_________________________

Shaun Hummel is the author of Network Planning and Design Guide and has a web site focused on information technology job search solutions and certifications.

Article Source: EzineArticles.com

ALIST: Johnnie Konstantas of Altor Networks

After our one-week hiatus from the ALIST series, we turn our attention back here to profile a key executive at Altor Networks. Johnnie Konstantas has a long track record of technical and marketing leadership success at leading companies such as Juniper Networks, CheckPoint, and most recently, Varonis Systems. Now, she leads the charge to market Altor Networks’ virtualization security products. Let’s get right to the interview…

Name: Johnnie Konstantas
Title/Role: Vice President of Marketing
Company: Altor Networks
Product Focus: Security for virtual data centers and clouds
Twitter Handle: @altornetworks

1. What is your company’s flagship product, and why is it important for security purposes?
Altor Networks’ flagship product is Altor VF – an industry first purpose-built firewall that offers comprehensive security of virtualized networks and the hypervisor. Now in it’s third major release, the Altor solution protects virtualized servers and the platform they run on from unwarranted access and malware without impacting throughput or virtualization’s scalability (i.e. vMotion, DRS).

2. What areas of security are most important to you professionally, and which do you enjoy working with most?
Virtual network and cloud security impact me most at the moment, since it’s my current charter to educate the market on the risks and mitigation strategies. After [having spent] 16 years in the market, there are a lot of areas which fascinate me, although I have to admit that, in this place I find myself now,  there is extreme gratification in seeding and educating a market on what you know to be imminent risks. You feel a little like Steve Carrell playing Noah in Evan Almighty, trying to convince the townspeople to come to the boat.

Evangelism: Explaining Virtualization Strategy Akin to Noah's Quandary

3. What is the most common security challenge you are brought in on to help fix on behalf of customers?
Restoring the virtual environment to a compliant or compliance-acceptable security posture is the biggest driver to Altor deployment at the moment. People virtualize their servers and then someone asks “How are we going to demonstrate access control enforcement and separation of duties?”

4. How do you see Cloud Computing, virtualization, and Social Media affecting security in the coming months?
Enterprises of all sizes are shifting their workloads to virtualized platforms in droves. When they do, the questions start flowing: How do I demonstrate compliance? How do I segment my resources? How do I control VM sprawl and mitigate security risks? There are available products and approaches, but the degree to which they preserve virtualization’s savings vary, so I suspect there will be a rush to educate and implement. To the extent that clouds may use virtualization as their platform, the net effect is the same. How do I protect my business and my customer’s assets?

[Companies need] corporate guidelines in play regarding what can be shared outside the firm via social media outlets, which largely requires that  people know the right thing to do. That effort is largely a focus on  building and “socializing” (pardon the pun) proper use policies.

5. Tell me what your most pressing security concern is over the next 1-2 years.
I worry that, in a rush to build green, efficient, data centers, well-intended folks who are short handed and following corporate mandates may shortchange security in the architecting of these new networks. I worry that my personal information maybe more at risk in the next two years than it is today.

6. How do you stay abreast of the latest market developments in your space? Shows, social media, RSS, etc.
All of the above. It is imperative to leverage the “groups” features of the various social media outlets so that you not only get the latest breaking stories, but for me as a marketeer, I need to understand what the prevalent attitudes are about a company, a market, a trend, etc.

7. In closing, give us one idea you have about security that everyone should consider. Your “Golden Egg”, so to say.
Assuming that you are using some sort of cloud service (and chances are good you are, i.e. Gmail, Hotmail, Salesforce), make sure you know what protects your piece of the cloud from someone else’s? What one measure, policy, or guarantee can the provider make to you?

ALIST: Rick Basile of Fortinet

Welcome to the third installment of our ALIST series. Today we offer you Rick Basile, the Senior Director of Technical Services for Fortinet.  We want to thank our friend Jennifer Leggio (@mediaphyter), Strategic Communications Director at Fortinet and Social Business blogger for ZDnet, for helping us arrange this interview with Rick.

Name: Rick Basile
Title/Role: Senior Director, Technical Services
Company: Fortinet
Product Focus: Entire security product portfolio
Twitter Handle: @fortinet

1. What is your company’s flagship product, and why is it important for security purposes?
Our flagship product is our FortiGate security appliance line, a hardware platform allowing enterprise companies to deploy multiple security applications, i.e. IPS, firewall, VPN, antivirus, and so on, in a more manageable security solution. Our consolidated security approach allows for a more secure, cost-effective, and easy-to-manage solution for our customers.

2. What areas of security are most important to you professionally, and which do you enjoy working with most?
Network perimeter based security; [which is] the ability to help corporations control access into their infrastructures, as well as controlling what intellectual assets and behaviors are allowed out of their infrastructures. This can be done with our FortiGate product line as a multifaceted security appliance, or our FortiMail secure messaging product, which allows for the mitigation of inbound SPAM and threats and also intelligent encryption of sensitive data leaving the infrastructure.

3. What is the most common security challenge you are brought in on to help fix on behalf of customers?
The most common security challenge for customers is looking for an enterprise-wide posture and policy. It’s my job to help them secure their infrastructures against internal and external threats. While our product set is all about the ability to consolidate, it does not minimize the need for a layered security policy. We help our customers determine where those layers need to be in the infrastructure.

4. How do you see Cloud Computing, virtualization, and Social Media affecting security in the coming months?
As more enterprises investigate leveraging cloud computing environments to store and manipulate their data, they have to be confident that these providers are ensuring the segregation and security of their data and resources from unwarranted access.  Beyond these basic concerns in choosing a cloud computing environment, I also have concerns around the ability of an enterprise to have confidence in their continued control of their intellectual property.  As an example, should an enterprise choose to leave one cloud computing vendor for another, how would they know that their data truly leaves with them?  What mechanisms are being put in place to guarantee the revocation of that data from a vendor’s cloud?

On the social media side, these social networks don’t just offer a security risk from malware exploits or unwanted access, they present risks on authenticity of information as well. Information mishandling is another concern against which companies need to protect.  As these social media outlets grow, it is becoming increasingly challenging to ensure that users are going to the authoritative owners of the data for their information.

5. Tell me what your most pressing security concern is over the next 1-2 years.
My most pressing concern is around people focusing more on being compliant than on being secure. Compliance is what drives a lot of buying cycles, but being secure should be first and foremost when they look at what they are going to deploy and how they are going to deploy it. Compliance is clearly important, but you have to make sure you are secure as well.

6. How do you stay abreast of the latest market developments in your space? Shows, social media, RSS, etc.
I spend a lot of time researching and working with our own research analysts and product and development teams. Most of what I do to stay abreast is working directly with customers in pre- and post-sales situations. I also get to spend a lot of time with analysts in the space, learning what they are hearing from their customers.

7. In closing, give us one idea you have about security that everyone should consider. Your “Golden Egg”, so to say.
When considering a security solution, ask yourself, “What are the assets you are trying to protect? What are you trying to accomplish?” Don’t get lost in trying to purchase a solution on name alone. Even though I work for a vendor, it’s my job to best position our product line to actually address customer needs. Determine your requirements and your needs, and work with the vendor that best matches your requirements.

ALIST: Rob Andrews of Sonicwall

So let’s get this ALIST party started…

Name: Rob Andrews
Title/Role: System Engineer
Company: Sonicwall
Product Focus:
UTM Firewall
SSL VPN appliances
Email Security
Secure wireless

1. What is your company’s flagship product, and why is it important for security purposes?
The Sonicwall NSA E7500 is our enterprise class UTM (Unified Threat Management) Firewall.  It combines firewall, routing, IPS/IDS, gateway anti-virus, gateway anti-spyware, content filtering, IPSEC, and SSL VPN capabilities into one slim 1u chassis.  It’s the only appliance on the market that can deliver nearly 2 Gbps of UTM scanning at its price point.

2. What areas of security are most important to you professionally, and which do you enjoy working with most?
I suppose I am a bit biased, but I really enjoy working with my company’s products, but more specifically the Sonicwall NSA firewalls and SSL-VPN.  Building a secure network requires the basic building blocks – firewall and secure remote access.  Essentially, these devices are the gateway to your “kingdom,” and the network admin holds the “key”.

I find it gratifying in knowing that I control and safeguard access to my resources including where, when, and how; and I think a lot of other IT admins do as well.  Keeping undesirables off my network, whether it is due to access controls or threat prevention mechanisms (i.e. IPS), helps me sleep at night.  Sonicwall’s browser based management of the NSA line makes it super simple to configure firewall rules, intrusion prevention/detection policies, content filtering, and routing.  I find anyone that used to have to manage a PIX  falls in love with the simplicity and power of our GUI.

3. What is the most common security challenge you are brought in on to help fix on behalf of customers?

I have two common scenarios I’m engaged with.  Almost everyone knows they need a firewall to build a secure network, but how to decide on correct model, features, capacity, and functionality is where I assist.  There are a lot of 5+ year old firewalls installed out there that don’t meet the demands of today’s requirements, i.e. throughput, IPS, etc.

The other is when customers need to deploy a VPN solution.  Many folks are using an IPSEC solution for VPN access, and they’ve discovered that it doesn’t meet their evolving business needs for things like granular access control, end point interrogation, and browser-based access.  I find many customers have an idea of what they’d like for VPN access but aren’t entirely sure how to meet their requirements.

4. How do you see Cloud Computing, virtualization, and Social Media affecting security in the coming months?
I just had this debate internally with some colleagues.  Some are on the side that cloud infrastructures have more sophisticated individuals maintaining and looking at the security stack, while companies that house data internally have limited IT staff, so the “cloud” is therefore it is more secure.  On the other side of the fence, some argue that you are entrusting your data to a third party who may promise the world in security, but in the end, you have no real way of auditing what they are doing.  For most folks, it’s a balancing act.  If you have no idea what you are doing or how to properly secure your data (and possibly want someone else to blame when things go wrong), using cloud services is something you should consider.  If you’re on the opposite end of the spectrum…you have the tools and skill set…my recommendation is to approach cloud services with caution.

When it comes to virtualization, I’ve seen some folks take an interest in virtual firewalling.  I’d have to say this market is still relatively young and fits a certain niche of customers.  The issue with running a VM firewall is its overall performance.  If you are only using the VM firewall to do stateful inspection, it may not be such a big deal for you.  However, we know that most attacks are buried in the payload of allowed traffic. To do DPI (deep packet inspection) effectively, you need a dedicated UTM appliance so you can see reasonable levels of network performance.  We discovered long ago that x86 processors don’t scale well for UTM scanning.

With regard to Social Media, it is and will continue to be a source of malicious attacks and other threats.  I’m seeing more and more organizations restrict access to Web 2.0 sites with highly positive results, such as reclaiming network bandwidth and employee productivity.  We’ve already seen numerous issues with threats being propagated through Facebook, Myspace, and Twitter.  Anytime you have a place where you get a lot of traffic and information is easily and quickly distributed, there is room for the unscrupulous to take advantage.  This is part of the reason I limit my social networking consumption.  There are others, but that’s another story for another day.

5. Tell me what your most pressing security concern is over the next 1-2 years.
I have two concerns for your consideration.

The first how to get customers off old insecure technology.  I find far too many customers relying on antiquated, insecure, or (even worse) technologies that they believe are secure which, in fact, are not.  Unfortunately a lot of organizations are resistant to change, whether that be due to lack of expertise, laziness, budget, etc.  In the end, technology and threats evolve. You either keep pace, or you find yourself a victim or a target of attack.  For example, I recently worked with an organization that insisted on using WEP to secure their wireless infrastructure for hundreds of users.  Never mind the fact that WEP can be cracked in seconds by almost anyone.

Fallacy: Linux and Mac OS are inherently more secure than Windows

The other is what I would consider the “head buried in the sand” syndrome.  Too many individuals believe Linux and Mac operating systems are secure by default and don’t require any safeguarding.  Unfortunately, this myth is also further perpetuated by the media i.e. the Mac/PC commercials on TV. The worst part about this is the false sense of security it brings. Attacks and vulnerabilities have already been demonstrated against these systems.  While these platforms may not have as many vulnerabilities as Windows, they still have their own issues. As Mac continues to gain popularity, I’m confident we will be seeing more and more security issues for it.

6. How do you stay abreast of the latest market developments in your space? Shows, social media, RSS, etc.
For more “mainstream” type news, I use iGoogle and have about a dozen different gadgets that provide news feeds.  I also visit slashdot.org and hackaday.com on a daily basis, and  Sonicwall has an internal daily news bulletin with information from various sources that goes out to all employees. The folks over at insecure.org have a few different RSS feeds I subscribe to as well.

It’s almost alarming to see the rate at which vulnerabilities are discovered. If I want to read something on the plane, I’ll pick up a copy of Hakin9 or 2600.  Finally, I occasionally frequent sites like securitytube.net or the forums at remote-exploit.org.

7. In closing, give us one idea you have about security that everyone should consider. Your “Golden Egg”, so to say.
UTM should be on everyone’s checklist when it comes to firewall security.  There are far too many threats that are being propagated out there, because regular stateful firewalls are letting them through.  Securing your network is much more than closing ports, it’s also inspecting the allowed traffic through.  The best analogy I can use is a trip to the airport.  Would you let everyone that holds a boarding pass through security?  Or would you want to scan the payload of the passengers to ensure nothing malicious was brought on board?  Of course, we all know the answer there. This same approach needs to be taken for your network.

___________________________________________________________________

The Anue Systems Team wants to thank Mr. Andrews for jumping in as the first ALIST-er. We are still accepting requests to take part in this program from qualified technical sales / SE professionals at leading security tool vendors. If you wish to be considered for inclusion, please contact Tommy Landry at tlandry (at) anuesystems (dot) com.

SPoT: Justin Foster (@justin_foster)

As the second installment of our SPoT series, The Network View turns our attention to another Canadian Security Pro, Justin Foster (@justin_foster). Mr. Foster is employed by Trend Micro during working hours, and he also maintains his own independent blog, Developing Security. Go check out his Top 10 signs you are a Security Twit post from June 2009 for a quick chuckle. On that note…

Real Name: Justin Foster
Twitter Handle: @justin_foster
Top 3 Social Media/Networking Sites:
Twitter / LinkedIn / Security Bloggers Network

1. In which area(s) of security are you most involved?
I’m an Architect for Trend Micro focusing on IDS/IPS, Firewall, Integrity Monitoring, and Log Inspection. At work, I generally concentrate on network and endpoint security management. Personally, I’m interested in a wide spectrum of information security disciplines.

2. What security topics will be the most important in the next 18 months? Why?
Over the next 18 months, we will see the promises made in virtualized security become reality. Third party vSwitches and VMsafe-based appliances have the potential to dramatically change how compensating controls are deployed and what security vendors will be capable of. I also believe Security as a Service will introduce new products and product architectures.

3. Biggest Pet Peeve: Name one thing about Network Security that you wish business stakeholders would understand and why.
I think perimeter security is becoming increasingly irrelevant. We all know the perimeter is porous and the demands of mobile and Cloud computing require security applied much closer to the endpoint. What we sometimes fail to understand is how important it is to take advantage of that proximity and tailor the security policy to each individual endpoint.

4. Tell us why you became so active on Twitter and any other important social media outlets. What value are you getting?
I initially joined Twitter to keep pace with the news from the security community, but I quickly found it has so many uses. With Twitter I have had engaging open-ended debates, aided my research efforts, discovered new topics I wouldn’t have even known to look for, and found a wealth of security blogs to read. I use ongoing searches in TweetDeck to stay tuned to specific security and development topics; a technique that has paid off by saving me substantial time more than once.

5. Name one security peer whom everyone with an interest in Network Security should follow. (OK to name 2 if you can’t decide on only one)
Two people I would highly recommend are @andrewsmhay and @falconsview. Both live and breathe security and can always be counted on for a considered opinion or lively debate. Each is a prolific blogger and author, and it doesn’t hurt that they are both good people in real life as well.

6. What’s your take on security for social media and cloud services in general? Top concerns, overstated issues, etc.
Fundamentally, securing a highly interactive web application like Facebook or Twitter is extremely challenging. While we have seen significant exploitation of weaknesses in these applications, the fact that they are centrally deployed has resulted in extremely rapid remediation of the issues (sometimes within hours). Compare that to traditional software, and the benefits and drawbacks tend to balance out. When it comes to leakage of personal information, we all have to remember that anything we put into the Cloud is ultimately out of our control.

7. What are the top 3 real-world (i.e. live) events you’d recommend for networking with security professionals?
For sure RSA and BlackHat/DEFCON top the list, but it’s important to network with other security-minded people in your local community as well. Twitter is a great tool to carry on the conversation long after the convention or meeting has passed.

SPoT: James Arlen (@myrcurial)

Beginning this week, we are kicking off our new SPoT (Security Pros on Twitter) series, profiling security professionals who are present and active on Twitter. We will profile one SP each week through the rest of the summer.

Since Anue Systems  (@AnueSystems) first joined in on the Twitter fun, we have followed and interacted with a variety of folks, and these are the thought leaders who we’d turn to first with a specific, hands-on question regarding security of the internal network, the cloud, or even virtualized environments.

Without further ado, let’s get to it…

Real Name: James Arlen
Twitter Handle: @myrcurial
Top 3 Social Media/Networking Sites:
Twitter / LinkedIn / Liquidmatrix Security Digest!

1. In which area(s) of security are you most involved?
I used to be technical/tactical – IT Security. These days, I’m spending most of my time working on Organizational Security and Risk Management.

2. What security topics will be the most important in the next 18 months? Why?
Of key importance (of course) is going to be the increasingly porous “perimeter” which will surpass database flaws as the primary source of data breaches. Unfortunately, the vendors are not on our side and are not going to help solve the problem. It needs to be fixed at the employee/user level through increased awareness of the problem and active cooperation on solutions.

3. Biggest Pet Peeve: Name one thing about Network Security that you wish business stakeholders would understand and why.
The thing that is the hardest to explain is that the presence of a firewall isn’t going to save you (the business user) from your own foolish actions – the best preventative technological controls available can be bypassed by (a) 14 year old kids and (b) users doing what they feel is the best thing at the time. [Once more for effect] A firewall won’t save you from sending your customer list to 100 sales people and 1 ex-sales person’s Hotmail account.

4. Tell us why you became so active on Twitter and any other important social media outlets. What value are you getting?
The primary reason that I became active on Twitter is to have access to a peer group. The Canadian security space is fairly compact, and sometimes, having an international opinion is a great thing. And of course, [I'm there for] the fooling about and goofing off – Twitter is an outlet for stress as much as it is an inlet for knowledge.

5. Name one security peer whom everyone with an interest in Network Security should follow. (OK to name 2 if you can’t decide on only one)
Wow – it’s #FollowFriday! If you’re focused on Network Security, you should really be following @jack_daniel and @jjx. He’s a curmudgeon who generally cuts to the core of the issue FAST. She’s about as unlikely a security expert as you can imagine – short, blonde, southern accent – but if you’re mature enough to value people for their skill rather than the package, she’ll teach you a thing or two that you never expected. [The Network View has engaged with both of these security experts for inclusion in SPoT series as well.]

6. What’s your take on security for social media and cloud services in general? Top concerns, overstated issues, etc.
Security – for social media? I’m pretty sure there isn’t much of that. My simplest response is that you shouldn’t depend on social media to provide you with any security – if you’re not comfortable putting it on a postcard or wearing it on a t-shirt, you shouldn’t be posting it to a social media site. With regard to cloud security – ask @Beaker, I get all of my opinions from him.

7. What are the top 3 real-world (i.e. live) events you’d recommend for networking with security professionals?
The number one thing is to remember that for any event – from a local SIG all the way up to Blackhat or RSA - the most important thing to do is cruise the “Hallway Track”, get involved in conversations, and have an opinion. If you were coming to me and asking me where to spend your money – considering value for dollar – DEFCON, Shmoocon/SourceBoston/SecTor, and your local SIG. The big names (RSA and Blackhat) are awesome, but unless someone is covering the tab, they’re crazy expensive and you can get the same content at the second tier conferences for less money with better access to the speakers.

Now that we’ve taken a brief aside to share some application performance related blogs, let’s turn our attention back to Security. Today we offer another intriguing Security-centric resource:

SecurityFocus

SecurityFocus: Nice Community for Security Professionals

SecurityFocus wants to be a “one stop shop”, so to say, for everything security. While that is a tall order to take on, the site does provide a wealth of topics and resources that security-focused professionals will find worth of their time. In fact, the site dubs itself “The Largest Community of Security Professionals Available Anywhere”. And that’s hard to argue with, considering their monthly page view counts in excess of 18 million, and their 2.5 million unique visitors per annum. It doesn’t hurt that all of this is provided completely free of charge.

Since 2002, SecurityFocus has been under ownership by Symantec Corporation, but this website is in no way biased toward Symantec’s products or secretly pushing their objectives. The About Us page stresses repeatedly that their goal is to remain vendor neutral, and the site has retained full unfettered editorial autonomy even after the acquisition seven years ago.

They classify all of the written materials as “InFocus”, which is a suitable sub-brand for a site of its name. In addition to being able to sort by Columnists to review materials, InFocus topic areas include:

• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls

But the site is not just for content. In addition to the above InFocus materials, you can find the following on SecurityFocus:

• BugTraq Database: not searchable, but very in-depth
• Vulnerabilities Database:  searchable by Vendor/Version or CVE
• Mailing Lists: on nearly any topic you can conjure up in this area
• Jobs Database: for both applicants and employers (requires login)
• Tools Database: listing available tools and what to expect from those tools
• Beta Program: where companies can get vendor-neutral feedback on early releases from the security community

Another great feature of the site is that they accept submissions for new contributed articles. Anyone with security expertise can apply, so if you have something to say, why not throw your name in the hat? If you would like to make a submission, please do so as instructed below (excerpt from the site):

Submissions should include a short summary along with the author’s name, email address and contact information. All submissions should be in MS Word format and should be sent to: editor@securityfocus.com.

All-in-all, SecurityFocus does a great job of encouraging and incentivizing community activities for the betterment of all participants. The more I dug into the site, the more impressed I was with the resources they offer therein. This is one resource that security professionals should check out, bookmark, and frequent in the coming months.

Come back once you review the site and let us know what you think in the comments section. And if you know of another resource that is deserving of our attention, please feel free to reach out to us directly. Enjoy!