ReadWriteWeb

Security software vendor Sourcefire announced today a new kind of endpoint security solution called FireAMP that couples the power of big data analytics with real-time threat detection and prevention. The idea is to use what is happening around the Internet in real time to lock down Windows endpoints and prevent them from running malware.

A new report by Palo Alto Networks that analyzes data captured by their customers' firewalls last year shows that 70 different social networks used by more than 1500 of their customers still only account for about one percent of total Internet bandwidth. But while the actual bandwidth is miniscule, it does seem that last year was the year that enterprises began using social networks in earnest in a wider variety of ways. We last covered them in June with the results of one of their earlier research reports.

Last week, leading security company McAfee asked a question of the security industry, "are we really protecting our users?" A lot of evidence points to the contrary. As can be seen in a new mid-year threat report from firewall maker SonicWall, consumer and corporate networks are larger and more vulnerable than ever. Yet, the battle against malicious programmers is not lost. It is a matter of common sense and evolution in security practices that will help protect companies and users from those that would do them harm.

"The days of just buying and anti-virus or a firewall program and just putting it on a PC are over," said SonicWall's VP of corporate development Ed Cohen. Enterprises and small and medium business need a more layered approach to security. Yet, the layers need to be more sophisticated. With the growing complexity of corporate networks, a new approach is needed.

A research report released by Palo Alto Networks last month describes trends in application traffic that the vendor observed crossing their enterprise firewalls in more than 1,200 of their customer prospects. This is the latest and largest monitoring of applications trends from the company, and it provides some interesting tidbits. For example:

One of the mostly unrealized applications of Web technology is to allow small businesses to kick the tires of products they want to purchase, by putting up live product demos. Given the proliferation of Web interfaces on many products, you would think this would be a no-brainer; and while lots of companies have put up canned video screencaptures showing one or two products, no one has taken the time and effort to let customers test drive their complete product line to the extent that Sonicwall has with its Live Demo site.

The FBI is being accused of planting backdoors in the security-focused open source operating system OpenBSD. OpenBSD is used in commercial security products such as firewalls from Calyptix and .vantronix. Thus far, a code audit has not revealed any backdoors in OpenBSD but some bugs have been found.

Earlier this week, OpenBSD founder Theo de Raadt forwarded an e-mail from Gregory Perry, former CTO of the defunct security company NETSEC, to the OpenBSD mailing list. NETSEC paid developers to contribute to OpenBSD during the 90s. Perry claims that former NETSEC developer Jason Wright and his development team inserted backdoors into the OpenBSD Crypto Framework under the direction of the FBI - a claim Wright firmly denies. Perry claims to be coming forward now because his 10 year nondisclosure agreement with the FBI has expired.

Earlier this week, we reported that a large number of businesses worry that social networking could endanger corporate security, but according to a new report from Palo Alto Networks, social networking is only a minor issue when compared to the proliferation of browser-based file sharing tools, P2P networks, remote desktop access applications, and more sophisticated encrypted tunneling applications like SSH, GPass, and Gbridge.