Detection of P2P Applications - April 2008

A peer to peer (P2P) application, such as BitTorrent, Kazaa, Napster, etc., is software where clients communicate directly with each other over a common network. The application acts both as the client as well as the server. A common use case of a P2P application is file sharing.  Simple file sharing has raised a lot of controversy and questions challenging the usage of P2P applications. An issue that has been raised is the legality of file sharing.

Many files that are being shared between clients do not have authorization of the copyright owner, making it illegal to transfer.  Also, the bandwidth consumption of P2P applications has caused a network delay for users. Computers running P2P applications are also vulnerable to data leaks simply because important information can be easily transferred over a network that may not be tracked or monitored. P2P applications have caused concern in network administrators, forcing them to disable P2P applications from gaining network access.

This document will outline two technologies in detecting P2P applications, client based and network based.

Download the white paper (PDF) »

C++ Superglue for Antimalware  Applications - August 2008

The growing number of anti-malware applications present interoperability and security management issues to IT professionals and programmers seeking a common language to classify and manage anti-malware features.

Integrators  conduct research for anti-malware application interfaces; this research is usually time consuming  and includes looking into dll header files, Command Line interface (CLI), C++ or COM API (if available) as well as other techniques, such as modifying registry keys, files and process monitoring.

This research is successful when the number of managed applications is limited to a few, but becomes an engineering challenge as the quantity of applications to be managed increases. This paper addresses the challenges and opportunities surrounding application management.

Download the white paper (PDF) »

Network Access Control Technologies - October 2008

Cisco, Microsoft and the Trusted Computing Group are battling to control the keys to locking untrusted endpoints out of networks. Whether you call the approach network access control, network admission control, network access protection, network node validation or trusted network connect, the premise is identical – systems should grant access to the network based on factors such as anti-malware protection level, personal firewall assessment, host and user authentication, location, and even time of day. This paper will:

• Review network access control technologies delivered by Cisco, Microsoft, Trusted Computing Group and selected non-standard-based solutions such as Nevis Networks and ConSentry Networks.
• Outline the partnerships between anti-malware companies and each one of the technologies, it will then outline the partnership process and the resources that would be required for each initiative.
• Compare the processes and list the technical, business and marketing advantages and risks of implementing each network access technology partnership.

Download the white paper (PDF) »