Santa Clara, Calif.-based security vendor McAfee Inc. has updated its network security platform with three enhancements designed to give the network administrator greater visibility into, and control of, network traffic.
“It’s all about giving the guy more information while you are there to be able to do forensics or whatever and get back to his other jobs,” said Doug Cooke, director of sales engineering for Markham, Ont.-based McAfee Canada Inc. In addition to already having its file reputation database integrated with its network security platform, McAfee has now added its network reputation database to the mix. The idea is that suspicious traffic can be identified against a database of hundreds of millions of network connections.
Another enhancement is for those IT departments using server and desktop virtualization. Cooke said the concern for IT admins is not having visibility into the network traffic that passes over the hypervisor.
McAfee has also embedded Atlanta, Ga.-based Reflex Systems LLC’s virtualization management technology in the APIs of the hypervisor so “it can see traffic that’s going between hosts and re-direct it out to one of our sensors,” said Cooke.
The third enhancement to the platform is a new traffic analysis port that can redirect traffic from a monitoring port to one of McAfee’s response ports, essentially subjecting it to an additional inspection. “You can looking for people who are sending credit card data out through e-mail, or sending (social insurance numbers) or maybe even pornography,” said Cooke.
At the start of 2011, McAfee predicted a threat landscape that where hackers would up the ante on vicious attacks hidden in the 3,000 shortened URLs generated per minute from social media sites such as Twitter.
With the growing phenomenon that is social networking and instant communication, the popularity of shortened URLs in a limited character space is a ripe opportunity for cyber criminals, said Jim Galpin, Santa Clara, Calif.-based McAfee’s manager of Canadian consumer sales.
“People click on things and they really don’t know where they’re going to go, or what they’re going to get,” said Galpin.
It’s an incredibly lucrative business for hackers who can easily drop malware on unsuspecting Twitter users in order to reap private information, said Galpin.
The challenge on the security side, said Galpin, is that the illegitimate sites and mixed in with legitimate ones. And illegitimate sites often morph to avoid detection. “It’s a constantly moving target,” he said.
IT departments can protect themselves by ensuring sufficient security investment in network devices to block potential harm, said Galpin.
Cupertino, Calif.-based security vendor Symantec Corp., in its March 2011 MessageLabs Intelligence Report, found that spam in Canada accounted for 79.4 per cent of e-mail received, and malware accounted for one in 160.1 e-mails.
While the figures are a tad higher than the global spam rate, trends in Canada’s threat landscape have consistently followed rather closely the global rate, said Paul Wood, senior analyst for MessageLabs Intelligence with the Cupertino, Calif.-based security vendor. “Canada has always featured prominently in terms of the spammer output,” said Wood.
What makes Canada particularly alluring to spammers is the existence of lower-priced pharmaceuticals compared to those in the U.S. that fit rather well with spam strategies. “A lot of spam relates to pharmaceutical products and to make that attractive to the U.S. audience, they dress them up to appear as genuine Canadian pharmacies,” said Wood.
But while the report did state a spam rate of 79.4 per cent for Canada, that figure will still differ across the provinces where different dominant industries and, therefore, recognized brand names, may be situated, noted Wood.
On the global level, Canada’s spam output accounts for two per cent of overall spam.
Follow Kathleen Lau on Twitter: @KathleenLau