Firewalls - IT Library : ZDNet Asia

White Papers

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Tuning Cisco IOS Firewall Denial-of-Service Protection 2006-10-01 Cisco Systems

Prior to Cisco IOS Software Release 12.4(11)T, Cisco IOS Firewall provided Denial-of-Service (DoS) attack protection as a default when either Classic or Zone-Based Policy Firewall was applied. Cisco IOS Software Release 12.4(11)T modified the default DoS settings so protection is effectively disabled, but the connection activity counters are still active. This paper provides procedures to tune Cisco IOS Firewall DoS protection values for both Classic and Zone-Based Cisco IOS Firewall. Cisco IOS Firewall maintains counters of the number of "Half-open" TCP connections, as well as the total connection rate through the firewall and intrusion prevention software, in both Classic Firewall (ip inspect) and Zone-Based Policy Firewall.

Tags: Denial of Service, Security Tools

Streamline to Success: The Real Mid-Market Experience: Banking 2006-09-26 01:00:16 IBM

Community financial institutions, including retail and commercial banks, savings & loans, and credit unions, along with larger institutions and other commercial enterprises, continue to face increasing information security threats. Compounding these threats is an ever increasing regulatory burden and focus from initiatives like Sarbanes-Oxley, Gramm-Leach-Bliley, U.S. Patriot Act, PCI, etc. However, IBM is helping community financial institutions proactively defend against and respond to these various threats.

Enterprise Application Archiving 2006-09-21 01:00:14 EMC

The ability to apply consistent policies for retention and rights management across all types of enterprise applications is key to mitigating risk and meeting compliance requirements. In this webcast, EMC shows how their archiving products automate content retention and disposition while ensuring disposal after the retention period expires - even if the content is outside the protection of the corporate firewall.

Signet Chemical Safeguards IT Infrastructure, Improves Communication and Collaboration 2006-09-20 01:00:17 Microsoft

Signet Chemical Corporation, a Mumbai-based chemical trading company provides specialty chemicals to companies in the pharmaceutical, personal care, and food processing industries, among others. Its employees used to be cut off from e-mail during travel, which would delay responses to customers or suppliers. The company upgraded from its existing e-mail solution to Microsoft Exchange 2000 Server. To create a secure IT infrastructure, it chose Microsoft Windows Small Business Server 2003, which integrates with Microsoft Internet Security and Acceleration Server 2000 as a proxy server and firewall. Today, Signet's employees can securely access their e-mail from anywhere at anytime, improving communication and collaboration with partners, customers, and colleagues.

Improving Vulnerability Management with Penetration Testing 2006-10-04 09:41:27 Core Security

Vulnerability management consists of a combination of technologies and processes that can be used to improve an organization's security posture and to support regulatory compliance initiatives. Security managers commonly use vulnerability assessments to determine the security state of their IT systems. However, changing processes and technologies present a challenge to vulnerability assessment tools, as they can go only so far in detecting potential attack paths. In addition, changes in technology and business processes are reducing vulnerability assessment effectiveness even further.

According to Gartner*, deeper penetration testing is now needed to augment existing vulnerability management processes, especially in light of the rising level of targeted attacks.

During this on-demand Webcast, you'll hear from:

John Pescatore, from featured analyst firm Gartner, who discusses the overall state of security, including recent attack trends

Alan Paller of the SANS Institute, who provides insights on how penetration testing can be used to mitigate the impact of these trends

Alan Paller also interviews A. Eben Berry, Director of Network and Security Infrastructure from BlueCross BlueShield of Massachusetts, about why repeatable testing of security defenses is a high priority for his organization.

*Penetration Testing Augments Vulnerability Management to Deal with Changing Threats; John Pescatore, Amrit Williams, Mark Nicolette, Paul Proctor and Kelly Cavanaugh; January, 2006.

WS-SecurityPolicy Decision and Enforcement for Web Service Firewalls 2006-09-10 Christian-Albrechts-Universitat zu Kiel

A known weakness of Web Services is their vulnerability to Denial of Service attacks exploiting XML processing characteristics. To protect Web Services from these attacks, extended validation of SOAP messages - considering WS-Security and WS-securityPolicy - is made. For SOAP security is message oriented, the processing of the security content itself is vulnerable to Denial of Service attacks. Hence, it is necessary to combine WS-Security processing and DoS protection. This paper presents the solution for WS-SecurityPolicybased policy decision within Web Service Firewalls. For this, a technical description and an algorithm is given addressing major parts of policy decision, as well as a proposal for enhancing message signature identification. Further, the paper argues for advancing protection of Web Services by improved policy enforcement.

Tags: Network Security, Security Tools

ING DIRECT Banks on Sprint to Deliver Continuously Reliable, Secure Service 2006-09-09 01:00:12 Sprint

This case study discusses how Sprint, powered by Cisco Systems, provides a secure and reliable solution for Wide Area Networking for INC Direct Bank, which primarily does business over the Internet and remotely over the phone in a 24x7 mode. Any service outages severely affect ING Bank's business model, so their requirement was to find a highly responsive and trusted partner with a network that was IP based, isolated from the public Internet, and highly reliable but would provide business continuity in case of natural disasters or external events affecting the network. With Sprint, ING Bank found a consultant and partner with a private IP network that provides the high level of responsiveness, integrity, and security they required. Also Sprint provided value-added managed security services at affordable cost, which allowed them to keep their own operational costs low--and pass savings on to their customers.

Sprint MPLS VPN, Cisco Avvid/IP Contact Center Offer an Integrated Solution for MTM 2006-09-09 01:00:12 Sprint

Medical Transportation Management (MTM) provides non-emergency transportation services for state and local governments and private healthcare through a network of 350 partners--serving 12 million recipients annually in 12 states. MTM needed an integrated voice and data networking solution, so by partnering with Sprint and Cisco, used Sprint Global MPLS VPN, powered by Cisco Systems, as a wide area networking solution to tie five U.S. call centers and patients together. In doing so, it achieved a customer satisfaction rate of 98 percent, while dramatically decreasing costs. This is a fully integrated solution for MTM, leading to putting their voice and data on a single network.

Secure Wireless LAN Solution: Microsoft's Authentication Infrastructure With Aruba Networks' Mobile Edge 2006-09-08 01:00:28 Microsoft

Deploying an enterprise-class secure wireless LAN with industry-leading security can be overwhelming - but it doesn't have to be. This webcast explains how to deploy a secure wireless LAN end-to-end by watching the experts configure the user interface step-by-step. The power of this solution will be demonstrated as the experts enable the most common wireless LAN access scenarios through flexible access policies in both the Windows Server 2003 Internet Authentication Service (IAS) and the stateful firewall in the Aruba Networks' Mobility Controller. The webcast will show how to configure secure, role-based access for trusted employees and short-term contractors using company-managed PCs and a guest using their personal PC.

TechNet Webcast: Securing External Access to Network Resources With ISA Server 2006 Firewall and Proxy Services (Level 200) 2006-09-08 01:00:28 Microsoft

This webcast describes how to use the firewall and proxy services in Microsoft Internet Security and Acceleration (ISA) Server 2006 to allow secure connectivity to internal resources from external clients, such as roaming users. The webcast also explore the centralized monitoring features in ISA Server 2006, and recommend ways to mitigate the risks from denial of service attacks.

Jump to 11 12 [13] 14 15 16 17 18 19 20

Title	Date Added	Company
Tuning Cisco IOS Firewall Denial-of-Service Protection	2006-10-01	Cisco Systems
Prior to Cisco IOS Software Release 12.4(11)T, Cisco IOS Firewall provided Denial-of-Service (DoS) attack protection as a default when either Classic or Zone-Based Policy Firewall was applied. Cisco IOS Software Release 12.4(11)T modified the default DoS settings so protection is effectively disabled, but the connection activity counters are still active. This paper provides procedures to tune Cisco IOS Firewall DoS protection values for both Classic and Zone-Based Cisco IOS Firewall. Cisco IOS Firewall maintains counters of the number of "Half-open" TCP connections, as well as the total connection rate through the firewall and intrusion prevention software, in both Classic Firewall (ip inspect) and Zone-Based Policy Firewall. Tags: Denial of Service, Security Tools
Streamline to Success: The Real Mid-Market Experience: Banking	2006-09-26 01:00:16	IBM
Community financial institutions, including retail and commercial banks, savings & loans, and credit unions, along with larger institutions and other commercial enterprises, continue to face increasing information security threats. Compounding these threats is an ever increasing regulatory burden and focus from initiatives like Sarbanes-Oxley, Gramm-Leach-Bliley, U.S. Patriot Act, PCI, etc. However, IBM is helping community financial institutions proactively defend against and respond to these various threats.
Enterprise Application Archiving	2006-09-21 01:00:14	EMC
The ability to apply consistent policies for retention and rights management across all types of enterprise applications is key to mitigating risk and meeting compliance requirements. In this webcast, EMC shows how their archiving products automate content retention and disposition while ensuring disposal after the retention period expires - even if the content is outside the protection of the corporate firewall.
Signet Chemical Safeguards IT Infrastructure, Improves Communication and Collaboration	2006-09-20 01:00:17	Microsoft
Signet Chemical Corporation, a Mumbai-based chemical trading company provides specialty chemicals to companies in the pharmaceutical, personal care, and food processing industries, among others. Its employees used to be cut off from e-mail during travel, which would delay responses to customers or suppliers. The company upgraded from its existing e-mail solution to Microsoft Exchange 2000 Server. To create a secure IT infrastructure, it chose Microsoft Windows Small Business Server 2003, which integrates with Microsoft Internet Security and Acceleration Server 2000 as a proxy server and firewall. Today, Signet's employees can securely access their e-mail from anywhere at anytime, improving communication and collaboration with partners, customers, and colleagues.
Improving Vulnerability Management with Penetration Testing	2006-10-04 09:41:27	Core Security
Vulnerability management consists of a combination of technologies and processes that can be used to improve an organization's security posture and to support regulatory compliance initiatives. Security managers commonly use vulnerability assessments to determine the security state of their IT systems. However, changing processes and technologies present a challenge to vulnerability assessment tools, as they can go only so far in detecting potential attack paths. In addition, changes in technology and business processes are reducing vulnerability assessment effectiveness even further. According to Gartner, deeper penetration testing is now needed to augment existing vulnerability management processes, especially in light of the rising level of targeted attacks. During this on-demand Webcast, you'll hear from: John Pescatore, from featured analyst firm Gartner, who discusses the overall state of security, including recent attack trends Alan Paller of the SANS Institute, who provides insights on how penetration testing can be used to mitigate the impact of these trends Alan Paller also interviews A. Eben Berry, Director of Network and Security Infrastructure from BlueCross BlueShield of Massachusetts, about why repeatable testing of security defenses is a high priority for his organization. Penetration Testing Augments Vulnerability Management to Deal with Changing Threats; John Pescatore, Amrit Williams, Mark Nicolette, Paul Proctor and Kelly Cavanaugh; January, 2006.
WS-SecurityPolicy Decision and Enforcement for Web Service Firewalls	2006-09-10	Christian-Albrechts-Universitat zu Kiel
A known weakness of Web Services is their vulnerability to Denial of Service attacks exploiting XML processing characteristics. To protect Web Services from these attacks, extended validation of SOAP messages - considering WS-Security and WS-securityPolicy - is made. For SOAP security is message oriented, the processing of the security content itself is vulnerable to Denial of Service attacks. Hence, it is necessary to combine WS-Security processing and DoS protection. This paper presents the solution for WS-SecurityPolicybased policy decision within Web Service Firewalls. For this, a technical description and an algorithm is given addressing major parts of policy decision, as well as a proposal for enhancing message signature identification. Further, the paper argues for advancing protection of Web Services by improved policy enforcement. Tags: Network Security, Security Tools
ING DIRECT Banks on Sprint to Deliver Continuously Reliable, Secure Service	2006-09-09 01:00:12	Sprint
This case study discusses how Sprint, powered by Cisco Systems, provides a secure and reliable solution for Wide Area Networking for INC Direct Bank, which primarily does business over the Internet and remotely over the phone in a 24x7 mode. Any service outages severely affect ING Bank's business model, so their requirement was to find a highly responsive and trusted partner with a network that was IP based, isolated from the public Internet, and highly reliable but would provide business continuity in case of natural disasters or external events affecting the network. With Sprint, ING Bank found a consultant and partner with a private IP network that provides the high level of responsiveness, integrity, and security they required. Also Sprint provided value-added managed security services at affordable cost, which allowed them to keep their own operational costs low--and pass savings on to their customers.
Sprint MPLS VPN, Cisco Avvid/IP Contact Center Offer an Integrated Solution for MTM	2006-09-09 01:00:12	Sprint
Medical Transportation Management (MTM) provides non-emergency transportation services for state and local governments and private healthcare through a network of 350 partners--serving 12 million recipients annually in 12 states. MTM needed an integrated voice and data networking solution, so by partnering with Sprint and Cisco, used Sprint Global MPLS VPN, powered by Cisco Systems, as a wide area networking solution to tie five U.S. call centers and patients together. In doing so, it achieved a customer satisfaction rate of 98 percent, while dramatically decreasing costs. This is a fully integrated solution for MTM, leading to putting their voice and data on a single network.
Secure Wireless LAN Solution: Microsoft's Authentication Infrastructure With Aruba Networks' Mobile Edge	2006-09-08 01:00:28	Microsoft
Deploying an enterprise-class secure wireless LAN with industry-leading security can be overwhelming - but it doesn't have to be. This webcast explains how to deploy a secure wireless LAN end-to-end by watching the experts configure the user interface step-by-step. The power of this solution will be demonstrated as the experts enable the most common wireless LAN access scenarios through flexible access policies in both the Windows Server 2003 Internet Authentication Service (IAS) and the stateful firewall in the Aruba Networks' Mobility Controller. The webcast will show how to configure secure, role-based access for trusted employees and short-term contractors using company-managed PCs and a guest using their personal PC.
TechNet Webcast: Securing External Access to Network Resources With ISA Server 2006 Firewall and Proxy Services (Level 200)	2006-09-08 01:00:28	Microsoft
This webcast describes how to use the firewall and proxy services in Microsoft Internet Security and Acceleration (ISA) Server 2006 to allow secure connectivity to internal resources from external clients, such as roaming users. The webcast also explore the centralized monitoring features in ISA Server 2006, and recommend ways to mitigate the risks from denial of service attacks.

Security

Featured Whitepapers

Member Login

10 million IT Folks can't be wrong with their server choice.

Oracle Technology Solutions for Midsize Businesses

Country Report: India