Many IT services are now moving to the cloud and firewall protection is no exception. Traditionally, a hardware appliance provides firewall security, but now schools like High Point Regional High School are turning to an alternative solution. The New Jersey-based school uses an in-the-cloud Security-as-a-Service, something that surprised new technology coordinator Thane Young.

In this article, Bat Blue Networks' CEO and President, Babak Pasdar, provides his opinion on current U.S. cybersecurity legislation. Pasdar states, "The main concern and challenge with the S.2105 Cybersecurity Bill of 2012 are with Sections 703 and 704. Though I like the idea of CyberSecurity Exchanges as defined in section 703 and 704, these cybersecurity exchanges would be government-run entities and that is sure to draw the likes of the FBI and NSA into the exchanges’ day-to-day operations with or without their knowledge. The language is vague enough to set the foundation for government engagement with major backbone providers."

Many IT executives today know of the term “Tango Down.” The term was originally used by military special forces teams who made the reference when a terrorist was “eliminated” during a firefight. Today it has been adopted by Hacktivists to describe websites and networks that they have taken down.

Search Engines in general and Google in particular know a lot about everyone. Moreover, Google can learn about you without you ever having used their services. They know what they know because people choose to trust them. But in fact, Google is quite draconian in their policies and approaches to identification, profiling and tracking of individuals and organization along with associated interests, behaviors, and relationships.

Through its many services, Google can track your browsing, scan your emails, read your documents, listen to voicemails, analyze your calendar, and more – all in the name of better connecting sellers to its users. This feeding of the Google Monster must be monitored and controlled.

Today is World IPv6 Launch, an event organized by the Internet Society and built on the successful one day World IPv6 Day from last year. This represents a major milestone in the global deployment of IPv6. World IPv6 Launch is dedicated to permanently switching over these same companies to the new Internet Protocol.

Every day the average user, with no special computer skills, bypasses your perimeter security system. The same holds true for applications and a large number of web sites. These users, applications, and sites all bypass your perimeter security with the greatest of ease and at will. The culprit is an “s”.

To date, organizations with distributed sites across a region, continent or the globe had two options for WAN connectivity: a dedicated WAN infrastructure such as MPLS or Internet based VPN. Both of these approaches have their benefits but also many drawbacks. Virtual WAN offers the best of each world, delivering significant cost savings, consistent performance, greater reliability, broader diversity and reduction of organizational attack surface.

Network data flow and data metrics for organizations are evolving with increased use of cloud services and BYO devices. This document highlights use cases and offers formulations of utilization dynamics for next generation networks.

Kaspersky Labs yesterday called VMWare's code leak “the IT equivalent of the Deepwater Horizon oil spill disaster”. At face value this seems like an overly dramatic statement until you dig into both the circumstances and the mechanism of the attack.

A great deal has been made lately about Botnetz and Command & Control (C&C) Architecture and for good reason. They are wily and today pose the greatest challenge to organizational security. Botnetz and C&C tend to be hard to detect via signature approaches due to a number of factors.

Bat Blue Networks is announcing their refusal to respond to the Iranian Request for Information (RFI) for Internet content filtering and equipment to build an internal isolated Internet. According to the RFI, Iran is requesting proper conditions to build a “healthy” Internet and address the current “filtering situation”.

I was working with a client at a mid-size carrier on their security operations process. On several occasions we identified threats on their threat management platform, however when we went to cross correlate this on their log server we could not find the event logs. This made me suspicious of their logging infrastructure.

There was outrage in the Internet community in response to the proposed SOPA and PIPA Bills that allow organizations with copyrighted content to have a website taken down by virtue of claiming copyright infringement.

There are many companies in the marketplace offering a cloud security service, promising to provide the most complete and comprehensive cloud security offering available. When these cloud security offerings are analyzed, you will discover that the only true, complete cloud security perimeter is Cloud/Sec.

Building a cloud-enabled solution goes well beyond utilizing hardware at a co-location facility. Cloud solutions demand the right balance of accessibility, security, resiliency and management. Keep in mind that all cloud computing providers are exposed to the same risks (partial or complete outages, latency, etc.). You must be sure to find a solution that satisfies the integrity and availability of your required cloud infrastructure and that there is sufficient resiliency in your connectivity to the cloud computing platform.

What if you possessed a high-performance firewall so accurate that you felt confident having it block threats automatically, significantly reducing the need for forensics? This tool can provide real-time visibility into all of your applications regardless of port or protocol, is transparent to implement and requires no network redesign.

By storing data locally on hard drives, you possess total control of the data, can store copious amounts of information and can control who can access this information. Hard drives have become very affordable recently, but external hard drives can fail just as easily as your primary hard drive and you must always worry about potential theft. You would not be able to access your data when you're AFK unless you transport your clunky external hard drive with you to your destination which makes sharing data difficult.

Even though the transition started roughly ten years ago, there is still much confusion as to the intricacies of the migration from IPv4 to IPv6. IPv4 is version 4 of the Internet Protocol that we have been using since the early 80's, using a 32-bit address such as 168.212.226.204. Currently, there are less than 10% of these IP addresses left in the global pool of unallocated IPv4 addresses. IPv6 is version 6 of the Internet Protocol, using a 128-bit address such as 3412:2003:3545:30de:680a:9876:32cd:302d. IPv6 addresses are normally written with hexadecimal digits and colon separators. The IPv6 address database possesses the capability of hosting 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. To put this into perspective, there are as many IPv6 addresses as there are grains of sand on the earth!

Regardless of what protection is implemented to secure your personal network, no security feature can prevent you from uploading personal data about yourself and your family. We live in a world where uploading personal data and media is encouraged because it provides digital expression of our social lives, but we need to be careful and aware of the risks involved when entering this collaborative environment because what we upload to the Internet can come back to hurt us and others close to us.

Bat Blue Network's team of technologists learned valuable cloud lessons back in 2002 when the IT industry wasn't donning it “the cloud”. Bat Blue's early customers of our “Security Anywhere” offering weren't sure if what they had bought was a traditional managed service (it felt like it, as it was backed by a 24/7/365 NOC team) or a service that was more of an extension of their IT team. It didn't matter much that the industry and our customers didn't yet know “the cloud.” All that mattered was that our customers loved the service for all of the reasons that cloud strategies are being quickly adopted today: on-demand scaleability, wide application of a single technology, customer control & visibility, cost containment and measurable savings.

Many have no doubt seen by now HP's recent announcement that it will acquire Security Information and Event Management (SIEM) vendor ArcSight for roughly $1.6bn, a premium of 54% from when the Wall Street Journal first reported Arcsight was on the block in late August. Many of the financial analysts on Wall Street have applauded the deal, citing further evidence of the strategic importance of security (no doubt), as well as further confirmation that customers want to put all their eggs in one basket and purchase from a single vendor (not so much).

Let me first tell you what we already know! Triple digit drops in the market are becoming common place. Consumer confidence is at an all-time low and organizations are slowly but surely executing promised layoffs. How does this translate for the IT organization?