800-810-1885
Home > Blog > Archives for Les Jones

Author Archives: Les Jones

Free Gartner Group Reports: SSL VPN

By Les Jones | Published: September 14, 2011

Gartner Group Magic Quadrant for SSL VPNs December 16, 2010

Once again, Juniper’s Secure Access is Gartner’s top pick for SSL VPN bar none.

  • Juniper Networks acquired NetScreen Technologies in 2004 and quickly realized that one of the most promising assets was the Neoteris SSL VPN. Juniper has maintained the product vision, execution and overall momentum so effectively that it has held a Magic Quadrant leadership position continuously since the acquisition. Juniper competes on the basis of universal access, broad client platform support and comprehensive infrastructure. The Secure Access SSL VPN hardware product line can scale to hundreds of thousands of users. A virtual appliance is also available.
  • More than 17 major global service providers, including carriers and application service brokers, are offering Juniper-powered VPNs.
  • Juniper is the No. 1 competitive threat cited by peer vendors in the SSL VPN market. This assessment has persisted for a number of years. Juniper sells in all geographies for all use cases, and two strong buyer preferences to use SSL as a total replacement for IPsec and for extranet/contractor access. The company appears on most shortlists discussed in Gartner client inquiries for midsize to large businesses and is entrenched in the Fortune 500 with a track record for large deployments.
  • Junos Pulse is the company’s new integrated network client tool and vision. Pulse was announced in October 2010, and is expected to pose a strong competitive advantage for Juniper SSL VPN sales. On smartphone and tablet platforms, Junos Pulse combines SSL VPN functionality with a complete Mobile Security Suite built from the Smobile acquisition. On desktop/laptop platforms, Junos Pulse makes it easy to blend SSL VPN with IPsec VPN and 802.1X NAC along with the benefits of Juniper’s on-demand security tools. Junos Pulse is a modular platform to facilitate integration of third-party security applications, and is available as a native app on iPhone and iPad, and supports iOS 4.2.

PREVIOUSLYFree Gartner Group Reports: Managed Security Service Providers

Posted in Network Security Products | Tagged , , , , | Leave a comment

Free Gartner Group Reports: Managed Security Service Providers

By Les Jones | Published: July 6, 2011

SecureWorks Managed Security ServicesGartner Group Magic Quadrant for MSSPs, North America November, 2010.

Sword & Shield is proud to be SecureWorks’ 2nd largest partner in North America. Call today to discover how SecureWorks Managed Security Services can reduce your security expenses and ease the burden on your security staff.

PREVIOUSLYFree Gartner Group Reports: Secure Web Gateways 2011

Posted in Network Security Products | Tagged | Leave a comment

Free Gartner Group Reports: Secure Web Gateways 2011

By Les Jones | Published: June 29, 2011

WebsenseGartner Group Magic Quadrant for Secure Web Gateways May 25, 2011. Websense ranked at the top of Magic Quadrant.

Websense offers a wide range of options in the SWG market, from basic URL filtering to software and appliance-based SWGs, and cloud-based offerings for e-mail and Web security. Websense also owns DLP technology, which is offers as a stand-alone solution and also as an embedded option as part of their Web Security Gateway (WSG) solution. Websense is a very good solution for most enterprise customers.

Sword & Shield is a long-time Websense partner. For more information about securing your employee’s Web browsing visit our Websense page at SecureHQ.com, Sword & Shield’s security product superstore.

PREVIOUSLYFree Gartner Group Reports: Security Information and Event Management (SIEM) 2011

Posted in Network Security Products | Tagged | Leave a comment

Free Gartner Group Reports: Security Information and Event Management (SIEM) 2011

By Les Jones | Published: June 1, 2011

Q1LabsMagic Quadrant for Security Information and Event Management May 12, 2011

SecureHQ.com, our products store, proudly carries Q1Labs, RSA Security, Symantec, TriGeo, and Tripwire SIEM and logging solutions.

PREVIOUSLYFree Gartner Group Reports: Endpoint Security and Mobile Data Protection

Posted in Network Security Products | Tagged , , , , , | Leave a comment

Video: Computer Incident Response

By Les Jones | Published: January 26, 2011

With cyber attacks and data breaches on the rise every year, many organizations are challenged when they must accurately detect and assess the security incidents.

In the video below, Sword & Shield Computer Forensics Director Bill Dean has some tips on recognizing a security incident and how to handle the incident upon detection. Sword & Shield is here to help you in both preparing and planning for handling security incidents, as well as being there for you during those critical times to properly handle security issues.

Computer Incident Response, by Bill Dean of Sword & Shield Enterprise Security

Topics covered in this video:

  • What is a computer security incident?
  • What is the process to handle a computer security incident?
  • The Standard Incident Response Lifecycle.
  • Preventing further intrusions.

By Bill Dean, Directory of Forensics and eDiscovery, Sword & Shield Enterprise Security. Certified Computer Examiner and member, International Society of Forensic Computer Examiners #581.

Posted in Computer Forensics, Videos | Leave a comment

Free Gartner Group Reports: Endpoint Security and Mobile Data Protection

By Les Jones | Published: January 17, 2011

Magic Quadrant for Endpoint Protection Platforms December 17, 2010

Magic Quadrant for Mobile Data Protection September 7, 2010

Gartner gave Check Point and Symantec high marks on both reports.

PREVIOUSLY Free Gartner Group Report: Unified Threat Management (UTM) October 22, 2010

Posted in Network Security Products | Tagged | Leave a comment

Job Opening: Senior Test Engineer

By Les Jones | Published: January 10, 2011

THIS POSITION HAS BEEN FILLED

POSITION DESCRIPTIONSend Resumes as a Word or PDF AttachmentPosition Title: Senior Test Engineer

Department: Test Lab

Classification: Exempt

SALARY RANGE: $70-90K DOE

POSITION PURPOSE

The successful candidate will have 10+ years of system engineering and administration experience, working with HP-UX, Linux, and other UNIX distributions, as well as 5+ years working as a test engineer developing and executing test scenarios. This position involves performing day-to-day operation of a federal research and development information technology laboratory. Specific activities will be divided between systems engineering tasks in the lab and test scenario development, execution and documentation.

You can enjoy a casual work environment while working with a close, family-oriented peer group of security professionals. Sword & Shield is a small privately-owned company with large government contracts and Fortune 1000 commercial accounts. If you enjoy hands-on interactive network security work…this is the place for you. Our work environment allows our security consultants the opportunity to showcase their skills and abilities and receive the credit they deserve as individuals.

ESSENTIAL FUNCTIONS AND BASIC DUTIES

Read More »

Posted in Hiring Notices | Leave a comment

Free Gartner Group Report: Unified Threat Management (UTM) October 22, 2010

By Les Jones | Published: November 15, 2010

Gartner has released the 2010 Magic Quadrant for Unified Threat Management, which they formerly termed SMB Multifunction Firewall.

UTM appliances are used by midsize businesses to meet required network security levels for Internet connectivity. For smaller businesses, those requirements are often drive by regulatory demands (such as the Payment Card Industry Data Security Standards), rather than any detailed security/risk analysis.

In the past, Gartner has called this market” SMB multifunction firewalls” and avoided using the term “unified threat management,” because threats are never really “managed,” and the protections within multifunction firewalls are rarely truly “unified.” However, the term “UTM” now has broad recognition in the market, requiring a change of title (although not focus). This market is also distinguished from the enterprise and branch-office firewall markets, which generally require more-complex network security features and show very different selection criteria.

Companies in the Leaders Quadrant include Fortinet, SonicWALL, Check Point, and WatchGuard, with Juniper, Astaro, and Cyberoam knocking on the door.

Download a copy here.

PREVIOUSLYFree Gartner Group Reports: Network Access Control (NAC), Enterprise LAN

Posted in Network Security Products | Tagged | 1 Comment

Judge Sentences Palin Email Hacker to Year and a Day

By Les Jones | Published: November 12, 2010

Knoxville News-SentinelJudge: Year, day for David Kernell at halfway house in Palin e-mail case:

KNOXVILLE – A federal judge today ordered a former University of Tennessee student who snooped through Sarah Palin’s private e-mail account in 2008 to serve a year and a day for his crime and recommended that his time be served at a Knoxville halfway house.

U.S. District Judge Thomas Phillips noted the sentence for David Kernell goes on the books as a term of imprisonment. He said the U.S. Bureau of Prisons could override his recommendation that Kernell spend his days over the next year at the Midway Rehabilitative Center on Magnolia Avenue.

Phillips said Kernell’s actions in 2008 merited some form of imprisonment not because his victim was a prominent political figure but because what he did threatened “the expectation of privacy that we all have.”

Posted in Security News | Leave a comment

No Script Kiddie Left Behind – Firesheep Makes Stealing Logins Over WiFi Easy

By Les Jones | Published: November 8, 2010

Firesheep by Erik SoHow easy? This easy.

Firesheep is a new Firefox plugin that makes it easy for you to hijack other people’s social network connections. Basically, Facebook authenticates clients with cookies. If someone is using a public WiFi connection, the cookies are sniffable. Firesheep uses wincap to capture and display the authentication information for accounts it sees, allowing you to hijack the connection.

Slides from the Toorcon talk.

Protect yourself by forcing the authentication to happen over TLS. Or stop logging in to Facebook from public networks.

Chris Wage from Nashville’s Centre Source posted a more technical description.

Robert Graham has some additional notes:

First of all, the plug-in “Force-TLS” does not protect you, as some have suggested. I proved this with Twitter, where I was able to sidejack the connection with both FireSheep and Hamster. I’m not sure what Force-TLS does, but it doesn’t force a connection to be TLS/SSL. I configured *.twitter.com (the domain and all subdomains), and the URL “http://twitter.com” still appeared in the address bar.

Second, FireSheep works only as well as the underlying packet-capture. On a Macintosh, the adapter can be fully promiscuous, capturing everybody’s traffic on the local access-point. On Windows, some adapters (like Broadcom) will see all the traffic, others (like Intel) will only see your own traffic (useful for watching which of your own websites can be sidejacked, but not useful for sidejacking others).

If you’re interested in experimenting with Firesheep, Phoneboy cautions that using it may be illegal, so the  usual legal precautions apply.

Age of the Script Kiddie

In the hacking world, there are elite hackers who write their own tools to exploit computer vulnerabilities. Then there are script kiddies – people who don’t really know how to hack anything, but who have enough technical skills to run various hacking programs that somebody else wrote and put into an easy-to-use package. If the Mac was the computer for the rest of us, then script kiddie software is hacking for the rest of us.

Firesheep is the latest step in the trend of kiddie-friendly hacking software. It brings the technical qualifications for being a script kiddie down to being able to install a Firefox browser plug-in. It’s No Script Kiddie Left Behind. Firesheep is already putting pressure on companies like Facebook whose Web sites are vulnerable to cookie session hijacking – Facebook Responds to Firesheep WiFi Security Controversy.

Posted in Security News, Social Media | Tagged , | 1 Comment
Site Meter