Microsoft has placed in the Visionaries Quadrant of Gartner’s Magic Quadrant for SSL VPN, North America, 3Q07 Report (SSL VPN stands for secure socket layer virtual private network). Gartner finds that “The consolidation of vendors and competition in endpoint security and usability continue to improve the appeal of SSL VPNs.”
Launched in February 2007, Microsoft’s Intelligent Application Gateway 2007 (IAG) allows administrators to manage IPSec and SSL VPN connections through a single appliance from a shared Microsoft Active Directory repository.
To learn about how IAG is mentioned in this Magic Quadrant and read the full Gartner report visit: http://www.microsoft.com/presspass/itanalyst/default.mspx
For more information on IAG 2007, visit www.microsoft.com/forefront/edgesecurity
The Magic Quadrant is copyrighted December 2007 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
In my other post in a Q&A excerpt with Dave Crocker by Investor's Business Daily, I'd like to now respond to some of my selected quotes.
Crocker: You have to create what I call a trust overlay to the existing e-mail system. Existing senders and receivers can continue to use e-mail as before... All we're doing is adding a mechanism that lets them trust who mail is from and (determine) whether that sender is trustworthy.
I agree with this. The email filtering industry is starting to converge on reputation as a mechanism of determining delivery eligibility. By examining what the sender has done historically, we can get a pretty good idea for what the current content of the message is likely to be.
Crocker: Existing "reputation" based e-mail screening systems are based on very low-level addressing numbers that say where a server is attached to the Internet, rather than what organization is sending the message. DKIM will identify the sender.
It is true that these reputation based systems are tied to IP addresses. In fact, some reputation systems use only an IP's historical sending record as a mechanism of determining legitimacy - that's essentially what blacklists are.
However, DKIM is not alone in identification of the sender. SPF and SenderID both tie the sending IP address to the sending domain or organization. Where DKIM differs is that it ties the sending organization to the content of the message, irrespective of the message's origin. This makes it more flexible than SenderID and SPF because message forwarding can break both of those two authentication schemes.
IBD: Can you give an example of how DKIM prevents the delivery of unwanted spam? Crocker: A classic example of spam abuse involves eBay's online payment system PayPal. Pay-Pal e-mail is often forged by hackers or other bad actors. They might send it as "paypa1.com," a so-called "cousin" domain that looks like the real one but is intended to confuse. IBD: How does DKIM help? Crocker: If I have a DKIM signature that's signed (with the string for) PayPal.com then it was really signed by PayPal.com and should be received.
Crocker: A classic example of spam abuse involves eBay's online payment system PayPal. Pay-Pal e-mail is often forged by hackers or other bad actors. They might send it as "paypa1.com," a so-called "cousin" domain that looks like the real one but is intended to confuse.
IBD: How does DKIM help?
Crocker: If I have a DKIM signature that's signed (with the string for) PayPal.com then it was really signed by PayPal.com and should be received.
This is where I part ways with Crocker. IBD asked how DKIM prevented delivery of unwanted spam, and the response was how Paypal could use DKIM to get their mail delivered to the end user. The question wasn't about how DKIM helps get good mail delivered, it was about how it could stop spam.
Crocker: First-time senders wouldn't have their messages erroneously blocked. E-mail would also be marked as "definitely good" rather than "possible spam."
This is actually a good idea but there are some problems because this isn't defined as clearly as I would like.
It’s almost 2008, so it’s the time of year when people make predictions for the coming year. The security industry is rapidly evolving, so look for more changes in 2008. Here is our list of predictions.
-- The Forefront Team
Top Security Industry Trends for 2008
1. As Data loss continues to be a concern, the security industry will respondIn 2007 a large retailer settled a massive data breech for $40 million. Security companies are responding with solutions to help secure data, and security and privacy will become more interconnected.
2. More comprehensive protections offered from security vendors IT departments consistently ask for security solutions that administer and report on more security functions. They will get it from security vendors.
3. Virtualization security will become more importantAs the use of virtualization grows in the enterprise, malcode writers will look for ways to hi-jack unpatched or poorly designed virtualization deployments , and security vendors will respond.
4. As more companies deploy software as a service, security as a service will get more importantMore and more companies are putting their applications and data “in the cloud,” so security companies will continue the tricky task of protecting it.
5. Tighter integration of security with management functions As organizations look to enhance security by gaining better control over their corporate infrastructure, organizations will want better integration of monitoring, configuration, deployment and backup functions.
The other day I was reading Investors Business Daily and came across an article whose title you see in the subject line of this blog post. The article is a Q&A Dave Crocker of BrandenBurg InternetWorking.
If you're like me and too lazy to click the link and read the article, allow me to post a couple of important excerpts.
IBD: What's your solution [to the spam problem]? Crocker: You have to create what I call a trust overlay to the existing e-mail system. Existing senders and receivers can continue to use e-mail as before. All we're doing is adding a mechanism that lets them trust who mail is from and (determine) whether that sender is trustworthy. ... IBD: Why is adding a special domain name important in identifying whether an e-mail message is wanted or not? Crocker: Existing "reputation" based e-mail screening systems are based on very low-level addressing numbers that say where a server is attached to the Internet, rather than what organization is sending the message. DKIM will identify the sender. IBD: Can you give an example of how DKIM prevents the delivery of unwanted spam? Crocker: A classic example of spam abuse involves eBay's online payment system PayPal. Pay-Pal e-mail is often forged by hackers or other bad actors. They might send it as "paypa1.com," a so-called "cousin" domain that looks like the real one but is intended to confuse. IBD: How does DKIM help? Crocker: If I have a DKIM signature that's signed (with the string for) PayPal.com then it was really signed by PayPal.com and should be received. ... IBD: In practice, what difference would using a trust-based e-mail service make to a typical office e-mail system? Crocker: First-time senders wouldn't have their messages erroneously blocked. E-mail would also be marked as "definitely good" rather than "possible spam." IBD: Are there any other advantages? Crocker: Graphics in incoming e-mail won't be turned off. As a matter of safety, it's usually important to have e-mail graphics turned off because they could be the basis for possible hacker attacks. But if messages are marked as safe, the graphics are of no concern and can be shown.
IBD: What's your solution [to the spam problem]?
Crocker: You have to create what I call a trust overlay to the existing e-mail system. Existing senders and receivers can continue to use e-mail as before. All we're doing is adding a mechanism that lets them trust who mail is from and (determine) whether that sender is trustworthy.
...
IBD: Why is adding a special domain name important in identifying whether an e-mail message is wanted or not?
IBD: Can you give an example of how DKIM prevents the delivery of unwanted spam?
IBD: In practice, what difference would using a trust-based e-mail service make to a typical office e-mail system?
IBD: Are there any other advantages?
Crocker: Graphics in incoming e-mail won't be turned off. As a matter of safety, it's usually important to have e-mail graphics turned off because they could be the basis for possible hacker attacks. But if messages are marked as safe, the graphics are of no concern and can be shown.
In my next post, I will respond to some of these comments.
Microsoft’s Forefront team has posted a new study conducted for Microsoft by CMG Market Research measuring the perceptions of 1,274 information technology (IT) managers in the U.S. toward 12 security concerns, such as malware, temporary workers, hackers, phishing, and more. The survey found that Spyware is still the #1 security concern (24%) that survey participants didn’t feel was being adequately addressed.
The study measured levels of concern between 2006 and 2007, and found some interesting results:
A summary of the report is attached to this post.