Monthly Archives: April 2011

CWCS Launch Cloud Hosting

Posted on by
Reply

CWCS Managed Hosting has invested heavily, in the region of £100,000, in the setup of its cloud environment and will continue to invest in the future to ensure that it can deliver the best possible cloud solution to its customers. The lightening fast CWCS Cloud, hosted on VMware vSphere HA with HP hardware is available on both Windows and Linux platforms and offers high availability, 100% uptime guarantee and no single point of failure.

Using the best virtualisation platform on the market – VMware, its cloud solution is self-healing with automatic failover, offering a resilient and redundant cloud solution for mission critical websites and applications.

It’s public cloud allows you to have a VPC (Virtual Private Cloud) in a multi-tenant environment which gives you the flexibility and freedom to scale your resources up or down depending on demand, ensuring your site or application can cope with any spikes in traffic, giving you a scalable solution at your fingertips.

For more complex hosting solutions, CWCS can cater a private cloud environment to suit your business requirements. It can also configure a hybrid cloud solution if you require the best of both private/public platforms or if you want to use the power of a dedicated server and the flexibility of the cloud, combined to produce a highly optimised hybrid solution.

CWCS Cloud Hosting has a range of server management options, all backed by 24/7 telephone and email support by experienced technical engineers based at its two privately owned data centres. CWCS monitor all its systems and routinely upgrade the infrastructure, providing high availability and enabling you to scale resources instantly.

For more information on the CWCS Cloud or to request a Cloud Hosting quote, call their sales team on 0845 203 1000 or visit http://www.cwcs.co.uk/cloud-hosting.

Recommended Hosting Providers

Posted on by
Reply

Choosing the right host is like choosing the right rental apartment because your web site will be “living” on somebody else’s infrastructure. If you’re an online business then you’ll need guaranteed uptime, scaleability, support and a competitive price.

Cloud hosting is the cutting edge of hosting technology – it’s a revolution in how web sites are delivered over the internet and it’s a technology that all online businesses will look to leverage in the near future because it’s simply a more efficient, cost-effective way of hosting.

We want to Review Your Service!

Are you a cloud hosting provider? Do you have a product you want us to tell the world about? You can gain free publicity and traffic from this site if we like your product. Contact paul[at]cloudhosting.co.uk and we’ll do a full review of your service.

2010 IBM X-Force Report

Posted on by
Reply

IBM have released results from its annual X-Force 2010 Trend and Risk Report, highlighting that public and private organisations around the world faced increasingly sophisticated, customised IT security threats in 2010.

Based on the intelligence gathered through research of public vulnerability disclosures, and the monitoring and analysis of more than 150,000 security events per second during every day of 2010, key observations from the IBM X-Force Research team included:

  • More than 8,000 new vulnerabilities were documented, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.
  • The historically high growth in spam volume leveled off by the end of 2010. This indicates that spammers may be seeing less value from increasing the volume of spam, and instead are focused on making sure it is bypassing filters.
  • While overall there were significantly fewer phishing attacks relative to previous years, “spear phishing,” a more targeted attack technique, grew in importance in 2010. This further indicates that cyber criminals have become more focused on quality of attacks, rather than quantity.
  • As end user adoption of smartphones and other mobile devices increased, IT security departments have struggled to determine the right way to bring these devices safely into corporate networks. Although attacks against the latest generation of mobile devices were not yet widely prevalent in 2010, IBM X-Force data showed a rise in vulnerability disclosures and exploits that target these devices.

Vulnerability Disclosures Growth by Year

IBM documented more than 8,000 new vulnerabilities, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.

“From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day,” said Tom Cross, threat intelligence manager, IBM X-Force. “The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical.”

In conjunction with this year’s report, IBM is launching the IBM Institute for Advanced Security in Europe to combat growing security threats in the region. The IBM X-Force report stated that in 2010, nearly a quarter of all financial phishing emails targeted banks located in Europe. It also identified the UK, Germany, Ukraine and Romania among the top 10 countries sending spam in 2010. This Institute joins its predecessor in Washington, D.C., focused on U.S. clients.

A new section in the IBM X-Force Trend and Risk Report is dedicated to the security trends and best practices for the emerging technologies of mobile devices and cloud computing.

Total Mobile Operating System Vulnerabilities

As end user adoption of smart phones and other mobile devices increases, IT security departments have struggled to determine the right way to bring these devices safely into corporate networks. Although attacks against the latest generation of mobile devices were not yet widely prevalent in 2010, X-Force data shows a rise in vulnerability disclosures and exploits that target these devices.

Cloud Computing — The report highlighted a shift in perception about cloud security as adoption continued to evolve and knowledge around this emerging technology increased. Since security is still considered an inhibitor to cloud adoption, cloud providers must earn their customers’ trust. This is achieved by providing an infrastructure that is secure by design with purpose-built security capabilities that meet the needs of the specific applications moving into the cloud. As more sensitive workloads move into the cloud, the security capabilities will become more sophisticated. Over time, IBM predicts the market will drive the cloud to provide access to security capabilities and expertise that is more cost effective than in-house implementations. This may turn questions about cloud security on their head by making an interest in better security a driver for cloud adoption, rather than an inhibitor.

Mobile Devices — Organisations are increasingly concerned about the security implications of personal mobile devices used by employees. Organisations must ensure control of their data regardless of where it is, including employee-owned or business-issued smartphones. In 2010, IBM X-Force documented increases in the volume of vulnerabilities disclosed in mobile devices as well as the disclosure of exploits that target them. The desire to “jailbreak” or “root” mobile devices has motivated the distribution of mature exploit code that has been reused in malicious attacks. Nevertheless, malware is not yet common on the latest generation of mobile devices and most IT professionals view the data stored on them and how that can be misused or lost as the main security threats associated with these devices. According to the IBM X-Force Report, best practices for mobile security are evolving with enhanced password management and data encryption capabilities.

Additional trends highlighted in the report included:

The new, sophisticated face of cyber crime — From a security standpoint, 2010 is most remembered as a year marked by some of the most high profile, targeted attacks that the industry has ever witnessed. For example, the Stuxnet worm demonstrated that the risk of attacks against highly specialised industrial control systems is not just theoretical. These types of attacks are indicative of the high level of organisation and funding behind computer espionage and sabotage that continues to threaten a widening variety of public and private networks.

A significant decline in phishing — If the IT security world is looking for a victory to chalk up in 2010, they should consider the relative decline in phishing attacks. Although phishing attacks still occurred, the peak volume of phishing emails in 2010 was less than a quarter of the peak volumes in the previous two years. This may indicate a shift toward other, more profitable, attack methodologies such as botnets and ATM skimming. Despite this decline, spear phishing, a more targeted attack technique, grew in importance in 2010, as meticulously crafted emails with malicious attachments or links became one of the hallmarks of sophisticated attacks launched against enterprise networks.

Spam volumes peaked, and then leveled off — In 2010, spam volumes increased dramatically, reaching their highest levels in history. However, the growth in volume leveled off by the end of the year. In fact, by year’s end, spammers seemed to go on vacation, with a 70 percent decline in traffic volumes occurring just before Christmas and returning early in the new year. Has the market for spam become saturated? It is possible that there are diminishing returns associated with increasing the total volume of spam, and spammers are starting to focus more on bypassing spam filters.

Web applications accounted for nearly half of vulnerabilities disclosed in 2010 — Web applications continued to be the category of software affected by the largest number of vulnerability disclosures, representing 49 percent in 2010. The majority represented cross site scripting and SQL injection issues, and the IBM X-Force data showed that these vulnerabilities are being targeted by attackers. According to the report results, every summer for the past three years there has been a globally scaled SQL injection attack some time during the months of May through August. The anatomy of these attacks has been similar across the board, targeting .asp pages that are vulnerable to SQL injection.

A secure by design approach can improve security — IBM X-Force has determined that taking proactive steps to evaluate web application security and improve development and quality assurance processes can result in a significant improvement in the security of web application software. The report included data showing that web applications scanned for vulnerabilities often showed significant improvements upon being retested – exhibiting less than half of the number of particular classes of vulnerabilities, on average, the second time they are assessed. This encouraging information points the way toward sustained improvements in Internet security.

Nearly half of vulnerabilities remain unpatched — To help prevent attackers from exploiting vulnerabilities, organisations must focus on shortening the window of time between vulnerability disclosure and patch installation. Forty-four percent of all security vulnerabilities had no vendor-supplied patch at the end of 2010. However, even in cases where patches are made available on the same day that a vulnerability is publicly disclosed, there may be a significant gap in time before those patches are installed on vulnerable systems. Computer criminals often privately develop exploits that target publicly disclosed security vulnerabilities, and use those exploits to launch attacks. Later, when these private exploits have ceased to be valuable as attack tools, they are publicly disclosed. The IBM X-Force report data showed that exploits are often publicly disclosed tens or hundreds of days after the vulnerabilities they target. If it is taking a long time for these exploits to surface, it may be taking a long time for networks to patch.

Continued growth of Internet botnets — IBM X-Force saw an upward trend in Trojan botnet activity during 2010. This growth is significant because despite increasing coordinated efforts to shut down botnet activity, this threat appeared to be gaining momentum. However, IBM X-Force’s data did illustrate the dramatic impact of a successful effort in early 2010 to shutdown the Waledac botnet, which resulted in an instantaneous drop off in observed command and control traffic. On the other hand, the Zeus botnet continued to evolve and constituted a significant portion of the botnet activity detected by IBM X-Force in 2010. Due to its extreme popularity with attackers, there are hundreds, or even thousands, of separate Zeus botnets active at any given time. The Zeus botnet malware is commonly used by attackers to steal banking information from infected computers.

About the IBM X-Force Trend and Risk Report

The IBM X-Force Trend and Risk Report is an annual assessment of the security landscape, designed to help clients better understand the latest security risks, and stay ahead of these threats. The report gathers facts from numerous intelligence sources, including its database of over 50,000 computer security vulnerabilities, its global Web crawler and its international spam collectors, and the real-time monitoring of 13-billion security events every day for nearly 4,000 clients in more than 130 countries. These 13-billion events monitored each day – more than 150,000 per second – are a result of the work done in IBM’s nine, global Security Operations Centers (SOC), which is provided as a Managed Security Service to clients.

With more than 40 years of security development and innovation, IBM is the only company with the breadth and depth of research, products, services, consulting and global business partners to deliver end-to-end security. IBM has nine worldwide research labs innovating security technology and nine security operations centers around the world to help global clients maintain the appropriate security posture.

GraphOn Corporation Unveils GO-Global Cloud

Posted on by
Reply

GraphOn Corporation, a leading worldwide developer of application virtualisation and Web-enabling solutions, have announced the launch of GO-Global Cloud.

Taking application virtualisation to the next level, GO-Global Cloud is a heterogeneous software platform that makes it easy and cost-effective to create a large-scale, secure, private cloud environment that centralises Windows, UNIX, and Linux software applications for cross-platform, remote access by authorised users running Windows, UNIX, Linux, Mac OS X, or any Flash-enabled Web browsers.

GO-Global Cloud is an advanced software platform that protects valuable applications, documents, and data in the customer’s secure data center, while allowing authorised users to intuitively access and share the applications and documents from just about any local, remote, or mobile device via simple hyperlinks. It gives IT management the flexibility to support the growing “bring your own device (BYOD)” trend, while providing administrators with the tools they need to efficiently control user rights and privileges.

“With today’s announcement, we’ve transitioned from host-client application delivery to a secure, private cloud platform for applications, documents, files, and more,” said Asaf Doron, GraphOn vice president of product marketing. “GO-Global Cloud is a cross-platform, feature-rich solution that offers load balancing, clustering, active directory support, centralised management tools, and much more, thereby allowing our customers to scale to larger and more flexible deployments using a single product.”

GO-Global Cloud also provides corporate Web developers with a Web application programming interface (API) that can be used to integrate Windows and Linux applications into Web-based enterprise and workflow applications.

“The GO-Global Web API opens most of our capabilities to the Web developer,” continued Doron. “We want our customers to use our technology and embed it into their systems. Web developers can now interact with remote applications and GO-Global Hosts, open and close sessions, and manage users from their existing Web applications. We enable much more than a side-by-side solution does. We’re offering true integration with Web applications.”

GO-Global Cloud, available for immediate delivery, consists of three components: GO-Global Host, GO-Global Cloud Server, and GO-Global Cloud Client.

  • GO-Global Host
    Virtualises and stores existing applications, allowing users to run them from a distance as through they were installed locally. GO-Global Windows Host 4, available since July 2010, virtualises Windows applications. GO-Global UNIX Host 4, to be announced in the near future, will virtualize UNIX and Linux applications. (GO-Global for UNIX 2.2 is currently shipping as a standalone solution for UNIX/Linux application virtualisation.)
  • GO-Global Cloud Server
    Available for immediate delivery, provides a high-availability, secure gateway to GO-Global Hosts. It provides administrators with controls to monitor and manage clusters of GO-Global Hosts supporting thousands of users. The controls and capabilities can be accessed through the GO-Global Cloud Server’s user interface, or alternatively through the GO-Global Web API for easy integration of applications and workflows.
  • GO-Global Cloud Client
    Available for immediate delivery, provides a refreshed, more intuitive user interface. Offered as a native client or a Web browser plug-in, GO-Global Cloud Client is used by local and remote users to access GO-Global Hosts, and by administrators to manage GO-Global Cloud Server. The Client runs on Windows, UNIX, Linux, and Mac OS X computers, as well as portable devices. Alternatively, users and administrators can connect from any platform by simply using a Web browser that supports Adobe Flash 9 or later.

“GO-Global’s support of any Flash-enabled browser is a key benefit for our customers,” said Doron. “Without it, users often struggle to access applications because they don’t have rights to install a required plug-in, or firewalls and proxy servers prevent the connection. We’ve solved this problem by developing the technology needed to display and interact with applications via Flash. This means that as new mobile devices and tablets come to market, users and administrators will have increased flexibility to utilise these devices with GO-Global.”

Doron also hinted at forthcoming dedicated support for portable devices. “We’re developing new technologies for future releases that will support tablets and other mobile devices with optimized native clients and unique features,” he said.

GO-Global Cloud is yet another technological milestone for GraphOn. The company entered the market with a remote access solution for UNIX and Linux applications. Next, it expanded its cross-platform solutions with Web-enabling software for Windows applications.

“By unveiling GO-Global Cloud, we continue our tradition of advanced, yet easy-to-use, cross-platform connectivity solutions,” noted Doron. “For our customers, today’s announcement opens the door to new business opportunities, including private cloud hosting, software as a service, seamless integration with existing web applications, and more.”

GO-Global Cloud Benefits

  • Access from anywhere. Applications and documents can be accessed from any location, even across firewalls and proxy servers. Users can view, edit and share documents whether or not they have the corresponding application installed on their computer or mobile device.
  • Scalability and load balancing. GO-Global Cloud provides high-availability load balancing and centralised management of large GO-Global Host server farms.
  • Security. User connections are enabled via a multi-layered security system, including smart card authentication support. Applications and documents never leave the secure GO-Global Host.
  • Control. Administrators can set user and group permissions and publish different applications to different users.
  • Flexibility and customisation. The GO-Global Web API allows developers to integrate hosted applications with workflow applications without the use of the GO-Global Cloud user interface. They can programmatically start sessions, authenticate users, create user-private workspaces, move files to and from a workspace, start and stop applications, and monitor server usage.
  • Private virtual desktop infrastructure (VDI). Users and administrator can see a full desktop view of the Host in a private session. Administrators can manage the Hosts using a desktop view. When using VMs, they can configure GO-Global Cloud as a simple VDI, application delivery, and document sharing solution – all in one product.

Free 30-Day Trial

Companies wishing to evaluate GO-Global Cloud can apply for a free, 30-day evaluation copy of the entire GO-Global Cloud suite at www.graphon.com.

Founded in 1996, GraphOn Corporation is a publicly-traded company headquartered in Santa Cruz, California. The company is an innovator of cost-effective, advanced solutions that help customers access applications from anywhere. GraphOn’s high-performance software solutions provide fast remote access, cross-platform connectivity, and a centralised architecture that delivers a dramatically lower cost of ownership.

The company’s GO-Global solutions can be used with Microsoft (MSFT) Windows, IBM AIX, Oracle (ORCL) Solaris, Hewlett-Packard (HPQ) HP-UX, Linux, Apple (AAPL) OS X, and other operating systems.

For more information, visit www.graphon.com.