Today an article, Vendors slow to patch OpenSSL vulnerabilities, in ITNews details that several key technology vendors are yet to fully patch against the OpenSSL cryptographic library used to secure networked communications.

This may come as a big surprise considering the amount of press that Heartbleed has had.

To patch all servers, ask all users to reset passwords can be time consuming. Indeed how many users also practise safe security?

An interesting discussion point is that there are certain tools out there that could make this a very easy process. Whilst one solution / device / practice does not ensure complete coverage it is interesting to note how one solution could have made this whole process easier.

Arbor Networks recently purchased an Australian company called Packetloop and have brought it into their stable under the name Arbor Prevail SA. This unique solution allows the security team to record potential threats before they have been formally identified.

Take Heartbleed. It had been around for around 18 months before it was identified as the Heartbleed exploit. Following this there was much discussion about resetting all passwords and patching all vulnerable servers. What if on the day the exploit was found, and all security devices were updated with this information, this exploit was able to be detected within your network going back over several months?

Arbor Networks Prevail SA can do just this. In fact, correctly deployed and capturing, the infected servers could immediately be fixed as administrators would know EXACTLY where to look. Problem fixed....well for now. At least this way the level of confidence is high that the vulnerable servers have been addressed. Sure, the rest of the servers will need to be patched in due course, but because of this historical data we can be sure what is and what isn't infected.

Additionally and more importantly not only can the servers be identified but ongoing interaction with these servers can be investigated. External or even internal connections have been captured and Prevail SA will categorically inform on all transactions, legitimate or illegitimate. The forensic investigation has in effect already been done. It is just a matter of pulling out the exact detail from the captured data to complete a report. Because of the 'big data' approach to the analysis all data is provided in an easy to digest format. There are no cumbersome PCAP files to dig through just simple and powerful visualisations that bring meaningful security context to massive amounts of data so you can identify threats in both real-time and from historical data sets.

For further information on Arbor Networks' solution set contact us at This email address is being protected from spambots. You need JavaScript enabled to view it..

Additional information on Arbor Networks' Prevail SA solution can be found here at http://www.arbornetworks.com/products/pravail/securityanalytics

 

 

 

About PlexNet

PlexNet is a dynamic company providing technical services and solutions to the Australian ICT marketplace.

The company’s founders have over 36 years of combined technical and sales experience. This ensures PlexNet is more than able to meet the needs of its current and prospective clients.

Over the last 15 years we have worked closely with many vendors and technology solutions and this experience defines what PlexNet is today. The demands of the IT and data communications industry across the Australian and global marketplace are constantly changing and we are fully cognisant of these changes and welcome the challenges they present

With major global partners such as NETSCOUT and Spirent Communications, and well supported by a number of other partners, PlexNet has an unparalleled solution and skill set.

Make Contact

­