Tag Archives: Firewalls

My latest Gartner research: Market Share: Unified Threat Management (SMB Multifunction Firewalls), Worldwide, 2016

24 April 2017  |  …Growth by Region: Unified Threat Management (SMB Multifunction Firewalls), Worldwide, 2013-2016 (Percent) 2-1 Total Unified Threat Management (SMB Multifunction…Size: Unified Threat Management(SMB Multifunction Firewalls) by Segment…

Gartner clients can access this research by clicking here.




Facebooktwittergoogle_plusredditpinterestlinkedinmail

My latest Gartner Research: Market Share: Unified Threat Management (SMB Multifunction Firewalls), Worldwide, 2015

The UTM market grew 18% to $2 billion in 2015, with strongest growth in Emerging Asia/Pacific and Greater China. Hillstone Networks and Huawei had the largest growth. Strategic planners should pay attention to these providers and higher-growth regions and adjust business objectives accordingly. … …

Gartner customers can access this research by clicking here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] NASA, Dept of Defense, Commerce etc probed over use of backdoored Juniper kit

www.theregister.co.uk/2016/01/26/juniper_us_government/ By Chris Williams The Register 26 Jan 2016 A bunch of US government departments and agencies – from the military to NASA – are being grilled over their use of backdoored Juniper firewalls. The House of Representatives’ Committee on Oversight and Government Reform fired off letters to top officials over the weekend, demanding to know if any of the dodgy NetScreen devices were used in federal systems. Juniper’s ScreenOS software – the firmware that powers in its firewalls – was tampered with by mystery hackers a few years ago to introduce two vulnerabilities: one was an administrator-level backdoor accessible via Telnet or SSH using a hardcoded password, and the other allowed eavesdroppers to decrypt intercepted VPN traffic. The flaws, which were smuggled into the source code of the firmware, were discovered on December 17 by Juniper, and patches were issued three days later to correct the faults. The backdoor (CVE-2015-7755) affects ScreenOS versions 6.3.0r17 through 6.3.0r20, and the weak VPN encryption (CVE-2015-7756) affects ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] DNC: Sanders campaign improperly accessed Clinton voter data

www.washingtonpost.com/politics/dnc-sanders-campaign-improperly-accessed-clinton-voter-data/2015/12/17/a2e2e14e-a522-11e5-b53d-972e2751f433_story.html By Rosalind S. Helderman, Anne Gearan and John Wagner The Washington Post December 17, 2015 Officials with the Democratic National Committee have accused the presidential campaign of Sen. Bernie Sanders of improperly accessing confidential voter information gathered by the rival campaign of Hillary Clinton, according to several party officials. Jeff Weaver, the Vermont senator’s campaign manager, acknowledged that a low-level staffer had viewed the information but blamed a software vendor hired by the DNC for a glitch that allowed access. Weaver said one Sanders staffer was fired over the incident. The discovery sparked alarm at the DNC, which promptly shut off the Sanders campaign’s access to the strategically crucial list of likely Democratic voters. The DNC maintains the master list and rents it to national and state campaigns, which then add their own, proprietary information gathered by field workers and volunteers. Firewalls are supposed to prevent campaigns from viewing data gathered by their rivals. NGP VAN, the vendor that handles the master file, said the incident occurred Wednesday while a patch was being applied to the software. The process briefly opened a window into proprietary information from other campaigns, said the company’s chief, Stu Trevelyan. He said a full audit will be conducted. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] “Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic

arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/ By Dan Goodin Ars Technica Dec 17, 2015 An operating system used to manage firewalls sold by Juniper Networks contains unauthorized code that surreptitiously decrypts traffic sent through virtual private networks, officials from the company warned Thursday. It’s not clear how the code got there or how long it has been there. An advisory published by the company said that NetScreen firewalls using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 are affected and require immediate patching. Release notes published by Juniper suggest the earliest vulnerable versions date back to at least 2012 and possibly earlier. There’s no evidence right now that the backdoor was put in other Juniper OSes or devices. “During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections,” Juniper Chief Information officer Bob Worrall wrote. “Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS.” A separate advisory from Juniper says there are two separate vulnerabilities, but stops short of describing either as “unauthorized code.” The first flaw allows unauthorized remote administrative access to an affected device over SSH or telnet. Exploits can lead to complete compromise. “The second issue may allow a knowledgeable attacker who can monitor VPN traffic to decrypt that traffic,” the advisory said. “It is independent of the first issue. There is no way to detect that this vulnerability was exploited.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

My latest Gartner research: Invest Insight: Focus on Imperva

This research looks at various segments relevant to Imperva — Web application firewalls (WAFs), data-centric audit and protection (DCAP), cloud security, and cloud access security brokers (CASBs) — to provide the reader with the ability to assess the company’s prospects. Based in Redwood Shores, California, Imperva provides hardware and software cybersecurity solutions designed to protect data and applications in the cloud and on-premises. Customers use these solutions to discover assets and risks, protect information, and comply with regulations. …

Gartner clients can access this research by clicking here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

My Latest Gartner Research:Market Share: Unified Threat Management (SMB Multifunction Firewalls), Worldwide, 2014

The unified threat management market has grown by 11.0%, from $1.5 billion in 2013, to $1.6 billion in 2014, with the strongest growth seen in Western Europe, emerging Asia/Pacific and Greater China. 1 Market Size by Segment, Worldwide, 2011-2014 2 Market Shares by Vendor, Worldwide, 2013-2014 3 Definitions 1-1 Market Size: Unified Threat Management (SMB Multifunction Firewalls), by Segment, Worldwide, 2011-2014 (Millions of Dollars) 1-2 Total Annual Growth: Unified Threat Management

Gartner clients can access this research by clicking here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail