Saturday, August 1, 2015

Tabula Rosa Systems - Five Top Email Sesucrity Products

============================================================
Email remains as a source of malware proliferation and is now rapidly become a vehicle of data leakage or exfiltration. Here is a summary from SC Magazine of five of the top products to secure your email!





================================================================

Good Netiquette to all!
================================================================


Email security
by Peter Stephenson September 02, 2014 scmagazine.com

GROUP SUMMARY:
We have seen email encryption for some years now, but in the face of inbound threats we have a new problem: unintended data exfiltration.
In the face of external email-borne attacks, email security should reflect the three basic aspects of security: confidentiality, integrity and availability, says Peter Stephenson.
This month we take a deep dive into email security. Looking at the products we have this year in contrast to last year's bunch we found that the new functionality is remarkable for its innovation and convergence with other, similar product types. Briefly, email gateways are more comprehensive than ever before and this is a big benefit to users.
The players this year are a mix of old and new. The old standbys, mellowed and matured by experience, have come up with some interesting new wrinkles on old themes. To reverse a metaphor, this is new wine in old bottles, surely a good thing if the vintner knows what it's doing. 
Old school email security was pretty much encrypt to outgoing email and stop the phishing attacks. Occasionally we would see non-repudiation and there were some specialized products that did things such as destroy outbound messages after some period of time. A lot of that functionality moved into data leakage protection and now, ironically, some DLP functionality is moving into email security gateways.
A good place to start is to get a bit of a handle on what we mean by email security, then. For that we referred to a paper called "Email Security Threats," written for SANS Reading Room by Pam Cocca. Ms. Cocca tells us that email security should reflect the three basic aspects of security: confidentiality, integrity and availability. She tells us that confidentiality means that email "...is protected from unauthorized access." Integrity means that "...it has not be modified or destroyed by an unauthorized individual." And, availability means "...ensuring that mail servers remain online and able to service the user community." We think Cocca is on the right track and we will use her definitions as our straw-man. (Incidentally, we recommend her paper which can be found with a simple Google search).
While this month's products do not particularly address availability, they certainly address the other two. And, if we reverse Ms. Cocca's availability definition a bit to reflect keeping our systems online and available in the face of external email-borne attacks, she's right on target. So, let's look at each of these criteria in the context of selecting a product to secure your email communications channel.
Confidentiality is simple...on the surface. We have seen email encryption for some years now, but in the face of inbound threats we have a new problem: unintended data exfiltration. We usually look to DLP systems for that, but why not look to our email gateway? Why not, indeed? And that is what at least one of this month's products does. So, to address confidentiality we should look for encryption - which needs to be easy to use and as transparent to the user as possible, including the users on both ends of the message - and we should look at how we might benefit from having some DLP functionality built in. How much, of course, is up to you and what tools you have currently deployed.
Attachments also can pose a confidentially issue. For that we tend to use something such as DropBox secured with some form of encryption, such as nCrypted Cloud. Some of this month's products address that requirement directly as well, adding both security and convenience to the mix.
Integrity is an extension, functionally, of confidentiality. By that we mean that achieving confidentiality in the ways we describe may very well address integrity as well. For example, if I encrypt an email and I ensure its integrity by applying a hash, tampering - decrypting attempts - may reflect in the hash. There are other ways to address integrity and it is important that you examine the product for some form of protection in this area.
Finally, we come to availability. We do not want inbound email-borne malware to affect our internal systems. To some degree, this also impacts integrity since databases may be altered by mail-borne malware attacks. One of the important - and traditional - functions of an email security gateway is thwarting these attacks, which may be the result of some form of phishing or infected (html) email. This aspect - the most important functionality traditionally and still extremely important - is critical to a good email security product and you should look carefully at how the tool accomplishes this protection as well as how effective it is.
So, that takes us to the end of our ramblings and to the succinct analysis by our lab. There are good products - old and new - in this batch and we commend them to you for your perusal. The group is small but, we believe, rather elite. On with the show!
All products in this group test
 ===========================================================

For a great email parody, view the following link:

https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618



==============================================
**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================

Friday, July 31, 2015

Tabula Rosa System's Product Of The Day - Tufin Secure Track Firewall Manager

=================================================================================================================

Tufin's SecureTrack™ is a comprehensive management solution for firewalls and additional network
devices. Today’s enterprise networks are complex and diverse, including thousands of firewalls,
routers, switches and load-balancers from multiple vendors. Because of frequent changes
required by networked enterprise applications, device configurations need to be constantly
modified, and have grown increasingly large and complex. SecureTrack provides security and
network engineers the visibility and insight to ensure that security policies are optimized to
enable business while meeting the most stringent security and compliance requirements. It
enables you to track and analyze network device configurations, optimize and recertify firewall
rules, design changes, and ensure continuous compliance across the network. Thanks to
powerful automation capabilities, customers report that SecureTrack cuts the cost of firewall
operations in half.
====================================================================
For a great email parody, view the following link:

https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618
==============================================**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================

Tabula Rosa Systems Security Alert - Cisco Releases Security Updates

=============================================================
National Cyber Awareness System:
07/30/2015 01:52 PM EDT

Original release date: July 30, 2015
Cisco has released software updates to address a vulnerability in Cisco IOS XE Software for ASR 1000 Series Aggregation Services Routers. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition.
US-CERT encourages users and administrators to review Cisco Security Advisory and apply the necessary updates.


===========================================================
For a nice laugh check out the link below for a video on reality email:
https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618
============================================== 
**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================

Thursday, July 30, 2015

Tabula Rosa Systems Blog Of The Day - Your E-mail Font Is Ruining Your Life!

=================================================================================================================
In this blog, in my published book and in my forthcoming book as noted below, I discuss the usage of fonts very thoroughly. I disagree with some of the comments in the article below as this blog and my email are both written with Arial as the font of choice but the comment of the other fonts are worth noting. 





====================================================================

Good Netiquette to all!
=====================================================================

For a great email parody, view the following link:

https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618

Your E-mail Font Is Ruining Your Life

 ====================================================================

 Your E-mail Font Is Ruining Your Life
designers ditch Helvetica and Arial (Helvetica's 'ugly bastard son'). You should, too.

Bloomberg.com July 27, 2015 — 2:10 PM EDT

Well, maybe not your life. But certainly your reputation with people of good taste. 
Helvetica, the hip font of choice for brands and typeface nerds, is the default font setting for Apple Mail. Gmail defaults to Arial, a font one designer called Helvetica's "ugly bastard son." If the browser doesn't support Arial, Gmail will use Helvetica instead.  
While Helvetica is beloved by design nerds for its neutrality, its uniformity and lack of consistent spacing make it hard to read in large chunks of text. "The letters are too close together," said Nadine Chahine, a type designer at Monotype. "That makes it too tight."
Arial, like Helvetica, has what font designers call "ambiguous" letter shapes that make it difficult to parse lots of words in a row. "If you imagine b, d, p, and q, those are letter forms that all the children always mess up. They are mirror forms of one another," font designer Bruno Maag said. "That feature is emphasized in a font like Arial, where the shapes are literally mirror forms."
See how the b and d mirror each other below, and how the space between the h and the e in Helvetica is slightly larger than it is between the t and the i? These may seem like nuances here, but both make the words harder to read when they're packed in great swatches of text and you're reading a lot of e-mail. 
And you are. Working Americans spend almost a third of the workweek checking and reading e-mail. In a 40-hour week, that's over 11 hours a week reading online communications in fonts that aren't doing our eyes any favors. 
E-mail "clients" — the programs you use to check your e-mail, like Gmail, Apple Mail, and Outlook — tend to favor sans serif fonts, in which the letters don't have end strokes, like Helvetica, Arial, and Microsoft Outlook's default Calibri. (Gmail, Outlook, and Apple Mail are the three most popular desktop email clients, a study of over 1 billion emails found.)
"It used to be, until relatively recently, that most readers in a corporate environment would not have very high-resolution screens," typographer Gerry Leonidas said. Simpler fonts, without all the details and design elements that come with serifs, would render cleaner on those lower-resolution screens. But "in the recent four or five years, we have significantly higher resolution to get good spacing, clean separation, so you don't get grayscaling of characters," Leonidas said. So e-mail clients no longer have to use sans serif fonts.
Under the weight of decades of history, though, they often default to them —  tragically, in Maag's view.
"The argument that a serif font is too fussy doesn't cut it anymore," he said. "You want a font where the letter forms are not ambiguous." Serif fonts, because of the additional stroke added to the ends of each character, tend to have that quality. See how the serifs in Georgia, below, give each letter its own character. 
http://assets.bwbx.io/images/iQrVMF812j_E/v1/488x-1.jpg
The key to a good font is legibility, a combination of speed, comprehension, comfort, and a kind of emotional acceptance of the font. The way the letters are shaped, the spaces between them, and the spaces within the letters themselves all determine how easy something is to read.
"When we read, we don't read letter by letter," Jose Scaglione, who designed Literata, the custom font for Google Play books, said. "We recognize a group of letters and recognize the interaction that exists between black and the white."
Bookerly, the new font designed by Maag for the Kindle, is a serif font, which many believe is better for reading long blocks of text, although there is much debate and conflicting research about its merits over its sans counterpart. "Each character shape is very unique," Maag said of Bookerly. "It creates a harmonious, varied word shape." According to internal tests done by Amazon, Bookerly reads 2 percent better than previous fonts on speed, comprehension, and emotional acceptance, Maag said.
Literata was designed with the same principles in mind. The designers elongated the ascenders and descenders —  the top of the d and the bottom of the p, for example — to improve recognition of word shape. They also made the characters a bit wider.
Although the daily grind often requires sifting through a novel's worth of e-mail, we interact with digital communication in a different way than we do books, and ideally fonts should reflect those varied experiences. Bookerly was designed for sustained reading of a single document and takes fatigue into account. For e-mails, we generally scan a couple of paragraphs. Having letters with wide, consistent spacing is most important for quick reading, the designers we interviewed said. A serif font will also make it easier to distinguish between letters. 
Even today, users don't have to subject their eyes to Helvetica's or Arial's blunted letter shapes. Gmail's preferences offer six additional fonts and customization of the width of the letters. Apple Mail has even more font options.
In fact, anyone who knows anything about fonts does change the settings. For his own e-mail experience, Maag likes Verdana (sans serif) or Georgia (serif), which both have more "open" shapes than Helvetica and Arial. Verdana, as you can see below, has more, and more even, spacing between letters. Scaglione also likes Georgia. Chahine has an affinity for Calibri and Verdana. Leonidas used to use Verdana but upgraded to HD screens and now uses a font called Input
Maybe it's time for e-mail clients to change the default settings. "I do believe that organizations can certainly improve lives by specifying better fonts, which of course has an effect on how you read your e-mail," Maag said.
Even better, what about giving the people a Bookerly for e-mail? "In theory, yes. A font for reading e-mails could be possible," says Scaglione. Dare to dream. 
 
==============================================**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================

Wednesday, July 29, 2015

Tabula Rosa Security Bulletin - Internet Systems Consortium (ISC) Releases Security Updates for BIND

=============================================================
National Cyber Awareness System:
07/28/2015 06:48 PM EDT

Original release date: July 28, 2015
ISC has released security updates to address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial of service condition.
Updates available include:
  • BIND 9-version 9.9.7-P2
  • BIND 9-version 9.10.2-P3
Users and administrators are encouraged to review ISC Knowledge Base Article AA-01272 and apply the necessary updates.



===========================================================
For a nice laugh check out the link below for a video on reality email:
https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618
============================================== 
**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================