Twitter Weekly Updates for 2009-06-07
June 7th, 2009
Twitter Weekly Updates for 2009-05-31
May 31st, 2009
- Looking forward to: “GFI LANguard 9 Review – It’s about people, technology and processes -” ( http://tinyurl.com/ozapqt ) #
- RT @gfisoftware is giving away ten $20 amazon.com vouchers if you RT and follow. Competition closes in 7 HRS #
- Just posted: “ISACA e-Symposium – Web Application Security” (http://twitthis.com/6lyqy5) #
- @GFISoftware Thank you ! I hope your campaign was a success. in reply to GFISoftware #
- Reading: “U.S. Federal IT Spending Forecast 2010 – 2015 – $500 Billion ” ( http://tinyurl.com/m24yda ) #
Powered by Twitter Tools.
McAfee Web Protection Service Review
May 30th, 2009
I've got a special interest in client-side web content filtering and so far I presented 2 solutions which were released in the form of SaaS : ScanSafe Anywhere + and McAfee Web Protection Service. Too bad I didn't get to test Anywhere+ but I just finished a test with McAfee WPS and I want to share my opinions.
I will try to remain as objective as possible and I will present my test results in a "Pros and Cons" list. Also, I want to mention that this post is not sponsored by McAfee.
How does it work
The product philosophy is very simple and it is based on the classic method of transparent redirection of traffic to a fully manageable proxy. Using a web portal, The customer has full control over the users, groups and policies applied to each group.
Enforcing the redirection can be done either by installing a web filtering agent on each monitored node or by deploying a custom .PAC file . (PAC is a proxy mode where the proxy configuration is described in a file using JavaScript, called a PAC file, with .pac as file extension)
Having said this, this is my list of pros and cons.
Pros
Extremely easy install(i used the supplied client application). It installed silently in the background making it suitable for automatic deployment using GPOs.
Robust installation: I tried all the common tricks to evade the proxy but I couldn't bypass it. I made a 127.0.0.1 entry in the hosts file for the PAC supplid proxy proxy.securewebbrowsing.com and I installed burp proxy locally but to no avail. My guess is that it implements some sort of windows driver monitoring all tcp communication and hooking on the HTTP / HTTPS sessions so that it goes deeper than application layer.
Password protected uninstall . I was this close to get stuck with the agent because I didn't pay much attention when setting the uninstall password in the portal.
Enterprise ready . One can easily import AD users via a supplied vbs script and from then on modeling the necessary groups and policies for each group. One user can be a member of only one group though.
Cons
Rigid deployment procedure.
You need to create the users and groups BEFORE installing the agent on the users' computers because adding a new user involves sending out an email for password reset. I'm using gmail and I was unable to reach my mailbox to set a password because the agent blocked any outbound connection asking for a password. classic Catch-22.
Lack of details on some blocked sites.
On some sites, all I got was an information screen which didn't help me understand why the site was blocked . see below :
Simplistic / empty dashboard
The main dashboard presents a series of graphs which were not filled with data, although I provided all sorts of traffic. Being the only backend administration interface, I was expecting to "get the picture" from one screen. See below how the dashboard looked like when showing data that i know was recorded.
Poor reporting
I ran a few reports and the data was presented in a tabular form. I was expecting some graphical reports in the classic form of pies and bars. Here is one report (look at the bottom of the screen. yes, that one row table is the report)
This concludes my review on McAfee Web Protection Service. I think it has more power under the bonnet than it shows. The URL reputation is a very powerful feature offered by McAfee TrustedSource :
McAfee® TrustedSource™ is a global threat correlation engine and intelligence base of global messaging and communication behavior, including reputation, volume, and trends, including email, web traffic and malware.
I recommend it for it's solid features but McAfee should also improve the GUi and the quality of reporting because we all know that management likes nice looking graphs 
IT Hardware Budgeting in Times of Recession
May 27th, 2009
There are +2M results for googling "startup in recession" and many of the result pages actually encourage entrepreneurs to start up their own business despite the harsh economic climate.
Regardless if you already have a working business or you are just starting up, keeping minimal costs is a smart decision in times of recession.The IT infrastructure represents the backbone of modern businesses and it’s hard to think of cutting costs in this area. Luckily, there are alternatives which provide the same performance on a tight budget.
Hardware and equipment lease can help reduce costs, lower financial risk and free up capital for more pressing investment needs without compromising the performance. If you need a hard-to find Cisco equipement or you just want to save at least 50% on Cisco switches for instance, MULTI-LINK is ready to deliver your order within days with standard 1 year warranty!
As one of the largest US provider of refurbished networking hardware, Multi-Link’s vendor portfolio include the biggest names in the industry : Cisco, Foundry, Juniper, Extreme Networks.
In order to support it’s customers in times of crisis (and I’m not talking about financial crisis) MULTI-LINK provides a quick contact form : Find an Item Request where you need just to describe the problem at hand and they’ll do the search for you.
Extended warranty, cheap prices and fast delivery and service make Multi-Link a wise choice for all companies who either want to extend or upgrade their networks, especially during the current economic downturn.
Visit www.mlcp.com for more details
