Why Should I Update My Firewall?

fabio.angelosanto@centrorestaurovenaria.it — Thu, 11 Oct 2018 18:21:24 +0000

Staying up to date with your network security appliance is absolutely necessary. For the same reasons we regularly update our phones, browsers, and desktop operating systems, it’s even more important to update a network firewall.

Software vulnerabilities and the security technologies to protect against them evolve daily. At Untangle, we stay on top of these changes to ensure that our NG Firewall incorporates the latest threat prevention and network management capabilities. Once a new build is tested and ready, it can be applied automatically to your deployment without any human interaction. Learn more about automatic upgrades on the Untangle Wiki.

Bug Fixes

Each release includes dozens of bug fixes to address issues that often arise from changes in external software. These fixes ensure smooth operation and continuous Internet access for your networked devices.

Security Updates

The table below outlines some of the core components that receive security updates with most releases.

Operating System	The system kernel and bundled services include hundreds of updates in every release. These updates include fixes to bugs, vulnerabilities, device drivers, security certificates and more.
Antivirus	The antivirus scanning engine is often updated to maintain compatibility with the operating system and signature database. In some cases older versions of the scanning engine become obsolete, and it is necessary to update NG Firewall to continue receiving the latest malware signatures.
Intrusion Prevention	The intrusion prevention system and signature database frequently requires updates to be able to identify and block the latest types of network intrusions and exploits.
Application Control	File sharing and anonymizing software change regularly to evade content filters. To continue to accurately identify these types of applications, the Application Control signature database updates with each release.
Virtual Private Networking	Untangle NG Firewall supports industry standard remote connectivity via IPsec VPN and OpenVPN. These technologies frequently require updates to maintain the latest encryption standards and tunneling protocols used by mobile devices and third party VPN gateways.

Operating System	The system kernel and bundled services include hundreds of updates in every release. These updates include fixes to bugs, vulnerabilities, device drivers, security certificates and more.
Antivirus	The antivirus scanning engine is often updated to maintain compatibility with the operating system and signature database. In some cases older versions of the scanning engine become obsolete, and it is necessary to update NG Firewall to continue receiving the latest malware signatures.
Intrusion Prevention	The intrusion prevention system and signature database frequently requires updates to be able to identify and block the latest types of network intrusions and exploits.
Application Control	File sharing and anonymizing software change regularly to evade content filters. To continue to accurately identify these types of applications, the Application Control signature database updates with each release.
Virtual Private Networking	Untangle NG Firewall supports industry standard remote connectivity via IPsec VPN and OpenVPN. These technologies frequently require updates to maintain the latest encryption standards and tunneling protocols used by mobile devices and third party VPN gateways.

Network Management & Connectivity Enhancements

The following rollup outlines some of the recent and noteworthy enhancements to Untangle NG Firewall. Customers with a valid subscription and automatic upgrades can take full advantage of these recent additions.

Command Center	Command Center is a cloud-based service for managing your Untangle appliances. With Command Center you can: Perform configuration backups Create configuration templates Synchronize configuration to multiple appliances Remotely access any of your appliances through a single account Command Center requires version 12.2 and higher.
WiFi	Specific hardware versions of NG Firewall include a wireless network interface that can be used either as a WAN interface for wireless internet connectivity, or it can be used as an access point to securely connect wireless devices on the local network.
Amazon Web Services Deployment	You can move your on-premises installation of NG Firewall to Amazon Web Services. This type of deployment is suitable for organizations that operate their networking environment virtually in AWS.
Tunnel VPN	Tunnel VPN enables you to route internet traffic through a VPN tunnel. This is suited for remote networks that need to route through a central or cloud-based firewall to consolidate access policies and content filtering.
Captive Portal Single Sign-on Authentication	Organizations using G-Suite, Office365, and other types of OAuth providers can authenticate users against these services. For guest access, you can authenticate users against Facebook.
IPsec IKEv2	Devices can remotely connect using the IKEv2 protocol over IPsec. This enables VPN tunnelling using the native capabilities built into modern desktop, mobile, and tablet devices. IKEv2 improves on IKEv1 by enabling multiple VPN tunnels on networks that use network address translation.
UPnP support	By supporting Universal Plug and Play, NG Firewall enables network devices to seamlessly discover each other’s presence on the network and establish functional network services for data sharing, communications, and entertainment.
Geolocation	Sessions are visualized on a world map so you can see exactly where your traffic is going. Configure rules to block access to or from specific countries. View reports to see how much of your network traffic comes from other countries.
Dashboard	The Dashboard feature simplifies network management by giving the administrator a single view of all important activities and notifications.
VRRP	Virtual Router Redundancy Protocol improves network availability and business continuity by allowing you to set up two Untangle NG Firewalls to failover if one of them becomes unavailable.

Command Center	Command Center is a cloud-based service for managing your Untangle appliances. With Command Center you can: Perform configuration backups Create configuration templates Synchronize configuration to multiple appliances Remotely access any of your appliances through a single account Command Center requires version 12.2 and higher.
WiFi	Specific hardware versions of NG Firewall include a wireless network interface that can be used either as a WAN interface for wireless internet connectivity, or it can be used as an access point to securely connect wireless devices on the local network.
Amazon Web Services Deployment	You can move your on-premises installation of NG Firewall to Amazon Web Services. This type of deployment is suitable for organizations that operate their networking environment virtually in AWS.
Tunnel VPN	Tunnel VPN enables you to route internet traffic through a VPN tunnel. This is suited for remote networks that need to route through a central or cloud-based firewall to consolidate access policies and content filtering.
Captive Portal Single Sign-on Authentication	Organizations using G-Suite, Office365, and other types of OAuth providers can authenticate users against these services. For guest access, you can authenticate users against Facebook.
IPsec IKEv2	Devices can remotely connect using the IKEv2 protocol over IPsec. This enables VPN tunnelling using the native capabilities built into modern desktop, mobile, and tablet devices. IKEv2 improves on IKEv1 by enabling multiple VPN tunnels on networks that use network address translation.
UPnP support	By supporting Universal Plug and Play, NG Firewall enables network devices to seamlessly discover each other’s presence on the network and establish functional network services for data sharing, communications, and entertainment.
Geolocation	Sessions are visualized on a world map so you can see exactly where your traffic is going. Configure rules to block access to or from specific countries. View reports to see how much of your network traffic comes from other countries.
Dashboard	The Dashboard feature simplifies network management by giving the administrator a single view of all important activities and notifications.
VRRP	Virtual Router Redundancy Protocol improves network availability and business continuity by allowing you to set up two Untangle NG Firewalls to failover if one of them becomes unavailable.

The post Why Should I Update My Firewall? first appeared on Edge Threat Management - Arista.

Ransomware in the spotlight: How to guard against attack

agrni09@gmail.com — Wed, 21 Dec 2016 16:53:57 +0000

Is there anything more frightening than being locked out of your most important and sensitive files? This is just the reality that a number of individual users and businesses have dealt with recently due to the growing threat of ransomware.

Ransomware infections have been on our collective radars for a few years now, and as hackers update and advance their malicious tactics, they will continue to pose a threat to networks across industry sectors into the near future.
Thankfully, there are some best practices and tools your organization can leverage to prevent falling victim to a ransomware attack. Let’s take a look at this pervasive problem and what can be done about it.

Noteworthy ransomware attacks

While all industries have been impacted by ransomware infections, some verticals have seen more attention from cybercriminals than others. This was especially true in 2016, when targeted attacks against the health care and financial services sectors soared.

According to Healthcare IT News‘s Jessica Davis, there had been 14 major ransomware-based attacks on health care providers this year as of October 2016. One of the affected institutions was the Professional Dermatology Care center in Reston, Virginia. The attack, which occurred during June, resulted in the malicious encryption of more than 13,000 patient files including both financial and health details. While officials insist the motivation behind the attack — similar to countless other attacks — was monetary gain, there were concerns about misuse of patient data.

International Business Times reporter India Ashok noted that the financial sector, along with several other industries, caught the attention of hackers in 2016 as well. Overall, the city of London suffered more than 10,000 ransomware infection attempts, including those impacting the region’s largest banks.

And, unfortunately, these organizations have considerable company. Fedscoop reported that there are now as many as 4,000 ransomware attacks reported daily, affecting individuals as well as businesses of all sizes.

Preventing infection: Top best practices

Within this environment, it’s clear that guarding against a ransomware attack should be a top priority for businesses of all size and in every industry. There are a few best practices organizations can leverage to reduce their chances of falling victim:

Educate users: First and foremost, it’s critical to ensure that employee users are aware of this threat, and know what to look for. Suspicious activity and slow performance can be early warning signs of an infection, and can help network admins work quickly to contain and mitigate the attack.
Update all systems: It’s also crucial that all security patches and updates have been installed for the solutions an organization leverages. This helps guard against emerging threats.
Have robust backups in place: As CIO contributor Paul Mah pointed out, preventing a ransomware infection is “all about backups.” If data is encrypted by an outside malicious actor, being able to access a backup copy removes all of a hacker’s power. A 3-2-1 backup strategy is one of the most effective. This strategy encompasses having three backup copies of critical data, including two stored locally and one stored at an alternate location. This ensures that even if on-premises resources are compromised, important data isn’t completely lost.

Ransomware infections are only increasing in frequency, and new samples are discovered every day. Protect yourself and your organization with robust backups and the latest network security solutions. To find out more, contact the experts at Untangle today.

The post Ransomware in the spotlight: How to guard against attack first appeared on Edge Threat Management - Arista.