Don't Burn with multiple Firewalls!

Jul 03 2009 03:49:05 AM Posted By : Pooja Sengupta
Comments (0)

We've heard this one before, firewall management has always been a time consuming and manpower draining task.

Let's imagine a Strategy Role Playing Game (SRPG) where our network is our kingdom, expanding quickly and as we do, our defenses get harder to manage. A sentry at each gate on the line of defense requires large labor resource, this vital resource could have been utilized in crucial tasks, if we had more sophisticated security defenses. We also then require leaders to manage these sentries and ensure every gate has adequate security. Now with a vast kingdom consisting of numerous gates, managing sentries can be very difficult, with greater challenges when threatened with impending attack.

This is similar to how our IT networks are set up with large portions of our staff dedicated to monitoring our networks, managing firewall rule sets across multiple firewalls, sifting & analyzing firewall logs to determine intrusions.

As the Help Net Security article indicates, IDC's survey found that most IT managers / administrators found that they were unable to perform firewall rule sets gap analysis due to the large number of rules. Respondents also indicated that losses from data breaches were equivalent to more than 75 percent of their costs for operating firewall architecture.

Now, in our SRPG,  would we turn a blind eye to any spies entering our lines of defense? How would we determine if all our gates are adequately equipped, have all sentries reported for duty?

Like the wizard who will give you that extra special item which you unlocked after some hard hours at work, I give you ManageEngine's Firewall Analyzer. Just let Firewall Analyzer (FWA) do the sifting and analyzing of firewall logs. Don't get lost with those firewall rules, FWA lets you determine which rule sets are actually effective in protecting your network. Optimize your firewall architecture by analyzing the reports generated by FWA and meet compliance audit requirements.

Need to know who's trying to attack your network, need to watch over those who pass through your gates (firewall), setting up alerts like this will give you enough time to actually enjoy some SRPG. Of course, not while your working right!

Head over to www.fwanalyzer.com to download a free 30 Day Trial and defeat those firewall monsters.



Disclaimer: This author doesn't imply that playing SRPG at work is acceptable!   ;-)

 

Have you ever revealed the administrative password of an enterprise resource to your colleague? And do you strongly believe that your passwords remain secure even after telling others? If so, you must read this interesting survey done by SecurEnvoy.

The survey results reveal that 75% of UK employees have admitted that they have told at least two other colleagues their corporate passwords.

SecurEnvoy states that while workers are trusting of their colleagues, it may not be a great idea to share passwords so easily since it can compromise one’s entire work life.

The concern raised in the survey is well-founded. Enterprises - big and small, face security issues and outages quite often. After all, mis-management of administrative passwords lies at the root of all security issues.

It is always good to avoid sharing of administrative passwords. But, what if your business needs demand that you seletively share passwords with others and yet ensure high levels of security? Caught in a catch-22 situation, right?

But take heart, you have ManageEngine Password Manager Pro for your rescue. Using this Enterprise Password Management Solution, you can store thousands of administrative passwords in a centralized repository and selectively share the passwords with others. You can have the trail of 'who', 'what' and 'when' of password access. The passwords are shared, yet remain highly secure. Exactly what you want!

To know more, visit www.passwordmanagerpro.com

Bala

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ManageEngine Password Manager Pro
Enterprise Privileged Password Management Solution
Email: passwordmanagerpro-support@manageengine.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Its San FranCisco this time. If you are there and if you happen to be a 'networker', you are sure to attend Cisco Live. And if you fulfill all the conditions given in the previous line, you will definitely enjoy one stall. Stall no. 219. No points for guessing whose stall that will be!! That's where the IT Management gets 'booth'ed (due to lack of an equivalent word for 'personified'). Its the ManageEngine stall!

ManageEngine will be showcasing its IT Management suite of products. With a suite of close to 25 products, ManageEngine has extensive knowledge & experience in IT Management and when we say "We understand IT Management", we mean it!

If you are looking for powerful, cost-effective solution (I know its cliched but I'm being really honest!), Stall no. 219 is certainly the place to be!

There are some surprises there, of course! Drop in to IT Management.... I mean ManageEngine!

See you @ 219

Cheers

Joe

PDA Integration

Jun 22 2009 04:58:15 AM Posted By : nandini
Comments (0)

Dear Users,

In our release FacilitiesDesk 5.7 Release you came across the PDA integration feature in brief.

In this post you will get to know the value and benefit PDA or Handheld device integration offered in FacilitiesDesk 5.7 in detail

In general Facilities Management is a dynamic department in any concern. Let us assume a daily scenario in a company with big infrastrucutre facility.
 
Where, a Facility Management staff have to be physically present in the place of issue to fix it. Which means the Facility Services Staff is always on the move as and when a work request in raised.This is where integration with mobile client or a handheld device like Blackberry or an iPhone comes in handy.
 
In FacilitiesDesk the PDA integration function brings the following benefits for a Facilities Management Staff:
 

Requests raised through phone calls can now be instantly created from your hand-held device on entering details such as, requester name, request title and description.

  • View Request Details then and there
  • Assign requests to Supervisors instantly
  • Spontaneously add Resolution to a request
  • View/Edit Resolutions for a request
  • Add Worklog for a request
  • Add the time spent details for a request from your mobile device
  • Add Craft person Worklog
  • Add the time spend details of the craft person too from your hand held device

Below are some screenshots of FacilitiesDesk with PDA fuctionalities:


FacilitiesDesk  PDA LoginFaciltiesDesk PDA Work Request

FacilitiesDesk-Blackberry Dashboard

FacilitiesDesk-Blackberry Work RequestFacilitiesDesk-Blackberry Work Request Details

Hope the screenshots featured were helpful in getting  a fair idea on the working of the PDA functions in FacilitiesDesk.

Important links to have more information:

 

Happy Facilities Management!

Team FacilitiesDesk


Why ManageEngine?

Jun 19 2009 07:44:07 AM Posted By : karthi
Comments (0)

A Question can save your IT ... forever! 

ManageEngine Desktop Central - June Newsletter

Jun 18 2009 08:01:44 AM Posted By : ananthv
Comments (0)

 

ManageEngine Desktop Central

June Newsletter  



Greetings from ManageEngine Desktop Central

We are happy to announce the availability of latest hotfix to Desktop Central 6. Here's the complete list of enhancements & bug fixes of this hotfix:

Enhancements & Bug Fixes

Enhancements

  1. Install / uninstall silent switches of popular software now comes pre-filled
  2. Option to enable or disable specific USB Devices has been included.
  3. Reports have been enhanced with an option to trim the column values and by including additional columns.
  4. Inventory Management, Software Deployment, Patch Management, and Remote Control modules have been internationalized completely.
  5. Option to exclude specific patches from being scanned has been included.
  6. Reports view enhanced to include navigation links at the bottom of the table.
  7. Custom Reports enhanced to include additional columns in the criteria
  8. Performance enhancements done for getting the software and hardware inventory details from the managed computers.

Bug Fixes

  1. Issue in exporting the reports to PDF format has been fixed.
  2. Case Sensitivity disabled in Domain Filter of SoM.
  3. Case Sensitivity check removed in Custom Group in Define Target section of Configurations.
  4. Servlet Exception is fixed in SoM.
  5. Office update Installation issues have been fixed.
  6. Number Format Exception in Inventory Computer Details page has been fixed
  7. Issues related to memory management have been fixed.
  8. Issue in displaying the left panel showing the list of reports when clicking the Custom Report has been fixed.

You can download the hotfix and install as per the instructions provided there.

To download complete product, which includes these enhancements, visit our website.

Software Installation Silent Switches Comes Pre-Filled

Silent switches for installing or uninstalling some of the popular software now comes pre-filled when you add a software package. You would just need to all your installable in a shared location and select the application. The installation and uninstallation arguments will get automatically added.

USB Device Management Included

Desktop Central's Secure USB feature allows you to selectively limit the scope of USB device usage, either restricting, blocking or allowing full use, depending on the individual user. This helps you to secure your network against data theft. The restriction can be set both at the computer and user level, providing you a complete control.

Exclude Selective Patches

The Patch Management module has been enhanced to exclude selected patches from being scanned. You can either exclude all patches of an application or any specific patch from being scanned. When you exclude a patch, it will not be shown as a missing patch for any of the managed computers and will also be excluded from the vulnerability calculation, thus showing a perfect health status of your computers.

I18N: More Languages Supported

Desktop Central has now been localized for all the languages. It has been completely tested to support all languages in the following modules: Inventory Management, Software Deployment, Patch Management, and Remote Control.

What's Cooking?

The features in our roadmap that are currently under development include:

  • Enhanced distributed architecture: Computers in remote locations will contact a master agent in that location, which will communicate with the Desktop Central Server to process the requests. Details>>
  • Enhanced User Access Control: Admin users of Desktop Central will be able to delegate more fine-grained access to Technicians to access specific features/modules of the product.     Details>>

Drive the Development

Please tell us about your immediate needs on Windows Desktop Management. We shall prioritize our development activities based on your comments/feedback.

 
© 2009 ZOHO Corp. All rights reserved. ManageEngine is a trademark of ZOHO Corp.
All other company and product names may be trademark of the respective companies with which they are associated.
 

 

AUSTIN, TX--(Marketwire - June 16, 2009) - ManageEngine, makers of a globally renowned suite of cost effective network, systems, security and applications management software solutions, today announced an update to Desktop Central, the company's web-based Windows Desktop Management Software, with new features designed to control usage of USB devices on desktops across the enterprise.

With the enhanced Desktop Central application, administrators gain an even greater ability to manage desktop security and compliance. Now, from the same familiar Desktop Central management console, administrators may:

  • Enable/Disable specific USB devices, such as portable hard drives, CD- ROM, Bluetooth, etc.
  • Create and apply policies regarding USB access based on employee roles and departments.
  • Generate comprehensive reports on policies and the users and computers that are governed by them.

The new features announced today join an extensive list of existing Desktop Central capabilities designed to maintain company policies and create ever-more-secure networks. For example, Desktop Central allows administrators to generate vulnerability assessments for better patch management; set user-specific desktop policies, disabling the Add/Remove Programs options in the Control Panel, for example; configure firewall settings to prevent unauthorized access; control and manage file and registry permissions; manage local user and group permissions; control Windows services; and detect and remove unauthorized software.

"Before Desktop Central, we had little to no knowledge of our enterprise's security and compliance picture," said Neil Schroeder, Director of Technology, Sioux City Community Schools. "Now we have strong reporting and management functions. We are now in a position to spend much less time running around in the dark trying to individually take care of machines. We have moved from being totally reactive to proactive."

"With the increasing use of portable USB devices, enterprises are constantly under threat of data theft and are focusing on security and compliance as it relates to these devices," said Mathivanan Venkatachalam, Director of Product Management at ManageEngine. "Desktop Central's Secure USB feature allows administrators to selectively limit the scope of USB device usage, either restricting, blocking or allowing full use, depending on the individual user. This will surely be a step toward protecting sensitive corporate data and also reducing the risk from viruses and spyware."

Availability and Pricing

The updated Desktop Central software is available now for download directly from the ManageEngine website at www.desktopcentral.com. ManageEngine offers a 30-day evaluation license of the Professional Edition, with pricing starting at $995 for 100 systems. A permanent Free Edition is also available for small businesses.

About ManageEngine

ManageEngine is the leader in low-cost enterprise IT management software. The ManageEngine suite offers enterprise IT management solutions including Network Management, HelpDesk & ITIL, Bandwidth Monitoring, Application Management, Desktop Management, Security Management, Password Management, Active Directory reporting, and a Managed Services platform. ManageEngine products are easy to install, setup and use and offer extensive support, consultation, and training. More than 30,000 organizations from different verticals, industries, and sizes use ManageEngine to take care of their IT management needs cost effectively. ManageEngine is a division of ZOHO Corporation. For more information, please visit www.manageengine.com.

Media Contact:
Greg Wise
Weber Shandwick, for ManageEngine
512-794-4716
When small organizations grow into enterprises, they also grow their branches..Literally..Well, atleast as remote sites, branch offices and DR centers. With current scenario defining cost saving as a primary factor for growth, is it affordable to have IT staff at all the remote locations? Having IT staff form monitoring the traffic at DR centers and major branches is justified, but not at the sites having just a couple of switching and routing devices.

The best option that comes to the forefront is NetFlow. NetFlow technology has the ability to give highly granular reports and with almost all major vendors and a major series of devices supporting NetFlow or similar flow formats, there is no need to add additional hardware at extra cost which again leads to cost saving. All you need is a software that can collect the flow packets and generate the reports. Here again comes other questions. How can you collect flows from the devices in various branch offices spread globally? If you already have a NetFlow tool deployed, will it scale up to handle the thousands of interfaces and flow rate of 40,000 to 60,000 flows per second? Along with the need for monitoring remote locations with detailed reports, there are also needs for features that cater to specificities for branched networks like time zone based view. Can this be provided by the existing tool?

Now, even if your existing application can do all this, questions arise on the feasibility of sending a large volume of data over valuable Internet links. The priority is always to save the available Internet bandwidth for business critical applications. To make the monitoring easier, enterprises even try deploying different instances of the same tool at the branches. But this does not help. The job of logging to separate installations to check the status of multiples links, generating reports for each interfaces which then have to be consolidated and etc is a daunting task.

In such a scenario NetFlow Analyzer Enterprise edition with its distributed flow collector and central server is the best suitable solution. The Enterprise edition of NetFlow Analyzer has flow collectors which can be deployed at various branches or geographic locations. The devices at the branches or a site can send flows to the collectors. The collectors will then collect the flows, compress them and then send it over HTTPS (Yes! Security for valuable data) to the central server.

The central server is from where all the reporting and analysis takes place. The central server collects data from the collectors, process them and stores it to the database from where reports are generated. You get real time visibility into the usage statistics about various links from globally spread branches in a single console.


Distributed architecture

The distributed flow collection and reporting engine gives the Enterprise edition capability to monitor up to 20,000 interfaces and flow rate in the range of even 60,000 flows per second. This rules out scalability and performance related issues that might have other wise come up with a integrated application trying to handle a large number of interfaces and high flow rate. The features available in this edition are also exactly what a distributed setup needs.

Tree view for devices helps group devices based on their locations (or your preferred criteria) for easier selection by users. This way, users do not have to search through the complete list of devices to find the one for which bandwidth metrics are needed. Timezone based view lets the users see reports in the time zone the device is at rather than based on the time where the product is installed. Administrators can also create multiple user accounts, assign devices or IP Groups to them and also set what timezone the users view the reports in. Do visit here to view the complete list of features available in Enterprise edition.

You can also leave behind your worries about exported NetFlow packets using a large volume of the Internet bandwidth. The NetFlow data is compressed using Java technology before being send from the collector to the central server. This brings down the volume of the exported NetFlow data to less than 20% of the actual size and helps save your valuable Internet bandwidth for critical applications. Moreover, since data is send over HTTPS connection, the NetFlow data is secure and even the GUI of both the collector and central server have HTTPS enabled by default.

Now with the central console, reports from the branches and DR sites spread geographically are at hand. There is no more need to login into different installations and have reports generated from each one of them separately. You also have the option to select the interfaces displayed in the dashboard and so at a single glance the network team gets to see the status of highly utilized links or the status of critical links.

All enterprises preferred uninterrupted monitoring and reporting of critical links, applications or servers. But when the need comes to shut down the central server for maintenance or if the central server is down inadvertently, what can be done? The failover is the perfect feature for this. The data stored in the central server is replicated to a secondary central server and any time the primary server goes down, the secondary is automatically activated after a fixed time. Thus the fail over gives you a automatic backup and redundancy of data.

With all these features and its scalability, NetFlow Analyzer Enterprise edition is the best suitable solution for bandwidth monitoring and traffic analysis. Do download the Central server and Collector from here and start your 30 day evaluation with free technical support from our team.

Regards,
Don Thomas Jacob

Compliance is vital for any enterprise not merely to adhere to various regulatory/industry frameworks but also to mitigate the risks attached to corporate IT assets. Enterprises failing to comply not only face penalties from the regulatory bodies but also risk losing respectability and trust. However, in recent times many enterprises fail to remain fully compliant at all times which has led to many security breaches. Case in point, the recent Heartland breach highlighted the fact that staying compliant is a full-time process and just staying within the boundaries of a given regulatory framework is not sufficient to secure your network(s). Enterprises therefore need to look beyond the applicable frameworks to achieve compliance, and one important way is to analyze and manage system, application and event logs to prevent such huge incidents.

Log management for Compliance requirements is an increasingly vital process for enterprises across verticals. There are several implications to having an ineffective log management process, both tangible and intangible.

Enterprises that analyze their log data efficiently can easily recognize the value and impact on their IT and overall operations. The insight gained by log analysis and reporting can help enterprises determine their existing security implementation, cut down on costs on extensive regulatory audits and recovery measures, if any. Up to date log data analysis provides insight into the health and accessibility of network(s), system and applications.

A strong log management solution that handles voluminous and variety of logs is a necessary tool for enterprises to maintain the integrity of all data.

Let’s look at a checklist to ensure log management is applied effectively to ensure compliance.

Do’s

  1. Make Log management a daily routine and not just to satisfy compliance requirements

If log management is not done only for the sake of meeting regulatory requirements then we can cover our bases much more effectively. It will take care of any overlapping frameworks and reduce the time to meet all regulatory requirements. This will also cover any condition that is overlooked in the impression that another regulatory requirement covers it. Reports and alerts ensure that the security threat posed is brought to your attention, including those beyond the scope of regulatory compliance.


  1. Ensure alerts are set up as per the requirements of the enterprise

Ensure all alerts are set up correctly and for the specific requirements of the enterprise and not just to meet compliance requirements. If any critical data is suspected to have been accessed by an unauthorized user it must be alerted instead of ignoring it if it doesn’t meet a specific regulatory requirement. The alert set up must be reviewed and reassessed periodically.


  1. Review reports regularly to identify any gaps in the set up and regulatory requirements.

All reports must be checked not just for the expected data but also for any anomalies in them. Reports must be maintained also for what doesn’t meet the requirements and reviewed frequently.


  1. Conduct periodic tests to determine the effectiveness of the set up.

The network must be tested for effectiveness and efficiency in managing and analyzing logs in order to ensure that compliance requirements are met appropriately. A robust log management solution is a vital key towards staying compliant. The test must also be highlighted and validated by the system.


  1. Have a representative from the legal department to check if all regulatory requirements are understood and met by the IT department.

Not all regulatory requirements are easy to comprehend and hence might be misunderstood by those defining the IT compliance requirements. This is a pitfall that must be avoided hence all legal aspects must be simplified.


  1. Have a consistent approach to managing and analyzing the logs.

Make sure there are defined set of rules on how logs must be managed and analyzed. This must be dependent on the enterprise and not on the authorized personnel. If any change in authority takes place the set of rules for log handling mustn’t be changed as this can lead to loss of log data.


  1. Check for unauthorized programs installed by users within the network.

Most breaches are caused due to malicious code planted in the network through unauthorized programs. Users are mostly unaware of the potential threat in installing seemingly harmless programs. A log management solution can help detect such unauthorized programs and alert the administrator before any harm is done.

Don’ts

  1. Give access to unauthorized users to view, edit and delete any information.

Access to the network must be strictly monitored and only given to authorized members. Data should be classified appropriately and access to them regulated and monitored. All unauthorized access must be alerted promptly by the log management solution.


  1. Provision any Team/group access to any critical data.

No authorization must be provided on a team/group level as this is a greater exposure to risks and provide room for human error. Any changes made on one-on-one level will be lost if not communicated on team/group level.


  1. Keep unnecessary ports open in the network.

All redundant ports must be closed in the network(s) in order to protect it from any malicious attack. Ports must be periodically reviewed to ensure only those required are accessible.


  1. Run unused services in vital servers.

In order to keep the network(s) efficient and easy to manage all unused services must be stopped to avoid any conflict with essential services. Any redundant service poses a risk in interfering with the operation of critical resources, which will lead to failure of required processes.

This isn’t a comprehensive checklist of course but if you don’t have one, this might be a good place to start. Each enterprise needs to get started with log management with their customized set of checklists to ensure the enterprise IT network(s) is optimally secured. Merely being compliant isn’t enough; it also requires staying more vigilant and having stringent security measures in place.

For better or worse!! Time to Ponder..

Jun 15 2009 04:10:20 AM Posted By : Joseph
Comments (0)

A new study by Cisco suggests that "Global IP traffic will quintuple from 2008 to 2013". All the signs point to one question - Is your network bandwidth utilized for better or worse! . Are the business critical applications getting enough bandwidth?! There comes a time, sooner or later (preferably sooner), enterprises need to put a limit on their bandwidth utilization and thus the costs accompanying it.

Some of the points of "concern" for enterprises would be:

  • Internet video is now approximately one-third of all consumer Internet traffic
  • In 2013, the Internet will be nearly four times larger than it is in 2009
  • Peer-to-peer (P2P) is growing in volume

Considering the growth of the internet, the increase in video traffic and P2P volume, its not a surprise that enterprises find it harder to keep a tab on the volume of traffic and the different applications that traversing their network. Of course the task is humongous and difficult, but "A task is difficult only till the day you find a solution". Today is the day and there is a solution that can do a lot.

ManageEngine NetFlow Analyzer helps you monitor bandwidth, analyze network traffic and do network forensics. It keeps you informed if the business critical applications are getting enough bandwidth, if not then why. You can view the top talkers, applications, sources and destinations in your network. Reports can be exported, scheduled and threshold violation alerts can be set. 

To mention a few of the "lot":

Check out the interactive demo.

To quote an user "ManageEngine NetFlow Analyzer was easy to install, has a very clean interface with good reporting features, and is a better value than other retail options."(curious to know what others said, click here!)

Feel free to download now and evaluate for 30 days with free technical support!

Cheers

Joe
http://twitter.com/josephjay