Thursday, February 28, 2013

RSA2013: That’s a Wrap

I wrap up the RSA Conference 2013 from the Moscone Center in San Francisco. Special thanks to F5ers Ron Carovano, Jonathan George, Danny Luedke, Eric Swenson, Claire Delaney and Rinisha Jha. Also thanks to Tom Clare and Jonathan Knepher of Websense, Mark Elliott of Quarri Technologies and of course, WhiteHat Security’s Jeremiah Grossman. Another fun week covering F5 Security.

 

ps

Related:

Technorati Tags: f5,rsac,rsa,rsa2013,psilva,video,grossman, mobile apps,whitehat

RSA2013: Interview with Jeremiah Grossman

Peter Silva catches up with WhiteHat Security Founder & CTO Jeremiah Grossman to talk about WhiteHat’s recent round of funding, vulnerabilities in mobile apps, the idea for companies to hack themselves first along with some trends regarding web vulnerabilities. Always fun to chat with one of InfoSec’s coolest dudes and a fellow local boy.

 

ps

Related:

Technorati Tags: f5,rsac,rsa,rsa2013,psilva,video,grossman, mobile apps,whitehat

Wednesday, February 27, 2013

RSA2013: BIG-IP DNS Services

Taking a moment from behind the camera to appear in frame with me, F5 PMM Jonathan George shares some excellent insight, along with a well-drawn whiteboard, on all the ways BIG-IP can secure and optimize your DNS services. Jonathan also closes out the video in style. This one was especially fun.

 

ps

Related:

Technorati Tags: f5,rsac,rsa,rsa2013,psilva,video,dns, dnssec,ddos

RSA2013: BIG-IP SSL/TLS Services

I give up the mic to F5 Product Marketing Manager, Danny Luedke who promptly whiteboards his way through the many BIG-IP solutions to handle SSL/TLS. Certificate management, encryption, performance and other goodies are discussed.

 

ps

Related:

Technorati Tags: f5,rsac,rsa,rsa2013,psilva,video,ssl/tls

RSA2013: F5 RSA Security Trends Survey

I review the key findings from the F5 RSA Security Trends Survey. On Tuesday, February 26, F5 conducted a survey on the exhibit show floor during RSA 2013. Conference attendees were asked two initial qualifying questions about their role within their organization and how much their job involves the management and implementation of security to ensure the validity of the survey results. More than 150 qualified respondents were then asked a total of four questions surrounding security trends.

The survey revealed that organizations are struggling to keep pace with the changing face of security. Virtualization, BYOD and shifts in IT infrastructures and applications along with the complexity of attack types are driving new threats. IT admits that these threats are beyond the scope of traditional safeguards. As such, IT reports that their general security readiness is subpar.

 

ps

Related:

Technorati Tags: f5,rsac,rsa,rsa2013,psilva,video,survey

RSA2013: Partner Spotlight – Quarri

I chat with Mark Elliott, Founder and EVP of Quarri Technologies about the recent integration with Quarri’s armored browser technology. You can see the Quarri and BIG-IP Integration in the 1st ever Guest Edition of In 5 Minutes. Interesting Stuff.

 

ps

Related:

Technorati Tags: f5,rsac,rsa,rsa2013,psilva,video,quarri

RSA2013: Partner Spotlight – Websense

I stop by the Websense booth at RSA to check out a demo of the F5 BIG-IP and Websense Integration. Tom Clare, Sr. Director Product Marketing shares some insight into the strategic agreement and Jonathan Knepher, Sr. Director Technology Alliance shows the BIG-IP integration.

 

ps

Related:

Technorati Tags: f5,rsac,rsa,rsa2013,psilva,video,websense

Connect with Peter: Connect with F5:
o_linkedin[1]   o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Tuesday, February 26, 2013

RSA2013: Gimme 90 Seconds Security Edition

I challenge two-time champ, Ron Carovano to name and explain his favorite security features in BIP-IP. See if he wins his 3rd psilva autographed f5 squeeze ball.

 

ps

Related:

Technorati Tags: f5,rsac,rsa,rsa2013,psilva,video,security

RSA2013: Find F5

Follow, as I show you how to find F5 Booth 1354 at the RSA Conference along with the cool trinkets you can win playing the F5 Claw Game. Add to that, I close with way off-key rendition of the Looney Tunes classic, This is It!

 

ps

Related:

Connect with Peter: Connect with F5:
o_linkedin[1]  o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Sunday, February 24, 2013

RSA2013: Aloha from RSA

I welcome you to the RSA Conference 2013 in the City By The Bay.  Reporting from Sausalito, I talk a little about the theme 'Security in Knowledge' with an amazing shot of San Fran behind me.


ps
Related:
Technorati Tags: ,,,,,,
Connect with Peter: Connect with F5:
o_linkedin[1]  o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Thursday, February 21, 2013

Inside Look: BIG-IP ASM Botnet and Web Scraping Protection

I hang with WW Security architect Corey Marshall to get an inside look at the Botnet detection and Web scraping protection in BIG-IP ASM.

 

ps

Related:

Connect with Peter: Connect with F5:
o_linkedin[1]  o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Tuesday, February 19, 2013

BYOD 2.0 – Moving Beyond MDM with F5 Mobile App Manager

#BYOD has quickly transformed IT, offering a revolutionary way to support the mobile workforce. The first wave of BYOD featured MDM solutions that controlled the entire device. In the next wave, BYOD 2.0, control applies only to those apps necessary for business, enforcing corporate policy while maintaining personal privacy. The #F5 Mobile App Manager is a complete mobile application management platform built for BYOD 2.0.

As more smartphones, tablets, and other types of mobile devices make their way into employees’ hands, requests for corporate access from those devices are increasing, which represents a huge challenge for IT departments. Not only has IT lost the ability to fully control and manage these devices, but employees are now demanding that they be able to conduct company business from multiple personal devices. Initially resistant to the idea due to security concerns, IT teams are slowly adopting the concept, but hesitantly, still concerned about the inherent risks of allowing personal devices to access and store sensitive corporate information.

People have become very attached to their mobile devices. They customize them, surf the web, play games, watch movies, shop, and often simply manage life with these always-connected devices. The flipside of the convenience and flexibility of BYOD are the many concerns about the risks introduced to the corporate infrastructure when allowing unmanaged and potentially unsecured personal devices access to sensitive, proprietary information.  Organizations need dynamic policy enforcement to govern the way they now lock down data and applications. As with laptops, if an employee logs in to the corporate data center from a compromised mobile device, then that employee becomes as much of a risk as a hacker with direct access to the corporate data center.

Enter BYOD 1.0.

BYOD 1.0 is the industry’s first attempt at solving problems related to personally owned devices in the workplace. BYOD 1.0 consists of two primary components—mobile device management (MDM) and device-level, layer 3 VPNs. The primary goal of MDM is to manage and secure the endpoint device itself, including varying amounts of protection for data at rest on the device (which is typically limited to enabling native device encryption via configuration). The primary aim of the layer 3 VPN is to connect the device back into the corporate network, providing data-in-transit security for corporate traffic.

Both of these BYOD 1.0 components have a drawback—they are umbrellas that protect and manage the entire device, rather than zeroing in on just the enterprise data and applications on that device. Since these are usually dual-purpose (work/personal) devices, this device-wide approach causes issues for both workers and for IT.  Employees don’t like that BYOD 1.0 imposes enterprise controls over their personal devices, applications, and information. One of the most commonly cited examples is that of the employee who leaves a company and has his device wiped by the organization, losing photos of his family along with the enterprise data and applications. People are also concerned with the privacy of their personal data under a BYOD 1.0 scheme.

From an IT perspective, organizations agree—they don’t want to have to concern themselves with personal data or applications. As soon as they manage the entire device or simply connect that device to the corporate network via VPN, that personal traffic also becomes an IT problem. While BYOD 1.0 helps to enable the use of personally owned devices in the enterprise, the device-level approach certainly has its challenges. BYOD 2.0 seeks to solve these shortcomings. The shift from BYOD 1.0 to BYOD 2.0 builds on many of the concepts developed during BYOD 1.0, adding a new set of frameworks that enable IT organizations to wrap enterprise applications in a security layer.

Throughout BYOD 1.0, F5 has provided connectivity for mobile devices into enterprise networks with VPN functionality, most commonly through iOS and Android versions of the F5 BIG-IP Edge Client. This layer provides management capabilities as well as functionality such as authentication and authorization, data-at-rest security, and data-in-transit security, among others.

BYOD 2.0 builds on the BYOD 1.0 foundation but makes a substantial shift from a device-level focus to an application-level focus. BYOD 2.0 seeks to ensure that the enterprise footprint on a personally owned device is limited to the enterprise data and applications and nothing more. This means that mobile device management is supplanted by mobile application management (MAM), and device-level VPNs are replaced by application-specific VPNs. These application-specific VPNs include technology such as BIG-IP APM AppTunnels, a single secure, encrypted connection to a specific service such as Microsoft Exchange.

With this approach, workers are happier than with BYOD 1.0 because the enterprise manages and sees only the enterprise subset of the overall data and applications on the device, leaving the management of the device itself, and of personal data and applications, to the device’s owner. IT staff prefer the BYOD 2.0 approach for the same reasons—it allows them to concern themselves only with the enterprise data
and applications they need to secure, manage, and control.

BYOD 2.0 and the aforementioned application wrapping frameworks are changing the dynamic in the mobile space. By combining mobile management functionality and access functionality into a single offering, these wrappers give enterprises a mobile IT solution that extends from data and applications on the endpoint into the cloud and data center.

Introducing F5 Mobile App Manager

mam F5 Mobile App Manager (MAM) is a mobile application management and access solution that securely extends the enterprise to personal mobile devices. It manages applications and secures data while satisfying the needs of employees and enterprise IT departments. For IT, it limits the burden associated with securing and controlling personal data and mobile use. For employees, it safely separates personal data and use from corporate oversight. F5 MAM is a complete mobile application management platform offering security, management, and compliance for BYOD deployments. It is a true enterprise device, data, and information management solution that fits the needs of the mobile enterprise better than MDM solutions.  F5 MAM includes a suite of business productivity applications and capabilities to separate and secure enterprise mobile applications while providing end-to-end security.

F5 MAM Workspace Organizations and employees both want the ability to segregate professional and personal information. F5 MAM Workspace is an innovative solution allowing enterprises to truly create a virtual enterprise workspace on a wide variety of mobile devices. With MAM Workspace, individuals can have separate sectors and associated policies for their personal and enterprise uses of a device. This enables IT to control how employees access key corporate information while ensuring that employees maintain the freedom to take full advantage of their mobile devices.  The secure MAM Workspace can be protected by a password or PIN that is independent of the device password. IT can also reset a user’s MAM Workspace password, lock down a user’s MAM Workspace, or wipe the Workspace in the event of a policy violation.

F5 MAM App Wrapper Organizations can also add their own applications to the secure workspace. Organizations have the ability to add any application to the secure, IT-controlled environment. In addition, there is zero need to recompile to create a secure application. F5 MAM App Wrapper scans the existing code in third-party apps, identifies any security vulnerabilities, and injects new proprietary code. This wraps and secures the app for manageability and deployment.

F5 MAM Connect Email is one of the most critical communication tools for organizations and employees alike. No email, no work.  F5 MAM Connect is a secure, wrapped personal information manager (PIM) client that integrates with Microsoft Exchange and delivers enterprise email, calendar, contacts, tasks, and notes to the employee. MAM Connect offers EAS synchronization, global address list integration, secure storage, and networking
and is fully managed via the MAM management console.

F5 MAM Browser The F5 MAM Browser is a secure and managed browser delivered within MAM. It provides employees with a full-featured browser, separate from their personal browsers, with the control IT needs for secure browser access. It facilitates integrated blocked and safe lists without reliance on proxies, provides controls for enterprise proxy configuration, and allows administrators to push configuration via the web-based MAM portal.

Whether organizations are prepared or not, BYOD is here, and it is transforming enterprise IT. It can potentially provide organizations a significant cost savings and productivity boost, but it is not without risk. F5 provides strategic control points for mobile applications from the endpoint to the data center and to the cloud, enabling unparalleled security, performance, and agility. F5 Mobile App Manager helps organizations make the leap to BYOD or transition from controlling the entire device to simply managing corporate applications and data on the device, solving the work/personal dilemma.

With F5 Mobile App Manager, BYOD 2.0 is now a reality.

ps

Related:

Technorati Tags: f5,byod,smartphone,mobile,mobile device,risk,research,silva,security,compliance
Connect with Peter: Connect with F5:
o_linkedin[1]  o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Wednesday, February 13, 2013

In 5 Minutes Guest Edition - BIG-IP LTM Integration with Quarri POQ

In this very special Guest Edition of In 5 Minutes, see how easy it is to integrate Quarri POQ with BIG-IP LTM in less than 5 minutes to provide comprehensive protection of web sessions and content for managed and unmanaged endpoints.

ps

Related:

Technorati Tags: f5,big-ip,ltm,in5,quarri,video,silva,security,web security,v11.3

Connect with Peter: Connect with F5:
o_linkedin[1]  o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Tuesday, February 5, 2013

Is BYO Already D?

As in Done, Dead, Doomed...Defeated. 

About a year ago I wrote BYOD–The Hottest Trend or Just the Hottest Term just when #BYOD was burning up the #trendingtopics.  Since then, BYOD has become one of the most talked about IT challenges and at the top of many enterprise initiates for 2013.  Most industry pundits and analysts alike believe BYOD is here to stay and will have a major impact both on business and how we use our personal mobile devices.  Now, as more organizations investigate and deploy BYOD solutions, some unforeseen costs are starting to toss BYOD for a loop.

A number of recent surveys, research and analysis indicate that the perceived cost savings might be a mirage.  The Aberdeen Group says BYOD could cost organizations 33% more than a IT owned mobile device plan.  iPass' Q4 Mobile Workforce Report, suggests organizations are not considering long term costs of BYOD and Damovo UK's survey of 100 IT Directors, 73% feel that BYOD costs will 'spiral out of control,' with 69% skeptical that the BYOD shift will actually reduce support costs.  And Xigo, a provider of cloud-based expense management, reported that while cost savings is a top goal for BYOD programs, most respondents (67%) said their mobile expenditures had not changed with 25% saying their costs rose. Finally, in a survey by Lieberman Software, most respondents (67%) said BYOD would increase IT and security costs.

Why all the gloom?  Many of the cautions involved the basics: airtime, data plans, volume discounts, network capacity, support (staff & software) and ongoing compliance.

Obviously, if a mobile device has now added 'work productivity tool' to it's list of duties, it might need to move into a higher monthly service plan, which might be expensed back to the company (along with the cost to process that report).  The device itself was probably acquired at retail or discounted with a term contract verses part of some corporate volume discount.

Another area is pure bandwidth.  In essence, everyone gets to add another node to the network.  A powerful device at that.  Network usage, WiFi connections, access rules, overall access management and the rest, most likely will go up.

Support - in all areas - is yet another conundrum.  The devices and unique configuration of each; the software required to secure, manage and often license the device; AAA management; IT bodies focused on BYOD; policy & risk management; overall complexity; loss of data; enter your own challenge here _________.

As with all technology trends, there will be hiccups along the way.  Remember that thing called The Cloud?  We are in the BYOD 1.0 realm and need to move into the BYOD 2.0 era -  a shift from managing the entire device to only managing the corporate data and applications on the device.  My guess is that BYOD will go thru some growing pains but will eventually settle in as just another way we use our devices and access data.  While 'cost' might be the initial bait, over time the benefits will look more like productivity and flexibility rather than TCO/ROI.

What do you think?  BYO Done or Dawning?

ps

Related

 

Connect with Peter: Connect with F5:
o_linkedin[1]  o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]