Tuesday, January 31, 2012

Cyber arms race taking place now

43% of respondents identified damage or disruption to
critical infrastructure as the greatest single threat posed
by cyber-attacks, causing wide economic impact.
A report recently released by McAfee indicated that more than half of cyber security experts believe that a global arms race is already on with damage or disruption to critical infrastructure as the greatest single threat from cyber-attack.

The report was created for McAfee by the Security & Defence Agenda as "an independent think-tank to produce the most extensive report on Cyber Defense." The SDA had in-depth
interviews with some 80 world-leading policy-makers and cyber-security experts in government, business and academia in 27 countries and anonymously surveyed 250 world leaders in 35 countries.

Cyber-readiness in the United States, Australia, the UK, China and Germany all ranked behind small countries like Israel, Sweden and Finland. By the numbers, here are some of the report's findings:
  • 57% of global experts believe that an arms race is taking place in cyber space.
  • 36% believe cyber-security is more important than missile defense.
  • 43% identified damage or disruption to critical infrastructure as the greatest single threat posed by cyber-attacks with wide economic consequences (up from 37% in McAfee’s 2010 Critical Infrastructure Report).
  • 45% of respondents believe that cyber-security is as important as border security.
  • The report was intended to reflect the varying views on what cyber-security means and reflect consensus on how to move towards it. 
Those surveyed agreed that developments like smart phones and cloud computing introduce a whole new set of problems linked to inter-connectivity and sovereignty that require new regulations and new thinking.

What Uplogix does to Improve Security
The Uplogix Local Management platform is a component for protecting critical infrastructure around the world from pipelines to banks to the front lines.

Uplogix improves security by extending role-based systems management policies to network devices. By applying rules-based policies, Uplogix ensures sessions are properly closed, eliminating the likelihood of inappropriate access. For audit and compliance reporting, Uplogix logs all user interactions and device responses.

If/when the network is down, Uplogix maintains administrative security policies and audit. This eliminates the need for unaudited access to managed devices using "break glass" passwords with sweeping privileges.

Read more about what Uplogix does for security.

Is Local Management valuable when you have redundant systems?

When adding redundant hardware, be ready
for twice the cost of maintenance.
When talking with someone for the first time about Local Management, sometimes they jump to a quick objection that goes something like this:
"I don't need out-of-band access for my network infrastructure. I have a redundant architecture." 
Sometimes people go on to detail how robust their redundancies are by offering up the speeds and feeds of the backup hardware and outside network connections. Does this sound like you? If so, you really need to read on.

All of this is great -- uptime is very important in many businesses and that number is increasing daily as connections both within the LAN and the WAN are the difference between making money and sitting idle -- or worse, losing sales.

Many companies spend significant dollars ensuring they are backed-up for any scenario, and the "when the network is red" value scenarios for Uplogix can sound redundant to the redundancies. However, playing the redundancy card is a sign that a contact might be a great candidate for Local Management. It tells us 1) they have high expectations for network uptime, and 2) they have a more complicated network, with more gear and likely multiple means of connectivity into their site.

Both of these factors benefit greatly from the "when the network is green" functionality of Local Management. These are the day-to-day features that reduce support costs by simplifying tasks that centralized management tools aren't able or trusted to do. The daily tasks that account for a large portion of the time it takes to run a network (even more when you are adding redundancy to the picture).

For example:

Configuration Management
  • Reliable automated device upgrades & changes: Gain efficiency, reduce errors 
  • Local TFTP storage of OS and configuration files 
  • Detailed local configuration change logging & differencing
Security & Compliance
  • Comprehensive activity logging 
  • Role based administrative access 
  • TACACS/Radius Integration 

Performance & Availability
  • Intensive off network monitoring of performance & availability 
  • More detailed monitoring than SNMP increasing visibility 
  • Point to point user experience testing 
  • Integrated with centralized systems management consoles 
So next time you are judging the strength of your network, keep in mind both the pros (better uptime), but also the cons (higher costs), and give Local Management a look. It can help with both.

Monday, January 30, 2012

Uplogix completes FIPS 140-2 certification process

The code was validated, the hardware inspected, and the paperwork completed months ago. Now Uplogix has the final approval for the FIPS 140-2 Certification. No longer are the Uplogix 430 and 3200 Local Managers "In Process" with NIST (the National Institute of Standards and Technology) for accreditation of cryptographic modules for secure communication on government computing platforms. They are fully compliant.

Want to know more about the differences between a standard Uplogix Local Manager and the FIPS-compliant versions? Read this blog entry: The Uplogix Platform & FIPS 140-2 Compliance.

Here are the details from the certificate of compliance:

The National Institute of Standards and Technology, as the United States FIPS 140-2 Cryptographic Module Validation Authority; and the Communications Security Establishment, as the Canadian FIPS 140-2 Cryptographic Module Validation Authority; hereby validate the FIPS 140-2 testing results of the Cryptographic Module identified as:

Uplogix 430 and 3200 by Uplogix, Inc. 

(When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy)

in accordance with the Derived Test Requirements for FIPS 140-2, Security Requirements for Cryptographic Modules. FIPS 140-2 specifies the security requirements that are to be satisfied by a cryptographic module utilized within a security system protecting Sensitive Information (United States) or Protected Information (Canada) within computer and telecommunications systems (including voice systems).

Products which use the above identified cryptographic module may be labeled as complying with the requirements of FIPS 140-2 so long as the product, throughout its life cycle, continues to use the validated version of the cryptographic module as specified in this certificate. The validation report contains additional details concerning test results. No reliability test has been performed and no warranty of the products by both agencies is either expressed or implied.

FIPS 140-2 provides four increasing, qualitative levels of security: Level 1, Level 2, Level 3, and Level 4. These levels are intended to cover the wide range and potential applications and environments in which cryptographic modules may be employed. The security requirements cover eleven areas related to the secure design and implementation of a cryptographic module. The scope of conformance achieved by the cryptographic modules as tested in the product identified as:

Uplogix 430 and 3200 by Uplogix, Inc.
(Hardware Version: 43-1002-50, 43-1102-50, 37-0326-03, 37-0326-04; Firmware Version:; Hardware)

and tested by the Cryptographic Module Testing accredited laboratory: SAIC CSTL, NVLAP Lab Code 200492-0 CRYPTIK Version 8.6c is as follows:
Cryptographic Module Specification
Level  2
Cryptographic Module Ports and Interfaces
Level  2
Roles, Services, and Authentication
Level  3
Finite State Model
Level  2
Physical Security
Level  2
Cryptographic Key Management
(Multi-Chip Standalone)
Level  2
Level  2
Level  2
Design Assurance
Level  2

What are your top tech priorities for 2012?

Gartner's Global CIO Business and Tech Priorities for 2012
Gartner recently asked over 2,300 CIOs around the world to name their top business and technology priorities for 2012. The survey showed that overall budgets will remain essentially flat in North America and Europe, although Latin America expects an increase of almost 13%.

The top ten tech priorities list has changed somewhat since last year with a major move by Virtualization and some shake-ups in Analytics & Business Intelligence and Collaboration/Workflow. Here is the full list:
  1. Analytics and business intelligence (Last year's rank: 5)
  2. Mobile technologies (Last year: 3)
  3. Cloud computing, including SaaS (Last year: 1)
  4. Collaboration/workflow technologies (Last year: 8)
  5. Legacy modernization
  6. IT management (Last year: 4)
  7. CRM
  8. ERP applications
  9. Security
  10. Virtualization (Last year: 2)
The business priorities did not change in the top three spots:
  1. Increasing enterprise growth
  2. Attracting and retaining new customers
  3. Reducing costs
How does this list compare with your priorities? At Uplogix, our connection to network infrastructure (both literally and figuratively!) put us on the list for projects with a variety of goals. Across each of the CIO priorities above, the common connection is a network that is functioning as good if not better than its 2011 performance.