Digital tools to empower civil society
Size: px
Start display at page:

Download "Digital tools to empower civil society"

Transcription

1 Digital tools to empower civil society Tools to secure what you have and circumvent what they have. Grundtvig partnership meeting Linz 2013 Jonatan Walck OpenPGP: CB5D DDA5 62AA D885 B3EB 09E7 5C20 F62F 460D 7FA :00 UTC+1

2 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

3 DPI A group of technologies (general trend) New usages, enabler of what to come

4 DPI: Briefly Name derived from OSI model Content -aware networking equipment Filtering based on Usage patterns Behavours... Targeted, not only blanket blocks/monitors

5 DPI: Example Alice (HTTP) Alice (HTTP) Network hardware (L 1-3) Mallory (HTTP) Bob (HTTP) Bob (HTTP)

6 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

7 Blocking: Definition Blocking, bandwidth limiting, hindering Including DNS-blocking

8 Blocking: Examples Iran: During 2009 elections Syria: Targeted slowdowns Turkey: Youtube, protests? Sweden+Denmark: Child abuse images Most of Europe: Copyright

9 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

10 Monitoring: Definition Passively reading what passes on the wire without any interaction. non-dpi: Who s talking to who? DPI: Who s saying what to who, in what context?

11 Monitoring: Examples Lawful interception (wiretapping) Syria (DPI) Sweden (FRA, military radio surveillance)

12 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

13 Circumvention: Tools Darknets (TOR, I2P, Freenet...) Web proxies Tunnels

14 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

15 Encryption: Letting math fight for you HTTP HTTPS TLS (and SSL)

16 Encryption: Tools to make life simple HTTPS Everywhere Browser extension from EFF ( Certificate patrol Browser extension (for advanced users) OTR (Off The Record) Extension to chat protocols (Jabber/XMPP, gtalk, skype, msn, icq, aim...)

17 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

18 Encryption: Use it anyway, but make it less needed Regulation of dual-use technologies Export restrictions Track those that track.. yet there s always the risk of a man in the middle.

19 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

20 Tools: CMS security Know your tools characteristics (Wordpress, PHP, CGI) Know your host Convenience vs. security

21 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

22 Tools: European Union EU-wiki ( Parltrack ( Oeil ( AT4AM (

23 Discussion Threats? (Blocking/monitoring/interventions) Solutions? (Circumvention) Helping hands? (Tools) / x460D7FA7, CB5D DDA5 62AA D885 B3EB 09E7 5C20 F62F 460D 7FA7

Similar documents

Stopping secure Web traffic from bypassing your content filter. BLACK BOX

Stopping secure Web traffic from bypassing your content filter. BLACK BOX Stopping secure Web traffic from bypassing your content filter. BLACK BOX 724-746-5500 blackbox.com Table of Contents Introduction... 3 Implications... 4 Approaches... 4 SSL CGI Proxy... 5 SSL Full Proxy...

More information

Internet Privacy Options

Internet Privacy Options 2 Privacy Internet Privacy Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 19 June 2014 Common/Reports/internet-privacy-options.tex, r892 1 Privacy Acronyms

More information

Otas%serumquis%es%explibu%sanimet%et%aut%omnisse Otas%serumquis%es%explibu%sanimet%et%aut%omnisse%nimpore%rendae% nonecerum% NUCLEUS BVBA MATTIAS GENIAR SENIOR SYSTEM ENGINEER dolorem.% MATTIAS@NUCLEUS.BE

More information

Proxy Blocking: Preventing Tunnels Around Your Web Filter. Information Paper August 2009

Proxy Blocking: Preventing Tunnels Around Your Web Filter. Information Paper August 2009 Proxy Blocking: Preventing Tunnels Around Your Web Filter Information Paper August 2009 Table of Contents Introduction... 3 What Are Proxies?... 3 Web Proxies... 3 CGI Proxies... 4 The Lightspeed Proxy

More information

How to Prevent Secure Web Traffic (HTTPS) from Crippling Your Content Filter. A Cymphonix White Paper

How to Prevent Secure Web Traffic (HTTPS) from Crippling Your Content Filter. A Cymphonix White Paper How to Prevent Secure Web Traffic (HTTPS) from Crippling Your Content Filter A Cymphonix White Paper How to Prevent Secure Web Traffic (HTTPS) from Crippling Your Content Filter Introduction Internet connectivity

More information

Early Recognition of Encrypted Applications

Early Recognition of Encrypted Applications Early Recognition of Encrypted Applications Laurent Bernaille with Renata Teixeira Laboratoire LIP6 CNRS Université Pierre et Marie Curie Paris 6 Can we find the application inside an SSL connection? Network

More information

Concepts in Crypto. Parker Higgins parker@eff.org @xor. Micah Lee micah@eff.org @micahflee PGP: 4FF3 AA1B D29E 1638 32DE C765 9433 5F88 9A36 7709

Concepts in Crypto. Parker Higgins parker@eff.org @xor. Micah Lee micah@eff.org @micahflee PGP: 4FF3 AA1B D29E 1638 32DE C765 9433 5F88 9A36 7709 Concepts in Crypto Parker Higgins parker@eff.org @xor PGP: 4FF3 AA1B D29E 1638 32DE C765 9433 5F88 9A36 7709 Micah Lee micah@eff.org @micahflee PGP: 5C17 6163 61BD 9F92 422A C08B B4D2 5A1E 9999 9697 Who

More information

Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway

Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway Websense Support Webinar January 2010 web security data security email security

More information

11 THINGS YOUR FIREWALL SHOULD DO. a publication of 2012 INVENIO IT A SMALL BUSINESS WHITEPAPER

11 THINGS YOUR FIREWALL SHOULD DO. a publication of 2012 INVENIO IT A SMALL BUSINESS WHITEPAPER 11 THINGS YOUR FIREWALL SHOULD DO a publication of 2012 INVENIO IT A SMALL BUSINESS WHITEPAPER 2 THE GUIDE OF BY DALE SHULMISTRA Dale Shulmistra is a Technology Strategist at Invenio IT, responsible for

More information

How To Control Your Network With A Firewall On A Network With An Internet Security Policy On A Pc Or Ipad (For A Web Browser)

How To Control Your Network With A Firewall On A Network With An Internet Security Policy On A Pc Or Ipad (For A Web Browser) 1110 Cool Things Your Firewall Should Do Extend beyond blocking network threats to protect, manage and control application traffic Table of Contents The Firewall Grows Up 1 What does SonicWALL Application

More information

Filter Avoidance and Anonymous Proxy Guard

Filter Avoidance and Anonymous Proxy Guard March 21, 2011 Author: Audience: SWAT Team Evaluator Product: Cymphonix Network Composer EX Series, XLi OS version 9 Filter Avoidance and Anonymous Proxy Guard Filter Avoidance The award winning XLi technology

More information

Intrusion Detection, Packet Sniffing

Intrusion Detection, Packet Sniffing Intrusion Detection, Packet Sniffing By : Eng. Ayman Amaireh Supervisor :Dr.: Lo'ai Tawalbeh New York Institute of Technology (NYIT)- Jordan s s campus-2006 12/2/2006 eng Ayman 1 What is a "packet sniffer"?

More information

(SHREL) Open Source Multi-Hop Networks (SHREL) Tor

(SHREL) Open Source Multi-Hop Networks (SHREL) Tor TOP SECRETHSPREL TO USAyVEY (C//REL) Types of TAT Advanced Open Source Multi-Hop (SHREL) Open Source Multi-Hop Networks (SHREL) Tor (SHREL) Very widely used worldwide (SHREL) Open Source (S/REL) Active

More information

Proxies. Chapter 4. Network & Security Gildas Avoine

Proxies. Chapter 4. Network & Security Gildas Avoine Proxies Chapter 4 Network & Security Gildas Avoine SUMMARY OF CHAPTER 4 Generalities Forward Proxies Reverse Proxies Open Proxies Conclusion GENERALITIES Generalities Forward Proxies Reverse Proxies Open

More information

Table of Contents. Chapter 1: Installing Endpoint Application Control. Chapter 2: Getting Support. Index

Table of Contents. Chapter 1: Installing Endpoint Application Control. Chapter 2: Getting Support. Index Table of Contents Chapter 1: Installing Endpoint Application Control System Requirements... 1-2 Installation Flow... 1-2 Required Components... 1-3 Welcome... 1-4 License Agreement... 1-5 Proxy Server...

More information

Flow Analysis Versus Packet Analysis. What Should You Choose?

Flow Analysis Versus Packet Analysis. What Should You Choose? Flow Analysis Versus Packet Analysis. What Should You Choose? www.netfort.com Flow analysis can help to determine traffic statistics overall, but it falls short when you need to analyse a specific conversation

More information

Global Internet Phenomena Spotlight: Encrypted Internet Traffic

Global Internet Phenomena Spotlight: Encrypted Internet Traffic Global Internet Phenomena Spotlight: Encrypted Internet Traffic Introduction There is a growing trend on the Internet, with more and more applications beginning to encrypt their traffic in order to protect

More information

Project X Mass interception of encrypted connections

Project X Mass interception of encrypted connections Project X Mass interception of encrypted connections What? SSL/TLS interception TOR interception ...a thorny path Common Issues Public Key Pinning avoids rogue CA to sign certs Common Issues Google and

More information

Advantage for Windows Copyright 2012 by The Advantage Software Company, Inc. All rights reserved. Internet Performance

Advantage for Windows Copyright 2012 by The Advantage Software Company, Inc. All rights reserved. Internet Performance Advantage for Windows Copyright 2012 by The Advantage Software Company, Inc. All rights reserved Internet Performance Reasons for Internet Performance Issues: 1) Hardware Old hardware can place a bottleneck

More information

Introduction to Computer Security Benoit Donnet Academic Year 2015-2016

Introduction to Computer Security Benoit Donnet Academic Year 2015-2016 Introduction to Computer Security Benoit Donnet Academic Year 2015-2016 1 Agenda Networking Chapter 1: Firewalls Chapter 2: Proxy Chapter 3: Intrusion Detection System Chapter 4: Network Attacks Chapter

More information

EAGLE EYE Wi-Fi. 1. Introduction

EAGLE EYE Wi-Fi. 1. Introduction 1. Introduction Internet access has become very popular by the emergence of broadband services, and busy yet unregulated Internet traffic causes challenges to administration and management. When it comes

More information

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2

More information

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human

More information

Format-Transforming Encryption

Format-Transforming Encryption Protocol Misidentification Made Easy with Format-Transforming Encryption Kevin Dyer, Portland State University (did most of the hard work) Scott Coull, RedJack Thomas Ristenpart, University of Wisconsin-Madison

More information

Security Technology: Firewalls and VPNs

Security Technology: Firewalls and VPNs Security Technology: Firewalls and VPNs 1 Learning Objectives Understand firewall technology and the various approaches to firewall implementation Identify the various approaches to remote and dial-up

More information

Best Practices for Controlling Skype within the Enterprise > White Paper

Best Practices for Controlling Skype within the Enterprise > White Paper > White Paper Introduction Skype is continuing to gain ground in enterprises as users deploy it on their PCs with or without management approval. As it comes to your organization, should you embrace it

More information

How To Understand And Understand The Security Of A Key Infrastructure

How To Understand And Understand The Security Of A Key Infrastructure Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information

SSL/TLS: The Ugly Truth

SSL/TLS: The Ugly Truth SSL/TLS: The Ugly Truth Examining the flaws in SSL/TLS protocols, and the use of certificate authorities. Adrian Hayter CNS Hut 3 Team adrian.hayter@cnsuk.co.uk Contents Introduction to SSL/TLS Cryptography

More information

Chapter 32 Internet Security

Chapter 32 Internet Security Chapter 32 Internet Security Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 32: Outline 32.1 NETWORK-LAYER SECURITY 32.2 TRANSPORT-LAYER SECURITY 32.3

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

http://docs.trendmicro.com/en-us/enterprise/trend-micro-endpoint-applicationcontrol.aspx

http://docs.trendmicro.com/en-us/enterprise/trend-micro-endpoint-applicationcontrol.aspx Trend Micro Incorporated reserves the right to make changes to this document and to the product described herein without notice. Before installing and using the product, review the readme files, release

More information

Astaro Gateway Software Applications

Astaro Gateway Software Applications Astaro Overview Astaro Products - Astaro Security Gateway - Astaro Web Gateway - Astaro Mail Gateway - Astaro Command Center - Astaro Report Manager Astaro Gateway Software Applications - Network Security

More information

Chapter 12. Security Policy Life Cycle. Network Security 8/19/2010. Network Security

Chapter 12. Security Policy Life Cycle. Network Security 8/19/2010. Network Security Chapter 12 Network Security Security Policy Life Cycle A method for the development of a comprehensive network security policy is known as the security policy development life cycle (SPDLC). Network Security

More information

Topics in Network Security

Topics in Network Security Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure

More information

Introduction to Securing Data in Transit

Introduction to Securing Data in Transit Introduction to Securing Data in Transit Jennifer Vesperman jenn@linuxchix.org 2002 02 24 Revision History Revision 0.1 2002 02 17 Revised by: MEG Converted from text file. Modified wording. Revision 0.2

More information

Intro to Firewalls. Summary

Intro to Firewalls. Summary Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer

More information

Security threats and network. Software firewall. Hardware firewall. Firewalls

Security threats and network. Software firewall. Hardware firewall. Firewalls Security threats and network As we have already discussed, many serious security threats come from the networks; Firewalls The firewalls implement hardware or software solutions based on the control of

More information

Fortigate Features & Demo

Fortigate Features & Demo & Demo Prepared and Presented by: Georges Nassif Technical Manager Triple C Firewall Antivirus IPS Web Filtering AntiSpam Application Control DLP Client Reputation (cont d) Traffic Shaping IPSEC VPN SSL

More information

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace Lab Exercise SSL/TLS Objective To observe SSL/TLS (Secure Sockets Layer / Transport Layer Security) in action. SSL/TLS is used to secure TCP connections, and it is widely used as part of the secure web:

More information

Zorp and KZorp: Integrating Packet Filtering and Userspace proxying

Zorp and KZorp: Integrating Packet Filtering and Userspace proxying Zorp and KZorp: Integrating Packet Filtering and Userspace proxying Balázs Scheidler Zorp Has been established in 2000, as the first BalaBit product Code was GPLd right from the start

More information

User Guide. You will be presented with a login screen which will ask you for your username and password.

User Guide. You will be presented with a login screen which will ask you for your username and password. User Guide Overview SurfProtect is a real-time web-site filtering system designed to adapt to your particular needs. The main advantage with SurfProtect over many rivals is its unique architecture that

More information

Microsoft TMG Replacement. How FORTINET integrated secuity platforms Help Protect the Perimeter in a Microsoft Infrastructure Environment

Microsoft TMG Replacement. How FORTINET integrated secuity platforms Help Protect the Perimeter in a Microsoft Infrastructure Environment Microsoft TMG Replacement How FORTINET integrated secuity platforms Help Protect the Perimeter in a Microsoft Infrastructure Environment 1. Introduction This document gives an overview of FortiGate features

More information

Still Using Proxies for URL Filtering? There s a Better Way

Still Using Proxies for URL Filtering? There s a Better Way Still Using Proxies for URL Filtering? There s a Better Way October 2013 The Arrival of Proxies Firewalls enforce network access via a positive control model, where only specific traffic defined in policies

More information

Cyclope Internet Filtering Proxy. - Installation Guide -

Cyclope Internet Filtering Proxy. - Installation Guide - Cyclope Internet Filtering Proxy - Installation Guide - 1. Overview 3 2. Installation 4 2.1 System requirements 4 2.2 Cyclope Internet Filtering Proxy Installation 4 2.3 Client Browser Configuration 6

More information

February 2014. Considerations When Choosing a Secure Web Gateway

February 2014. Considerations When Choosing a Secure Web Gateway February 2014 Considerations When Choosing a Secure Web Gateway Introduction Evaluating a Secure Web Gateway (SWG) can be a complicated process and nothing is better than testing a solution in your own

More information

Dell SonicWALL Portfolio

Dell SonicWALL Portfolio Dell SonicWALL Portfolio Jiří Svatuška Presales Consultant Transform Connect Inform Protect Dell SonicWALL network security portfolio Network security Secure mobile access Email security Policy and management

More information

Digital Security and Privacy

Digital Security and Privacy Digital Security and Privacy July 2011 Wojtek Bogusz Wojtek@FrontLineDefenders.org Get this presentation: www.frontlinedefenders.org/soc/201107cij.pdf Illustrations: Assi Kootstra www.konkret.pl 1 Needs

More information

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network 5.0 Network Architecture 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network 1 5.1The Internet Worldwide connectivity ISPs connect private and business users Private: mostly dial-up connections Business:

More information

SSL EXPLAINED SSL EXPLAINED

SSL EXPLAINED SSL EXPLAINED 1 Table of Contents Introduction... 3 What is SSL?... 4 How does SSL work?... 7 Google & SSL... 11 SSL/TLS... 13 Web Filtering SSL... 14 About Lightspeed Systems... 26 2 Introduction SSL is a challenge

More information

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks Decryption Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us

More information

Secure Web Appliance. SSL Intercept

Secure Web Appliance. SSL Intercept Secure Web Appliance SSL Intercept Table of Contents 1. Introduction... 1 1.1. About CYAN Secure Web Appliance... 1 1.2. About SSL Intercept... 1 1.3. About this Manual... 1 1.3.1. Document Conventions...

More information

Simple security is better security Or: How complexity became the biggest security threat

Simple security is better security Or: How complexity became the biggest security threat Simple security is better security Or: How complexity became the biggest security threat Christoph Litzbach, Pre-Sales Engineer NSG 1 What do they have in common? DATA BREACH 2 Security is HARD! Components

More information

Who Moved My Firewall. Clinton Thomson Derivco (PTY) Ltd

Who Moved My Firewall. Clinton Thomson Derivco (PTY) Ltd Who Moved My Firewall Clinton Thomson Derivco (PTY) Ltd 1 Agenda Introduction to Derivco (Pty) Ltd Efficacy of Firewalls Firewall Roles Threat Landscape De-perimeterisation Q & A 2 Derivco as a company

More information

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager Why it's time to upgrade to a Next Generation Firewall Dickens Lee Technical Manager Dell History 2 Confidential Dell s legacy Became leading provider of subscription services on optimized appliances Shipped

More information

SSL Intercept Mode. Certificate Installation Guide. Revision 1.0.0. Warning and Disclaimer

SSL Intercept Mode. Certificate Installation Guide. Revision 1.0.0. Warning and Disclaimer SSL Intercept Mode Certificate Installation Guide Revision 1.0.0 Warning and Disclaimer This document is designed to provide information about the configuration of CensorNet Professional. Every effort

More information

Hiding Tracks on the Net

Hiding Tracks on the Net Hiding Tracks on the Net Ways one might hide their tracks Private Browsing Anonymizers & Proxy Servers SSL / TLS Passwords False Information Public Networks Email Services Encryption Firewalls Private

More information

The Benefits of SSL Content Inspection ABSTRACT

The Benefits of SSL Content Inspection ABSTRACT The Benefits of SSL Content Inspection ABSTRACT SSL encryption is the de-facto encryption technology for delivering secure Web browsing and the benefits it provides is driving the levels of SSL traffic

More information

Today's security needs in networking

Today's security needs in networking Today's security needs in networking Besoins actuels de la sécurité réseau European partner summit Thursday, October 13, 2005 Hervé Schauer Hervé Schauer Agenda Firewalls Liability

More information

Alaska Alternate Assessment. Website Security Assurances. June 2015. App3.6_Test_Site_Security

Alaska Alternate Assessment. Website Security Assurances. June 2015. App3.6_Test_Site_Security Alaska Alternate Assessment Website Security Assurances June 2015 App3.6_Test_Site_Security ISSUE 1: Secure access to http://ak.k12test.com The AK website makes use of the cryptographic protocols Transport

More information

Reverse Proxy with SSL - ProxySG Technical Brief

Reverse Proxy with SSL - ProxySG Technical Brief SGOS 5 Series Reverse Proxy with SSL - ProxySG Technical Brief What is Reverse Proxy with SSL? The Blue Coat ProxySG includes the functionality for a robust and flexible reverse proxy solution. In addition

More information

ΕΠΛ 674: Εργαστήριο 5 Firewalls

ΕΠΛ 674: Εργαστήριο 5 Firewalls ΕΠΛ 674: Εργαστήριο 5 Firewalls Παύλος Αντωνίου Εαρινό Εξάμηνο 2011 Department of Computer Science Firewalls A firewall is hardware, software, or a combination of both that is used to prevent unauthorized

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

State of the Art in Peer-to-Peer Performance Testing. European Advanced Networking Test Center

State of the Art in Peer-to-Peer Performance Testing. European Advanced Networking Test Center State of the Art in Peer-to-Peer Performance Testing European Advanced Networking Test Center About EANTC The European Advanced Networking Test Center (EANTC) offers vendor independent network quality

More information

Chapter 5. Data Communication And Internet Technology

Chapter 5. Data Communication And Internet Technology Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN

More information

Application Intelligence, Control and Visualization

Application Intelligence, Control and Visualization Application Intelligence, Control and Visualization Marco Ginocchio Director of Systems Engineering Europe, Middle East, and Africa mginocchio@sonicwall.com SonicWALL Over 1.7 million security appliances

More information

Protecting your information

Protecting your information Protecting your information Secure your information Each year, governments, businesses and institutions suffer untold losses through not protecting their information. A UK government survey* puts the cost

More information

Examining Proxies to Mitigate Pervasive Surveillance

Examining Proxies to Mitigate Pervasive Surveillance Examining Proxies to Mitigate Pervasive Surveillance Eliot Lear Barbara Fraser Abstract The notion of pervasive surveillance assumes that it is possible for an attacker to have access to all links and

More information

Computer Networks. Secure Systems

Computer Networks. Secure Systems Computer Networks Secure Systems Summary Common Secure Protocols SSH HTTPS (SSL/TSL) IPSec Wireless Security WPA2 PSK vs EAP Firewalls Discussion Secure Shell (SSH) A protocol to allow secure login to

More information

WHITE PAPER. Gaining Total Visibility for Lawful Interception

WHITE PAPER. Gaining Total Visibility for Lawful Interception WHITE PAPER Gaining Total Visibility for Lawful Interception www.ixiacom.com 915-6910-01 Rev. A, July 2014 2 Table of Contents The Purposes of Lawful Interception... 4 Wiretapping in the Digital Age...

More information

Monitoring applications to increase security in 40G and 100G networks

Monitoring applications to increase security in 40G and 100G networks Monitoring applications to increase security in 40G and 100G networks Cyber Security and Today s Communication Technologies TPEB workshop, 30.1.2014 Petr Kastovsky kastovsky@invea.com Company Introduction

More information

Configuring SonicWALL TSA on Citrix and Terminal Services Servers

Configuring SonicWALL TSA on Citrix and Terminal Services Servers Configuring on Citrix and Terminal Services Servers Document Scope This solutions document describes how to install, configure, and use the SonicWALL Terminal Services Agent (TSA) on a multi-user server,

More information

STRATEGY TO BLOCK TRAFFIC CREATE BY ANTI CENSORSHIP SOFTWARE IN LAN FOR SMALL AND MEDIUM ORGANISATION

STRATEGY TO BLOCK TRAFFIC CREATE BY ANTI CENSORSHIP SOFTWARE IN LAN FOR SMALL AND MEDIUM ORGANISATION STRATEGY TO BLOCK TRAFFIC CREATE BY ANTI CENSORSHIP SOFTWARE IN LAN FOR SMALL AND MEDIUM ORGANISATION Baharudin Osman 1, Azizi Abas 2,and Kamal Harmoni 3 1 Universiti Utara Malaysia, Malaysia, bahaosman@uum.edu.my

More information

White paper. Why Encrypt? Securing email without compromising communications

White paper. Why Encrypt? Securing email without compromising communications White paper Why Encrypt? Securing email without compromising communications Why Encrypt? There s an old saying that a ship is safe in the harbour, but that s not what ships are for. The same can be said

More information

From Network Security To Content Filtering

From Network Security To Content Filtering Computer Fraud & Security, May 2007 page 1/10 From Network Security To Content Filtering Network security has evolved dramatically in the last few years not only for what concerns the tools at our disposals

More information

App-ID. PALO ALTO NETWORKS: App-ID Technology Brief

App-ID. PALO ALTO NETWORKS: App-ID Technology Brief App-ID Application Protocol Detection / Decryption Application Protocol Decoding Application Signature Heuristics App-ID uses as many as four identification techniques to determine the exact identity of

More information

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER NEFSIS TRAINING SERIES Nefsis Dedicated Server version 5.1.0.XXX Requirements and Implementation Guide (Rev 4-10209) REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER Nefsis Training Series

More information

Firewalls for small business

Firewalls for small business By James Thomas DTEC 6823 Summer 2004 What is a firewall? Firewalls for small business A firewall is either hardware, software or a combination of both that is used to prevent, block or should I say try

More information

White Paper. Enhancing Website Security with Algorithm Agility

White Paper. Enhancing Website Security with Algorithm Agility ENHANCING WEBSITE SECURITY WITH ALGORITHM AGILITY White Paper Enhancing Website Security with Algorithm Agility Enhancing Website Security with Algorithm Agility Contents Introduction 3 Encryption Today

More information

EAGLE EYE IP TAP. 1. Introduction

EAGLE EYE IP TAP. 1. Introduction 1. Introduction The Eagle Eye - IP tap is a passive IP network application platform for lawful interception and network monitoring. Designed to be used in distributed surveillance environments, the Eagle

More information

ATIS Open Web Alliance. Jim McEachern Senior Technology Consultant ATIS

ATIS Open Web Alliance. Jim McEachern Senior Technology Consultant ATIS Jim McEachern Senior Technology Consultant ATIS Objective This presentation provides an introduction to the, and the motivation behind its formation. 2 Overview SPDY was introduced by Google to reduce

More information

Access Control Rules: URL Filtering

Access Control Rules: URL Filtering The following topics describe how to configure URL filtering for your Firepower System: URL Filtering and Access Control, page 1 Reputation-Based URL Filtering, page 2 Manual URL Filtering, page 5 Limitations

More information

Remote Forensic Software. Dr. Michael Thomas DigiTask GmbH, Germany

Remote Forensic Software. Dr. Michael Thomas DigiTask GmbH, Germany Dr. Michael Thomas DigiTask GmbH, Germany DigiTask Who we are and what we do Special Telecommunication Systems for Law Enforcement Agencies (LEA) Development of special solutions for the needs of LI Located

More information

White Paper A10 Thunder and AX Series Load Balancing Security Gateways

White Paper A10 Thunder and AX Series Load Balancing Security Gateways White Paper A10 Thunder and AX Series Load Balancing Security Gateways June 2013 WP_LB FW 062013 Disclaimer This document does not create any express or implied warranty about A10 Networks or about its

More information

INSTANT MESSAGING SECURITY

INSTANT MESSAGING SECURITY INSTANT MESSAGING SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part

More information

1110 Cool Things Your Firewall Should Do. Extending beyond blocking network threats to protect, manage and control application traffic

1110 Cool Things Your Firewall Should Do. Extending beyond blocking network threats to protect, manage and control application traffic 1110 Cool Things Your Firewall Should Do Extending beyond blocking network threats to protect, manage and control application traffic Table of Contents The Firewall Grows Up 1 What does SonicWALL Application

More information

ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER

ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER M-FILES CORPORATION ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER VERSION 2.3 DECEMBER 18, 2015 Page 1 of 15 CONTENTS 1. Version history... 3 2. Overview... 3 2.1. System Requirements... 3 3. Network

More information

WAN Optimization, Web Cache, Explicit Proxy, and WCCP. FortiOS Handbook v3 for FortiOS 4.0 MR3

WAN Optimization, Web Cache, Explicit Proxy, and WCCP. FortiOS Handbook v3 for FortiOS 4.0 MR3 WAN Optimization, Web Cache, Explicit Proxy, and WCCP FortiOS Handbook v3 for FortiOS 4.0 MR3 FortiOS Handbook WAN Optimization, Web Cache, Explicit Proxy, and WCCP v3 13 January 2012 01-433-96996-20120113

More information

Applications erode the secure network How can malware be stopped?

Applications erode the secure network How can malware be stopped? Vulnerabilities will continue to persist Vulnerabilities in the software everyone uses everyday Private Cloud Security It s Human Nature Programmers make mistakes Malware exploits mistakes Joe Gast Recent

More information

10 Strategies to Optimize IT Spending in an Economic Downturn. Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN

10 Strategies to Optimize IT Spending in an Economic Downturn. Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN 10 Strategies to Optimize IT Spending in an Economic Downturn Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN Current Economic Landscape 2 Basically you Basically you ve had to throw

More information

SecurityDAM On-demand, Cloud-based DDoS Mitigation

SecurityDAM On-demand, Cloud-based DDoS Mitigation SecurityDAM On-demand, Cloud-based DDoS Mitigation Table of contents Introduction... 3 Why premise-based DDoS solutions are lacking... 3 The problem with ISP-based DDoS solutions... 4 On-demand cloud DDoS

More information

Defense In Depth To Fight Against The Most Persistent DDoS

Defense In Depth To Fight Against The Most Persistent DDoS Defense In Depth To Fight Against The Most Persistent DDoS All enterprises with an Internet presence should worry about Distributed Denial-of-Service (DDoS) - some more than others. It is a fact of life

More information

Anonymity on the Internet Over Proxy Servers

Anonymity on the Internet Over Proxy Servers Anonymity on the Internet Over Proxy Servers Final Product Fábio Rodrigues ei08116@fe.up.pt Matej Bulić ei12010@fe.up.pt Introduction user always leaves digital sign need for security and anonymity Proxy

More information

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας Department of Computer Science Firewalls A firewall is hardware, software, or a combination of both that is used to prevent unauthorized Internet users

More information

Cornerstones of Security

Cornerstones of Security Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to

More information

:: Protecting your infrastructure ::

:: Protecting your infrastructure :: :: Protecting your infrastructure :: Who we are? AGEN DA Unified Threat Management Malware detection platform Q & A? About Us InfoSys Gateway Sdn. Bhd. (797304-H) Incorporated in 2007 Bumiputra owned Company

More information

Top 10 Features: Clearswift SECURE Email Gateway

Top 10 Features: Clearswift SECURE Email Gateway Top 10 Features: Clearswift SECURE Email Gateway Top 10 Features: Clearswift SECURE Email Gateway Modern business simply couldn t function without email. However, both incoming and outgoing messages can

More information

Healthcare Security and HIPAA Compliance with A10

Healthcare Security and HIPAA Compliance with A10 WHITE PAPER Healthcare Security and HIPAA Compliance with A10 Contents Moving Medicine to the Cloud: the HIPAA Challenge...3 HIPAA History and Standards...3 HIPAA Compliance and the A10 Solution...4 164.308

More information

REPORT & ENFORCE POLICY

REPORT & ENFORCE POLICY App-ID KNOWN PROTOCOL DECODER Start Decryption (SSL or SSH) Decode Signatures Policy IP/Port Policy Application Signatures Policy IDENTIFIED TRAFFIC (NO DECODING) UNKNOWN PROTOCOL DECODER Apply Heuristics

More information

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for

More information
2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information