ReadWriteWeb

Today CloudPassage boosts security for your cloud-based servers by announcing an enhanced version of its Halo SaaS security tools called NetSec. The new version brings two-factor authentication methods for remote terminal access, as well as improvements to cloud firewall policy creation and management. As with earlier versions, the tools only work on Linux-based instances, since you need to install their agents on each cloud-based server. The tools are being used by Foursquare, for example, to help manage their increase in weekend check-in traffic.

Years ago, Oracle's responses to reports of SQL injection attacks against its database servers literally were focused on media damage control - ensuring that not too many customers get scared by them. (To be fair, Microsoft had the same policy.) The basic concept of SQL injection is all too simple: Feed intentionally malformed instructions into the system in such a way that the server responds with clues that could enable you to obtain unprivileged data - or sometimes, with the data itself.

How hard could it be, security engineers and college professors argued for over a decade, for a company like Oracle to deploy a ZoneAlarm-like firewall that could independently analyze incoming SQL instructions, parse them, and only permit those that meet specific criteria? For years, well-minded engineers were told in response that yet another firewall would render networks too slow and inoperative. Then in May 2010, Oracle learned it could just simply acquire Secerno, an emerging database firewall company.

There's a very rapidly emerging class of smaller cloud service providers whose business model is to lease cloud services to a handful of customers. Imagine a small-town CSP that provides infrastructure to local banks and businesses, and who's close enough to its customer to shake hands. These smaller CSPs are leasing cloud services from larger, upstream providers and reselling them to their nucleus of customers. With a cloud service model - presumably - these new businesses only pay for the quantity of service they've already sold.

That's an intriguing business model, and one you might even be considering for yourself. But if the cloud were made up entirely of compute power and storage, it would indeed be just that easy. There are network availability services to think about as well, and up until very recently these services could only be provided through appliances. This morning, an early-stage, Santa Clara-based startup called Embrane announced immediate availability of cloud-based, virtual network appliances: specifically, virtual firewalls and load balancers to which CSPs may subscribe without purchase.

A new offering from Dome9 is trying to make the cloud more secure by providing an automated service to centralize and consolidate security management across both private and public clouds and in and outside of your data center. It will manage all of your Window and Linux servers' existing built-in firewalls without having to tie up a lot of IT security personnel in the process.

It isn't every day that you can easily try to examine your own perimeter defenses with what Fidelis Security Systems calls its Content IQ Test. The idea is to demonstrate how easy it is for threats to penetrate your network, because many bad things are disguised as they enter your network. That is the genesis behind the test, and what is needed is a simple way to show your management how porous your firewalls, intrusion prevention and other security systems really are.

In our yearly wrap-ups of the best products of 2009, we cannot but notice the shadow that falls over the editorial desk.

We are chilled and saddened by the ghosts of the past year - the apps that should have been, the startups that failed to launch, the brilliant ideas that were throttled, the great minds that were fired, the tech heroes that committed tragic gaffes. But some failures were so monumental that they require specific enumeration and commentary. Here are the 10 worst tech failures of 2009.

At a UN-sponsored event today in Egypt, UN officials demanded the removal of a poster that alluded to the issue of Internet restrictions in China.

The poster was an advertisement for Access Controlled, an MIT publication about the so-called Great Firewall of China, one of the first national Internet filtering systems and a policy that has come under harsh international criticism. The poster was being displays at the fourth annual meeting of the Internet Governance Forum in Sharm El Sheikh, Egypt. The purpose of the forum is to support UN mandates regarding the sustainability, robustness, security, stability, and development of the Internet.

In preparation for the 20th anniversary of the Tiananmen Square Massacre on June 4th, China has started to block a number of web sites, including Twitter, Flickr, Blogger, Hotmail, and Microsoft's new search engine Bing. Tech-savvy Internet users in China, of course, know how to circumvent the Great Firewall, but for the large majority of Chinese Internet users, these sites will remain blocked for the foreseeable future. In addition to these high-profile sites, the Guardian also reports that the Great Firewall now also blocks access to more than 6,000 online forums affiliated with colleges and universities.