you’ll need to consider:A cloud-based URL reputation enabled defense that protects web users from malicious web pages, while dramatically improving web throughput
  2. Ability to block unwanted email with 100% accuracy along with the viral payloads that spam often carries. Recognize spam regardless of the language, format, or content of the message – even image-based spam that anti-spam products often miss
  3. A URL filtering service that blocks access to dangerous and inappropriate web sites in the workplace. Able to filter URLs on both HTTP and HTTPS to close the HTTPS loophole many web filters leave wide open
  4. A powerful signature-based protection at the gateway against known viruses, trojans, worms, spyware, and rogueware
  5. Ability to scan all ports and protocols to block attacks that comply with standard protocols but carry malicious content, including buffer overflows, SQL injections, and remote file inclusions
  6. Ability to stay on top of the applications running on your network for tight security and high productivity and establish which applications can be used within your organization

If you’re attending Interop in Las Vegas this May, be sure to swing by booth 751 where we’ll be speaking on everything you need to know about virtualization security. Hope to see you there!

Five Traits Your UTM System Needs to Deliver Real Network Protection

Coined by IDC analyst Charles Kodology in 2003, the term, UTM, or Unified Threat Management applies to multi-function firewalls that combine many security technologies into one easy-to-manage appliance. Today’s UTM appliances typically consolidate firewall and VPN capabilities along with URL filtering, spam blocking, intrusion prevention, gateway antivirus, application control, and a centralized management, monitoring and logging function. Traditionally, these discrete functions were handled by multiple point solutions. The multi-layered security approach of UTM appliances provides broad protection against all kinds of network threats.

So now you’re in the market for a smart UTM system that can deliver broad protection, but what to look for… A UTM appliance can vary significantly from vendor-to-vendor, which can only make an accurate evaluation somewhat cloudy. While UTM security vendors may seem to offer a similar checklist of core technologies and features (firewalling, IPS, etc.), when evaluating vendors, recognize that there is enormous disparity between UTM solutions in the following five critical areas:

1. Quality of the features/capabilities. The most prevalent approach among UTM vendors is to rely primarily on homegrown technologies for their gateway AV, URL filtering, application control (if they have any), anti-spam, and other security services. However, we believe that no single company will ever be able to adequately research and develop the best technology for each discrete security problem. A shortcoming of the homegrown approach to multi-layered security, is that these UTM vendors end up producing a watered down security solution at each layer. We believe this practice contributes to the reluctance of some organizations to even choose a UTM solution for their security. It’s also why we here at WatchGuard use a best-in-class approach to delivering the smartest UTM appliances available; integrating the leading technology provider for each security layer – Websense for URL filtering, Mailshell for anti-spam, and so on.

You’ll also want to be sure that your account for security needs if you’re working in a virtualized environment. As Neil McDonald of Gartner said, “…Unless you put virtualized security controls—virtual sniffers, virtual firewalls, all the same controls you’d use on a physical server, inside that network, you don’t see what’s going on.”

2. Security performance or UTM performance. A high performance packet throughput device, even one with custom ASIC processors, can fail over when a full suite of unified threat management tools are enabled. Many security vendors who freely tout their raw throughput numbers are not so quick to publicize their UTM throughput numbers— the performance of the firewall once all the UTM security services are turned on. Once you activate the UTM security functions—such as those necessary for PCI DSS compliance (AV, IPS, etc.)— the performance evaporates in many competitor firewalls. By the way, our UTM performance is up to 3 times faster than UTM performance from most of the other vendors.

3. Manageability and ease of use. We see it all too often with competitor solutions–poorly integrated management processes needlessly introduce complexity to administration. Improperly configured gear undermines security. Why not just make a security solution that’s as easy as possible for administrators of all skill sets to manage. One that provides state-of-the-art centralized management capabilities and innovative ease-of-use technologies, features that help administrators:

      • dramatically cut down on errors
      • quickly hone in on problem areas
      • save hours of time
      • rapidly enact policy changes and firmware updates across hundreds of XTM appliances

Something to also consider when evaluating the manageability of your UTM is whether there are premium charges for certain functionality that should be provided as standard options. Look for simple, easy-to-use management in your UTM appliance.

4. Flexibility. Security vendors differ conspicuously in the flexibility of the solution they market to customers. For instance, some UTM products can only add security services by physically bolting on software cartridges, or blades. Such an architecture only provides a limited number of slots for which to add in security services, forcing you to tradeoff one security function for another when enabling UTM capabilities. We believe lack of flexibility is a serious shortcoming of many of the competitor firewall solutions on the market. Many UTM/NGFW vendors have taken a short-sighted route of designing a security appliances to tackle only the threats of the current day.

Flexibility should also extend to ownership. Through firmware updates and software upgrades, UTM customers should be able to boost security services, subscriptions, and capabilities on the fly, without ever having to swap out hardware—further extending the life of the appliance. UTM appliances should also have a high degree of network systems interoperability. This way, regardless of the network topology mix (Cisco, Juniper or other), your UTM appliances will provide maximum interoperability.

5. Reporting and Visibility. Network visibility and security go hand-in-hand—and when it comes to achieving regulatory compliance (PCI DSS, HIPAA, CIPA, etc.), auditability is required. So, why would a security vendor not include visibility and reporting tools? Yet, many vendors charge extra for these capabilities, often requiring purchase of a separate product just for reporting.

Network security poses one of the most preponderant challenges confronting organizations today. Spyware, spam, viruses, Trojans, web exploits, and blended threats evolve and spread with alarming speed and regularity. Moreover, the emergence of new business enablement technologies exposes new attack surfaces. We see it with the growth in IP networks and proliferation of web 2.0 applications, devices (BYOD), and web technologies in the workplace. We see it with increasing reliance on cloud-based infrastructures (SAAS, PAAS, IAAS). Along with the exciting potential to cultivate work efficiencies and business opportunities, these technologies also generate more potential headaches for IT administrators.

Boosting your network security solutions with a UTM appliance is smart! Ensuring these five UTM appliance traits are part of your UTM appliance selection is even smarter. Also be sure to check out our whitepaper – Defining, Evaluating, and Designing Best-In-Class Network Security.

Continuous Data Protection: PCI DSS Requirements and the Need for UTM Security

If you own a retail store and accept credit card transactions, then you are undoubtedly aware of the PCI DSS regulatory requirements that you must meet. If you manage a distributed retail environment with multiple store ‘endpoints’ than you are not only aware of the PCI DSS requirements, but likely challenged with what can easily be one of the most complex IT environments for unified security and compliance management.

The distributed retail environment presents a multitude of unique IT challenges that stand apart from a more pedestrian single-store infrastructure; business pressures are forcing retailers to be more agile, more aggressive, and more efficient. To remain competitive, retailers have to invest in IT systems that help retain and nurture customer and brand loyalty, as well as increase sales and, simultaneously, reduce operating costs. No easy task to be sure!

So what does it take to meet the PCI DSS protocol? Simple… you meet these 12 requirements:

Build and maintain a secure network:

  • Install and maintain a firewall configuration to protect cardholder data
  • Do not use vendor-supplied defaults for system passwords and other security parameters

Protect cardholder data:

  • Protect stored cardholder data
  • Encrypt transmission of cardholder data across open, public networks

Maintain a vulnerability management program:

  • Use and regularly update antivirus software or programs
  • Develop and maintain secure systems and applications

Implement strong access and control measures:

  • Restrict access to cardholder data by business need to know
  • Assign unique IDs to each person with computer access
  • Restrict physical access to cardholder data

Regularly monitor and test networks:

  • Track and monitor all access to network resources and cardholder data
  • Regularly test security systems and processes

Maintain and information security policy:

  • Maintain a policy that addresses information security protocol for all personnel

Any retailer found to be non-compliant may face substantive financial penalties, regardless of whether or not a breach has occurred. Typically, fines for non-compliance are levied based on the size of the retailer, but in some cases, a credit card provider reserves the right to expel a retailer from its program, thus effectively cutting off acceptance of that vendor’s credit card. Therefore, it is critical that a retailer maintain PCI DSS compliance.

One way to protect yourself and your distributed retail environment is with a UTM system (preferably from WatchGuard). UTM systems provide unparalleled firewall protection to control data traffic in and out of a distributed network. Additionally, UTM systems protect against unauthorized access from the Internet and include integrated IPS to prevent hackers from gaining access to internal resources.

Specifically designed for distributed retail environments, our RapidDeploy solution is a unique cloud-based configuration utility that enables uniform, rapid deployment of UTM security appliances across a distributed environment. This eliminates the need for IT professionals to pre-configure devices or travel to deployment sites for installation, which significantly reduces total cost of ownership, while also reducing the risk of UTM misconfiguration.

UTMs also offer gateway antivirus protection, and with a security subscription it’s updated automatically and seamlessly. And at WatchGuard, our UTM security supports extensive policy controls. This way, distributed retailers can maintain and enforce uniform policies across a variety of geographic locations. With our LiveSecurity service, your UTM security solution provides best practices and related security updates for retailers to ensure they are up to speed on the latest security developments.

Today’s distributed retail environment architecture is one of the most challenging IT environments, rivaling that of banks and financial institutions. While the distributed retail environment offers substantive business advantages, such as increased sales, improved customer loyalty, and operational efficiencies, it also poses significant challenges. With a smart UTM in place, you can spend more time generating sales, and less time worrying about PCI DSS compliance.

5 BYOD Device Management Strategies for Securing Your Network

In our last blog post – 4 IT Risks and Challenges with BYOD Device Management – we highlighted some things that IT needs to be aware of when it comes to maintaining control of network security in a BYOD environment. We closed with the fact that IT must face the reality that BYOD is here and they need to enforce a BYOD strategy as part of their service to the organization. So what can you do, and where should you start?

Here are 5 BYOD device management strategies you can use to secure your corporate network and prevent data loss:

  1. Create a policy. In an effort to make BYOD as simple as possible to manage, create a broad list of acceptable devices that can access your corporate network. The policy should also clearly outline which devices and operating systems the company will and will not support. In this way, your employees know what they will ultimately be responsible for.
  2. Get insights before making decisions. One of the biggest mistakes we see in creating a BYOD strategy is the failure to know what employees are doing on the network. Take a benchmark snapshot via firewall logs and reports, so you can gain insight as to what devices are actually connected to the network, and perhaps more importantly, what applications are being used.
  3. Manage passwords more effectively. Password management is something that most organizations do not do a good job with (read one of our previous blogs – We May Know Your Password). User generated passwords are traditionally weak, compromising network security. Make sure that any passwords used on mobile devices in the office environment follow the same rigor as required for office-owned technology.
  4. Understand your own compliance needs. Is your organization subject to regulatory controls, such as HIPAA or PCI DSS? If so, be sure that damage controls are in place so that if an employee loses a smartphone or tablet, it can be wiped to avoid data loss.
  5. Limit access via VPN technologies. For businesses that require higher degrees of protection, you may want to limit access controls to devices that support some level of VPN connectivity. This way a secure connection is required to access corporate data, regardless of where a consumer device is used.

With the future of computing swaying more and more toward mobile, you’ll face an uphill battle against BYOD adoption, so embrace it. But remember that communicating your BYOD policy, and updating it as needed, is critical.

For more information on BYOD device management and mobile device security solutions, check out our recent whitepaper – BYOD: Bring Your Own Device – or Bring Your Own Danger? You’ll also find 5 more strategies for managing BYOD effectively in your organization.

4 IT Risks and Challenges with BYOD Device Management

Make no mistake about it – BYOD is here to stay. A 2011 IDC survey stated that 40 percent of devices used to access business applications are consumer-owned, up 30 percent from 2010 while Gartner published a report that by 2014, 80 percent of professionals will use at least two personal devices to access corporate systems and data. So BYOD is the new workplace reality. In the end, there are multiple reasons – from cost reductions to increased employee efficiencies – that support corporate adoption. IT must, however, take into account the risks and challenges associated with BYOD device management.

In many ways, BYOD started at the top. Senior executives who wanted to work from home and abroad were among the first to demand that IT enable access to corporate resources from their personal devices. Because these C-level exceptions were relatively infrequent, IT could manage risks associated with the requests.

The trickle down from this exception quickly escalated, and many organizations have been caught off guard without a BYOD policy in place. And, because consumer devices are so diverse in capability, form factor and function, IT departments can be frustrated with efforts to develop a scalable and manageable plan on how to allow or deny specific consumer devices into the organization.

Unquestionably, BYOD challenges long-standing IT controls to minimize and mitigate risk. And, as businesses explore how to adopt BYOD, the risks associated with it must be examined. Here are 4 risks and challenges inherent in BYOD device management.

1. Data loss. Data loss can vary, and the consequences can be extreme. For example, a recent study by the  onemon Institute estimated that a data breach could cost a company about $200 per compromised record, based upon a variety of factors including the cost of lost business because of an incident; legal fees; disclosure expenses related to customer contact and public response; consulting help; and remediation expenses, such as new security technology and training. Additional costs can also hamper the bottom line… as an example, a retailer that experiences a data breach may have to pay for credit monitoring services for customers, payment of legal settlements, and PCI DSS information controls for up to 5 years.

2. Viruses entering the corporate network via consumer devices as well as intrusion attacks. Granted, the industry is at a nascent stage of targeted intrusion attacks via mobile devices, but the expectation is that hackers will be able to break out of device browser “sandboxes” and get access to other device functions. This could easily lead to directory harvest attacks or new types of BYOD-driven botnets.

We think Man-in-the-Browser (MitB) attacks will escalate. Traditional malware tends to infect the OS – typically, as an executable program that modifies various boot parameters so it runs every time a computing device is turned on. In contrast, MitB or browser zombies, arrive as malicious browser extensions, plugins, helper objects, or pieces of JavaScript. They do not infect the whole system; instead they take complete control of a device browser and run whenever the user surfs the web.

3. Policy enforcement. With so many devices available to the consumer, IT departments are simply ill equipped to create device-by-device BYOD device management policies. Due to the wide range of devices, it is critical for IT to be able to identify each device connecting to the corporate network, and be able to authenticate both the device and person using it.

4. Insufficient insight into what’s happening in their network. Without being able to see what is going on in the corporate network, IT is hindered in its ability to protect business and information assets. That lack of insight (both in terms of logging and reporting) supports the adage that “you can’t protect what you don’t know.”

There are a myriad of challenges that IT faces in order to deal with BYOD device management. Some of these are risk-management challenges; others are empowerment and usage challenges. Nonetheless, IT must expect to adopt and enforce a BYOD strategy as part of its services to the organization.

Three (Network Security) Roadblocks to Achieving Retail Success

roadblockAs we coast into the Nation Retail Federation’s (NRF) big annual show in New York City next week businesses of all types face the daunting task of securing their business network from outside threats. Perhaps it’s fitting that online retailers in particular are concerned with the growing number of advanced persistent threats that are poised to make 2013 a potentially busy year in data loss prevention.

So with the NRF just around the corner, here are three network security roadblocks that threaten the success of online retail organizations of all types:

      1. Giving all employees access to the same websites and applications. While it might seem like the fair, and certainly easy, thing to do is to allow all employees at all levels access to the Internet carte blanche, it can expose your company network to unnecessary risk. Part of IT security’s job is to balance the threat management with risk management, and this means determining which employees need access to what in order to effectively and efficiently do their job. Interview employees and departments and set up policies that allow you to manage Internet and application access control.
      2. Only focusing on ingress and not egress. Monitoring inbound Internet traffic is certainly critical for data security protection, but with drive-by downloads and increased redirection capabilities hackers can easily manipulate your outbound traffic to gain network access. We recommend road blocking your business to all outbound traffic as a starting point. Then add back in ports 443 and 80 so you have some web based capabilities and then add back DNS traffic so you have some name resolution. While not an easy thing to do, tools like our ReputationAuthority – part of our XTM network security solution – can make this task easier to manage.
      3. Not updating security to account for server virtualization. Virtualizing your IT infrastructure can be a great thing; it saves time in provisioning, saves money in hardware requirements and cooling, and provides IT scalability. But as Neil MacDonald at Gartner says, “Unless you put virtualized security controls – virtual sniffers, virtual firewalls, all the same controls you’d use on a physical server – inside that network, you don’t see what’s going on.” In fact, 84 percent of our customers are proceeding slower than they’d like into virtualization simply because of the security concern. Make sure you consider virtualization security solutions as part of your overall network security plan.

There are many other roadblocks that can hinder growth and expose data, and we’ll certainly be blogging about them in the days and weeks ahead, but these three are certainly important and worth consideration. For online retailers, customer data security is the foundation for success.

If you’re at the NRF Show in New York, swing by booth # 1681 and say hello. We’d love to see you!

A UTM Appliance Might be Your Network Security Muscle in 2013

In our last blog – What is UTM Security and is it Right for my Business? – we outlined the importance of a UTM appliance in combating today’s advanced persistent threats (APTs). Well since that blog went live, our own Corey Nachreiner, published a press release that revealed his top security predictions for 2013.

At the tail-end of a busy year for network security workers, Corey had this to say about 2013…

This is a year (2013) where the security stakes reach new heights, attacks become more frequent and unfortunately more damaging as many organizations suffer attacks before taking measures to protect themselves from the bad guys.

 Read the release for more detail, but here’s what he thinks might be in store for 2013:

    • A cyber-attack results in a human death
    • Malware enters the matrix through a virtual door
    • It’s the browser – not your system – that malware is targeting
    • The idea of ‘striking back’ gets a lot of lip-service, but does little good
    • We’ll pay for our lack of IPv6 expertise
    • Android pick-pockets try to empty mobile wallets
    • An exploit sold on the ‘vulnerability market’ becomes the next APT
    • Important cyber security-related legislation finally becomes law

If attacks such as these happen in 2013 as Corey predicts, then losses stemming from them will ultimately continue to rise and take their toll on not only small businesses, but enterprises as well.  Organizations that are serious about network security – protecting data, intellectual property (IP), and their reputation – are increasingly demanding best-in-class, multilayered solutions. These solutions centralize security controls in a single device, improving the IT organization’s control and simplifying management of network security.

Be sure to have the latest network security solutions in place as you head into 2013. These predictions are scary!

What is UTM Security and is it Right for my Business?

UTM is simply an abbreviation for Unified Threat Management, and it’s a core offering of ours for our SMB and Enterprise customers. UTM security is the evolution of the traditional firewall into an all-encompassing network security solution able to perform multiple functions within one single appliance:

  • Network firewalling
  • Network intrusion prevention and gateway antivirus
  • Gateway anti-spam
  • VPN
  • Application Control
  • Content filtering
  • Reporting

So why is UTM security so important these days? Any technology publication, on any given day, highlights security breaches that affect businesses in significant ways. Network downtime… can cripple any business from small to large. In fact, the security challenges are only getting more complex and challenging. Just recently, CIO.com highlighted research from Georgia Tech Information Security Center that forecasted some of the biggest security challenges awaiting businesses in 2013. A comprehensive UTM security solution can play a role in thwarting these threats.

Add to this, advanced persistent threats (APTs) are becoming increasingly sophisticated, and the need for comprehensive network security solutions is evident. Our own Cory Nachreiner recently blogged on just this topic, but to summarize…

  • Advanced – APTs use the most advanced malware and attack techniques available. By the nature of the name, they often leverage techniques such as encrypted communication channels, kernel-level rootkits, and sophisticated evasion capabilities to get past a network’s defenses. More importantly, they often leverage zero-day vulnerabilities – flaws which software vendors haven’t yet discovered or fixed – to gain access to our systems. In short, APTs are Q-level, James Bond malware.
  • Persistent – This malware is designed to stick around. It carefully hides its communications, using techniques like stenography. It “lives” in a victim’s network for as long as possible, often cleaning up after itself (deleting logs, using strong encryption, and only reporting back to its controller in small, obfuscated bursts of communication).
  • Threat– APTs are extremely blended threats, much like botnets, and very targeted. APT attackers are groups of highly skilled, motivated, and financially-backed attackers with very specific targets and goals in mind. Typically, the often nation-state sponsored attackers have targeted Fortune 500 companies, government-related infrastructure, or the industrial sector – and we anticipate this broadening to organizations of all sizes.

So… what to do? While no single network security solution can ‘solve’ threats  across the board, a single UTM security appliance simplifies management of a company’s network security strategy, with just one device taking the place of multiple layers of hardware and software.

Some key advantages (beyond the obvious) of UTM security that can translate into almost any organization…

  1. Reduced complexity with a single network security solution; only one vendor to manage
  2. Simplicity by avoiding multiple software installations and their subsequent maintenance
  3. Easy management inherent in plug and play architecture
  4. Reduced technical training requirements
  5. Regulatory compliance

As network security threats become more sophisticated, and APTs continue to become prevalent, protect your SMB or enterprise with a UTM security solution. It’s a key part of a comprehensive, holistic security solution.

Four Questions to Ask When Evaluating Network Security Solutions

The growth in IP networks and proliferation of new applications, devices, and web technologies in the workplace creates more potential vulnerabilities for IT networks. As we trend toward additional applications running in the cloud, even more network traffic will pass beyond the trusted LAN and outside your firewall solution. Assault vectors shift, and new threats spring up hourly from spyware, spam, viruses, Trojans, web exploits, and blended threats.

Organizations that are serious about network security solutions – protecting data, intellectual property (IP), and their reputation – are increasingly demanding best-in-class, multilayered solutions. These solutions centralize security controls in a single device, improving the IT organization’s control and simplifying management of network security.

With network growth showing no signs of abating, organizations need a network security device that has the capacity to drive security and inspection activities quickly and reliably. Many multilayer network security solutions share similar feature lists, but not all of them can be considered best-in-class.

The following are four key questions an organization should ask as it evaluates any multilayer network security solution:

  1. How robust is each layer? Ask questions about the size of the database, the richness of features, accuracy and detection rates, and speed of scanning. When we developed the WatchGuard XTM, we incorporated the top-performing specialized security services from proven industry leaders. These components dynamically detect, block, and report on malicious traffic while efficiently allowing benign traffic to pass through. In addition, the proxies in our WatchGuard XTM appliances protect organizations from new, previously unrecognized, zero-day threats.
  2. How much experience and independent recognition does the company have? Generally, the longer a security company has been in business and the more accolades it has received, the more robust and highly developed the security service. We worked with a collection of industry-best providers that are prime movers in their respective fields of specialty; continually receive multiple industry accolades and awards; and have been proven to be best-in-class through tests that WatchGuard and independent, third-party testers have conducted.
  3. How flexible is the solution? Does the network security solution require hardware replacement to add new security functionality? Some solutions require customers to periodically upgrade hardware or insert special cards to gain new capabilities. In contrast, if we release a new security service, customers can add it with just a license key upgrade and gain a whole new layer of security without having to replace the hardware. Time is something you don’t necessarily have when faced with network security threats.
  4. How easy is the solution to manage? Ask for a demonstration of the network security user interface. A few competitors use partners for one or more security services, but do not extend the UI to the network security services. The result is one interface for managing the appliance and a different interface for security services.

Today’s briskly evolving multi-faceted threat landscape means having a simple packet-filtering firewall isn’t enough. Organizations are increasingly demanding a multilayered approach to network security services—one in which various security layers and services work cooperatively to dynamically detect, block, and report on malicious traffic while passing benign traffic through as efficiently as possible.

Network security threats aren’t going to go away; in fact they’re only going to get more numerous and complicated, so be sure to ask the right questions before selecting a security solution.

The Dirty Secret of Security Breaches

In our last blog – Network Security with Virtualization Best Practices – we promoted Cory Nachreiner’s upcoming session at the Gartner Symposium ITxpo in Orlando at the end of this month. We’d be remiss if we didn’t also share Dave Taylor’s session at the same show – The Dirty Secret of Security Breaches. That session is on October 23rd at 7pm.

Is the biggest security risk today Advanced Persistent Threats? Data leakage? No. Experts maintain that 95% of security breaches are due to firewall misconfiguration. Dave’s session will show you how easy it is to use advances in manageability and usability to put pinpoint control in the palm of your hand with our Next-Generation Firewalls.

Think security breaches can’t happen to you? Are you willing to take that risk? Before you answer, here are the largest data security breaches this century (we’re only 12 years in) that may change your mind, and while not all of them are related to a misconfigured firewall, they will open your eyes:

  1. Heartland Payment Systems in March of 2008 – 134 million credit cards exposed
  2. TJX Companies in December 2006 – 94 million credit cards exposed
  3. Epsilon in March 2011 – exposed names and emails of millions of customers
  4. RSA Security in March 2011 – up to 40 million employee records stolen
  5. Department of Veterans Affairs in May of 2006 – stolen database containing Social Security numbers and contact information for over 26 million veterans

If you have a Next-Generation Firewall, chances are there’s something of value behind it you need to protect. We hope to see you at Dave’s session to learn more about the right way to configure your network security appliance.