eSafe Helps Protect against Trojans Like Those Used in UK, US and Israel

Recently, we witnessed multiple Trojan attack reports from around the world. The most serious ones were hundreds of attacks on private businesses and government targets in the UK. Some of the attacks were with the intent of disrupting infrastructure, while others were commercial espionage in nature. At the same time, it was reported that a US credit card agency was circumvented using a Trojan. The attack resulted in millions (14-40M) of credit card account details being stolen and fraudulent transactions performed.

One of the most disturbing facts about Trojans is that unlike the real Trojan horse of Troy, we will not see an oversized animal figure. In fact, we will not see anything since the Trojan creators will do everything they can to hide them from us. There could be cases where Trojans are active but remain hidden for many months. On the other hand, the Trojan sender would definitely be able to access information. In fact, they could see everything on the infected PC and then some.

There are some systems, such as eSafe, which can block about 70 percent of previously unknown Trojan horses, even without a specific signature. The advanced methods used to proactively block Trojan horses are (all blocked methods are widely used by malicious code writers):

• Identifying spoofed senders (masquerading as fellow employees).
• Blocking dangerous file types including spoofed file type detection.
• Identifying code disguise.
• Identifying code and objects attempting to exploit security vulnerabilities in attempt to automatically execute attached files.
• Filtering malicious email scripts, etc.

For more information on how eSafe can help protect your customers and prospects against Trojans and other threats, contact your eSafe representative or visit: http://www.Aladdin.com/eSafe

eToken 16-bit SDK 3.60 Now Available
eToken 16-bit SDK 3.60 enables eToken solution partners to incorporate strong eToken security into their boot protection applications, requiring users to plug their eToken devices into the USB port and authenticate with the eToken password in order to boot their computers.

The eToken 16-bit SDK extends the complete eToken SDK offering (Windows 32-bit and Linux), providing integration of eToken in the pre-boot environment. It enables applications to detect the eToken as a USB device and transfer data to and from the device in real mode (before the operating system loads).

The eToken 16-bit SDK 3.60 is enhanced with new features and additional functionality including the following:

• Supports all current tokens including new devices eToken PRO 64K and eToken NG-OTP
• Supports extended APDUs, in accordance with ISO 7816-1 to 4 standards
• Enables reading of certificates on the eToken in real mode, enabling stronger pre-boot authentication
• Supports 2048-bit RSA keys

Beta Version of eToken WSO 1.3 Released
The latest version of eToken Web Sign-On has been designed to enhance performance and usability and includes the following:

• Support for eToken PRO 64K and eToken NG-OTP tokens (CardOS 4.20 based devices).
• New editable comments section added to WSO profiles.
• Enhanced capabilities for limiting user accessibility to key profile data stored on the eToken.
• Enhanced help file including a Quick Start Guide for first usage, built into the WSO client installation.
• Automatic conversion of WSO profiles created by previous WSO versions.

eToken WSO enables easy, convenient and secure storage and management of all of your web logon and access credentials. Users' personal web form credentials can be securely saved on the eToken smartcard and accessed only by the users themselves.

The GA release of WSO 1.3 is tentatively scheduled for the end of August, 2005.


GA Release of eToken OTP Authentication Solution for Citrix MSAM
The eToken OTP authentication for Citrix MSAM solution now enables secure Web-based access to the Citrix Presentation Server with eToken OTP strong authentication - anytime, anywhere. eToken OTP authentication for Citrix MSAM is comprised of the eToken OTP Authentication solution and the eToken Citrix MSAM RADIUS Client 1.0.

Please note that eToken offers certificate-based authentication to the Citrix Presentation Server as well, either with a certificate through the ICA client, or through the Web with SSL authentication using the secured Citrix Web Interface (WI).

The eToken Citrix MSAM RADIUS Client is installed on the Citrix Access Gateway, and enables OTP-based strong authentication to the Citrix Presentation Server.

Contact your Aladdin representative for more information.
 
 
 


eSafe 5 - Meeting the Changing Market Needs
The latest release of eSafe 5 comes at a time when the content security environment is undergoing dramatic change. The threat focus has shifted from email viruses to spyware, and IDC estimates doubling of the anti-spyware market in '04-'05, which already stood at 283% growth in '03-'04. eSafe has responded in kind.

With eSafe 5, users get the most comprehensive, multi-layered security against spyware, including new features such as: blocking spyware downloads, spyware communication blocking, spyware cleaning, and more.

Individual spam/spyware management is another important capability in anti-spam products and eSafe 5 delivers this to their customers. It includes daily spam quarantine reports, instead of the usual spam emails reaching the inbox. This report lists all spam messages received over the past 24-hours and provides an option for the user to correct any false positives.


eSafe Appliance Bundle Available
eSafe Appliance Bundle is now available for SME customers with up to 1,000 users. The bundles make it simpler for a partner to sell and implement a complete eSafe solution with the hardware appliance and included services and add-ons such as URL Filtering, Advanced Anti-spam and AppliFilter. The bundle is a non-compromised solution which includes all the unique eSafe security features. The bundle is available as preinstalled and preconfigured eSafe Gateway, eSafe Mail or eSafe Web with license packs for 100, 250, 500 and 1,000 seats.

For more information, contact your Aladdin representative.

Q: Is there a way to create WSO profiles that cannot be viewed or edited after they are created?

A: With WSO 1.3 (which will be released in Q3 2005), you can save a WSO profile that cannot be viewed or edited once it is created.

This can be very useful for administrators who would like to provide users with secure Web access, for example to an internal portal, and would like to make sure that only authorized users with their eToken devices can gain access - without the need for a PKI (i.e. using password-based access with WSO rather than certificate-based Web access). The administrator can create a logon username and password for each user, and save these credentials on the user's eToken in a WSO profile that is restricted from viewing and editing. Since users do not know what their logon credentials are, they must use their eToken for access.

The option to restrict a WSO profile from viewing and editing is given as part of the profile saving process. Once set, this option cannot be changed.

Of course, users can still use WSO to create and manage their own, unrestricted profiles, thereby taking full advantage of the WSO capabilities.




Q: What are the causes of eSafe Cluster failing to work properly and how can I fix this?

A: When the eSafe Cluster is installed in lab conditions, sometimes traffic may fail. Version 5.1 of eSafe introduces a new feature, "Cable Control." This feature is intended to find faults in the infrastructure which may cause a machine to stop working, such as a faulty network cable. If any such fault is found, the machine is disabled from the cluster. This is done by monitoring the network traffic arriving to the interface. In a real network, there is always some type of traffic. However, in a closed lab, or in any test environment, this is not necessarily the case. There may be extended periods in which there is no network at all. Should a machine be left as a last cluster, or should a single machine be installed with clustering capabilities, it may fail in such closed environments.

Solution: Either generate constant artificial network traffic, or disable the "cable control" feature of eSafe when testing the cluster in a lab. To disable it, go to esafenipca.ini. In ALL of the eSafe nodes, set:
[Load Balancing] CabelBControl=no

Send us your questions/comments for topics you'd like to see covered in "Ask the Expert." If we use your question, we will send you a free gift.

Product News:

College invests millions to tighten digital security - The Dartmouth Staff

Aladdin readies automated spyware neutralization - Computer Business Review

Settlement Agreement Affirms Aladdin's Rights Over USB Token Patent

eSafe 5 Offers Powerful New Approach To Enterprise Spyware Protection

eSafe Does Network Security in Layers - Intranet Journal

---

Corporate News:

Aladdin Knowledge Systems Reports Record Quarterly Earnings

---

Market News:

Hackers Score Big by Thinking Small - Computerworld.com

Somebody's Watching You - CFO.com


For the latest news visit the Aladdin Press Room.

New eSafe5 Sales Kit Available
These kits will provide you with high-end, professional materials which are designed to energize channel excitement and sales around the new eSafe5 solution. Each kit contains sales and marketing tools that can be immediately put to use for internal education, as well sales literature, including:

• eSafe family brochures
• Sell sheets
• eSafe Sales Tools CDs
• eSafeman poster
• Special eSafe giveaway
• eSafeman T-shirt

Contact your local Aladdin representative for more information.

New eSafe Brochure Hot off the Presses
The new eSafe5 brochure is now available, providing an updated overview of the eSafe product family. Read the latest on eSafe's anti-spyware, anti-spam and much, much more. Click here to visit the brochure download page.

Get Your New eSafe Sales Resources CD
The new eSafe sales tools CD contains a collection of eSafe information, documents and tools and is available to partners and distributors. It includes the latest white papers, presentations, sales tools and technological papers.
 
 

ISA Success Story
Check out the latest eToken success story describing implementation of the eToken strong authentication solution at the Israel Securities Authority. Click here to read.

Sign Up for the New eToken Certification Course
The eToken Certification Course gives you all of the tools you need to install and support Aladdin eToken, and to leverage eToken capabilities and potential in the market. The course provides you with the technical and conceptual knowledge for integrating eToken in existing environments, and includes extended practical exercises (hands-on sessions) for deepening your obtained knowledge.

Contact your local Aladdin representative for details and to register for the upcoming course.