Archive for the ‘Developments’ Category

Push Technology

Tuesday, June 2nd, 2009

Network Box has recently launched a further improvement in the delivery system for all updates, upgrades and operating systems used by the Network Box system.

Since its launch, Network Box has focused on optimising its PUSH technology, as the best way to get security updates onto the devices providing the protection PUSH Technology provides three primary advantages over PULL:

1) Speed – Reduces latency (the time from when the update is available until when delivery commences) to a minimum.

2) Acknowledgement – Allows for the provider to be certain that updates are installed and activated correctly.

3) Optimization – Provides for optimization of the update system, from the provider’s point of view
(making the most optimum use of the provider’s network for delivery of updates , in both resource utilisation and source of updates).

Real world experience with PULL vs PUSH also backs up the clear statistical and mathematical analysis. PUSH Technology, quite simply, offers the best way to deliver updates to the signatures and code on protection devices.

We are pleased to announce that on 20 May 2009, we completed the migration of all our NOCs to our new patented HQPUSH system. This new system offers improved performance and optimisation of PUSH updates. It allows us to continuously, and concurrently, monitor all our sources of security signatures, and to PUSH out changes within seconds. With this new system, updates are currently being installed on regional NOCs within 3 seconds of their release, and on all end-user Network Boxes, globally, well within our targeted 45 seconds from release. This is orders of magnitudes faster than the industry standard.

For further information, please see our PUSH Technology white paper at here.

Posted in Developments | Comments Off

A thorn in the side of spammers?

Monday, May 18th, 2009

We’ve just gone live with what we think is a game-changing anti-spam system, eMail Relationship Manager. This week, we’re rolling the new system out across all our clients; our beta tests over the last four months have shown that the new system will almost entirely eradicate spam (99.5 per cent, as opposed to the usual 95-98 per cent of current spam filters).

It has become clear that existing methods for identifying and blocking spam – broadly speaking based on message content analysis, challenge response and sender reputation – are untenable, and the problem is now at a scale where it is causing real problems for email users and anti-spam systems. Given the volumes of spam sent these days, 95-98 per cent effectiveness just isn’t enough.

So, we started working on a new system that changes the way spam is classified, detected and treated, by applying learning from the behaviour between a message sender and recipient. This is in addition to, and not instead of, the usual filtering techniques. eMail Relationship Manager analyses historical information about the relationship between sender and recipient, checking against a central database that is updated continually, to judge the likelihood of an email being spam. Each email is given a score, based on the trust and strength of the relationship between sender and recipient, and message type. The usual content and reputation analysis is then applied to that message. If a message of a trusted sender is identified as displaying unusual behaviour, like coming from the wrong country, then the system will flag this up as a change in behaviour and adjust the score returned appropriately.

The only real way to combat spam is to chip away at the incentive for spammers to send it. If they have to prove a trusted relationship between a sender and recipient, then it’ll make their job that bit harder.

Posted in Developments | Comments Off

Launch of New Customer Portal

Monday, May 11th, 2009

Tomorrow  (12th May 2009), Network Box will be launching a new Customer Portal (Box Office) providing customers with a single, powerful web-based user interface for the management of one or more Network Boxes, at a country, regional or global level.

The new Box Office Customer Portal will provide real-time status of Network Box devices and, as before, allows for formalised two-way communication with the Network Box Network Operation Centres (NOCs) responsible for monitoring and configuration of the equipment and network.

Users will be able to monitor their network security via a single overview page showing a world map marking all Network Box installations, Virtual Private Networks (VPN) and management links. The map is customisable and can show boxes, Internet connectivity and VPN links. Pop-up displays allow the user to summarise device status, and hot-links are provided for connection to other parts of the network.

Please note that this migration will take place between 00:00 GMT and 02:05 GMT where there maybe upto 5 minutes of outage time. PUSH updates and NOC service/support will not be affected by this.

Five core modules
The portal offers five core modules to users.
1.    Ticketing – this shows customers and NOC initiated tickets and their status. This forms the primary communications channel between the customer and the NOC as it provides formalised issue tracking, Service Level Agreement (SLA) conformance, and authenticated access control to change and configuration requests.  Also included is a deployment survey module, that allows users to track the information requirements stage of deployments, including gathering the information necessary for deployment, using online collaborative tools.
2.    Inventory – this shows box ownership and status and includes a health module, which is connected to the Network Box Global Monitoring System (GMS), to show box, gateway and VPN link health status.
3.    Licensing – showing the SLA agreements and contractual arrangements
4.    Workload statistics – showing box workload and trend analysis
5.    User management module – permitting designated customer administrators to view and maintain Box Office user accounts themselves (without requiring NOC involvement). This module permits the customer greater control of management of the team supporting global deployments.
For more information on the new portal, there is a user manual (4.4MB) here.

Posted in Developments | Comments Off

User Interface upgrade

Wednesday, April 29th, 2009

Customers logging on to the user interface of their Network Box will see a host of improvements. A new look and feel with easy to use tabs allow us to provide greater functionality, from control of the SSL VPN functionality to certificate management. The aim is to make it easier to manage security settings, and to simplify reporting..

More details can be seen here.

As ever, we welcome your feedback.

Posted in Developments | Comments Off

2009 – the breakthrough in the battle against spam?

Tuesday, January 13th, 2009

2008 was a record year for spam and viruses. Our estimations are that an average business in the UK had to block 1.2 million spam messages and resist 6.3 million attacks to its firewall. The figures are astounding. And yet, spam continues. The only reason this can be is that some people, somewhere, respond to it – they trust the sender, or they are still unaware of the risks it poses.

2009 will be an interesting year in the fight against spam. We’re seeing a game-changing shift in the way spam is identified, and therefore blocked. The only really effective way to combat spam is to render it useless to spammers. We’ve been developing a way of detecting and blocking spam that analyses not just content and IP address, but by applying learning from email user behaviour and relationships, to understand which emails the recipient actually wants, and which are spam.

At the moment, there are three main ways to protect against spam: analyse the message content; assess the reputation of the sender; and apply challenge response (putting the onus onto the email sender to accept a challenge from the recipient, to prove who they are). None of these are 100 per cent effective, and challenge response used on its own has been unsuccessful because senders don’t go through the authentication process.

But analysing and learning from the behaviour of both the sender and recipient of the email is a really interesting development in the fight against spam. One thing that is obvious is that with the vast majority of spam, there is no relationship between the real sender and the recipient. If you can deduce that, then spammers have to create a relationship and that changes the game. So if you understand behaviour of the sender and recipient, you can apply that understanding to assess whether an email is spam. There are a number of ways to understand behaviour:

  1. Maintain a central database to store existing email accounts. This means that genuine email from the user’s address book are white-listed, assuming they pass the usual tests of content and sender’s reputation. This records and analyses historical information about the relationship and queries new or ‘odd’ behaviour. So, for example, if a contact usually based in Hong Kong suddenly starts sending emails from Russia, it may be queried.
  2. All relationships are defined using a score based on sender + recipient + attributes analysis, and given a score based on the trust and strength of the relationship.
  3. The system also learns from user behaviour. For example, if the email user A sends an email to email user B, then the system understands that user A trusts user B, and therefore will strengthen the score of trust in that relationship.
  4. If an email relationship is scored as low, then there are number of options open to the system, depending on its configuration. It can quarantine the email and notify the recipient (it can be released with a single click from the recipient if required);  challenge the sender to confirm their identity; or defer the email.

These techniques, combined with existing analysis techniques, could herald the real breakthrough we’ve been waiting for in the fight against spam.

Tags: ,
Posted in Developments | Comments Off