Getting past 2 Factor Authentication

It was once believed that to be safe you just needed to require and or strengthen authentication. So, companies came up with 2 factor authentication. Today, cyber criminals have figured out how to get around it. Some of the same attributes are showing up here as well, they are 1. Sheer Volume, 2. Sophistication of the Attack, and 3. The ability to get around 2 factor authentication as part of a process. That process includes Malware, Rogue DNS, Android Malware, Phishing, spam, and etc.

Barrier1 integrates its 2 factor authentication functions with the rest of the Intelligent Learning Platform. BY using all components as a sensor Barrier1 uses key attributes to feed the on-board Dbase and thus used by the extensive suite of algorithms. This extensive and deep analytics delivers greater Effectiveness and Accuracy. All in real time.

Adding URL Filtering to a 5 yr. old platform

Adding another component such as URL Filtering to an already existing platform one would think would be common place by now. The reality is purpose built platforms were not designed with that in mind. When you adhere to standards and have a platform or system architecture that was designed as a component it makes sense in many ways.

In Barrier1 case, every aspect is treated as a component. The system architecture was designed to support additional components. In other words, it will not affect speed. As chips become continue to increase in number of cores and clock speed the overall performance just continues to go increase. Last, it brings new meaning to Return on Investment.

Barrier1 is one of the few platforms designed with those aspects in mind.

GameOver is not over- but back. So GameOn
Malware is mutating faster than ever. In addition Operation Tovar did not take down all of the Gameover Zeus Botnet as set out by the Lawsuit of several years ago. New versions are out and showing up.

New version now are really a process made up of several steps. An example is a Sandbox detector is installed. So, if you are using a Sandbox to detect forget about it. The Cyber Criminals will be able to detect the use and get around it. Barrier1 not only stops individual steps but has a series of checks and balances native to Barrier1 operation.

For further information see Barrier1 White Paper on how we stop GameOver.

Barrier1 secures Apple IPad for 1:1 Inititives

Barrier1 has introduced clientless security functions for the Apple IPad. In fact we are using these additional feature set on a 4 year old Barrier1 appliance.
A trend in k-12 education is having students receive a portable computer, Laptop or Tablet, to be used 24×7 during the school year. This is known as a 1:1 inititive. Barrier1 can now insure appropriate use by the students of Apple IPad 24×7 regardless of where they are using the device. Along with web content filter, Barrier1 will inspect all traffic for Virus, Malware, Trojans, and etc.

Another Cisco End of Life Product

It was recently announced by Cisco that there Web Application Firewall is now end of life. Web Application Firewalls are part of the PCI compliance requirements. It appears that Cisco policy of End of Life is now more about their own bottom line than the customers best interest.
It is time for a change. Barrier1 includes software enhancements as part of the yearly renewal program.

IP space is finally used up

IP space is finally used up. We are now faced with IPv6. Barrier1 has been IPv6 ready for over 5 years.

Barrier1 Replaces an Edge Router

Today I received a call about Barrier1 replacing a Cisco Edge Router. Sometimes what is an old case study becomes new again. Barrier1 has been doing this for over 3 years.

Barrier1 Tech Support Goes Beyond the Standard

Recently, a long standing customer had a hardware failure. Barrier1 tech support isolated the root cause to be the power backup unit. The voltage had been out of spec and had caused the outage.

Barrier1 NAC

Barrier1 NAC

Barrier1 is introducing NAC, network access control. NAC has been around a long time but seems to find its niche in a couple of select vertical markets. However, as the need for Mobility continues and access becomes more automated, we believe that inspection and protection of these devices will need to be an integral part Security Arsenal.

NAC will inspect individual’s devices for Installed and up to date Firewall and AV components and that they are completely patched and up to date with the latest rev. levels. Up until Barrier1 NAC, installation, administration, and over all usability was difficult and time consuming. Barrier1 has automated the entire process.

The Internet Freedom Dilemma

In 2006 the Global Internet Freedom Consortium (GIFC) was formed with the express purpose of developing software solutions to bypass Internet access controls in countries that repress free speech, access to news and non-censored information (China, Iran, Burma, etc). They have developed very effective and robust tools that, on a daily basis, are allowing millions of people to access the Internet as they see fit and without governmental interference. All of this is very good.

The dilemma occurs when these same tools are used to bypass controls put in place at schools, hospitals, banks, etc. In fact these tools can simply not be stopped by our competitor’s products. Lab testing shows that only 3 of 36 products tested are moderately successful in blocking these tools, and over time the tools modify themselves so what was once a successful protection now no longer works. After all, by US law schools still have to protect children, banks have to avoid theft and hospitals have to protect patient records.

The tools work on 5 levels:

  1. IP Blocking avoidance
  2. DNS Redirection avoidance
  3. Content Filtering avoidance
  4. Anti-virus/malware/spyware avoidance
  5. Computer Access Restriction avoidance

In our research at Barrier1 we have determined that there are 3 weaknesses to the way these tools implemented these strategies and that we can effectively block their use now and into the foreseeable future.

The dilemma we face at Barrier1 is:

1. Do we provide our technology to these repressive governments?

Option 1 is what our competitors are doing, but is unacceptable to us since we will have failed through our actions to protect those who cannot protect themselves.

2. Do we not protect our customers in legitimately protecting their organizations?

Option 2 is also unacceptable since we would have failed to protect our customers through inaction.

We have determined to take a third path to resolve our dilemma is to:

  • Keep the technical details of our solutions private.
  • Make our solution available to only our customers and distribute the software in such a way so it cannot be reverse engineered.