This week's security events include news of Symantec acquiring MessageLabs, a bumper edition of patches from Microsoft on Patch Tuesday, critical flaws found in ARCserve Backup, and a start-up launching a new virtual firewall.
Symantec acquire MessageLabs
Security giant Symantec announced last week that it will be acquiring MessageLabs for a total of $695 million in cash. MessageLabs is known for its hosted e-mail security filtering service, which will be added to Symantec's existing portfolio.
With 29 percent of the hosted e-mail filtering market, MessageLabs is the market leader and operates its services from 14 datacenters located around the globe. With no let-up in sight for the endless deluge of spam, Symantec expects the market to grow by 15 percent per year. This prediction appears to be reinforced by Google, who acquired competitor Postini for $635 in cash last year.
Symantec aims to leverage its MessageLabs acquisition to offer a hybrid security model in which both client-based server and managed services is used to offer the maximum protection. You can read more about the acquisition here.
Microsoft issues mega-patch
In one of the largest updates, Microsoft patched a total of 20 vulnerabilities, of which more than half were rated as critical in updates spanning Windows, Office, Internet Explorer, Host Integrated Server, and even Active Directory.
As expected, the Active Directory vulnerability was of particular concern, especially as it is a remote exploit. Its weakness appears to be "classical," in which malformed data packets can be used to compromise target system.
For the first time, Microsoft also included an "Exploitability Index" in which each vulnerability is tagged along with its likelihood to be exploited. The rating consists of a three-step system, and ranges from an exploit that will work consistently is likely, an exploit that will work on some systems, and an exploit is unlikely.
For more details, refer to the SANS site, which offers a detailed outline of the offerings, which can be accessed here.
Critical flaws in ARCserve Backup
Yet more critical flaws have been found in CA's ARCserve Backup software. This time, the flaws could either allow an attacker to take over an affected system, to at least affecting its stability. I don't know about you, but I've seen so many security patches and updates to this single product that I am hesitant to recommend it to anyone until CA gets ARCserve cleaned up properly once and for all.
If you already run CA ARCserve, you can check up its security notice here.
Start-up launches virtual firewall
If you haven't heard about it yet, startup Altor Networks launched its Alto VF firewall earlier this week. Now, what really caught my attention is that the Altor VF is a virtual firewall designed for VMware's ESX platform and installed on each physical server.
The idea behind this concept is similar, as this except from InformationWeek explains:
Enterprises can deploy traditional firewalls at the data center edge to manage access to VMs running on physical servers, but those firewalls are blind to traffic among VMs. Altor's software removes that blind spot. The software also can ensure that security policies migrate with VMs that are transported by VMware's LiveMotion to a new physical server.
Altor Networks also announced that its Altor VF will integrate with security products from other vendors, notably Juniper Network's IDP and ArcSight's security information management software.
The concept of implementing security for virtual servers is very new, yet not surprising since critics have long highlighted the notable lack of security on the inter-VM level. CEO Amir Ben-Efraim is optimistic that the market is lucrative and has the potential to "quickly hit $1 billion dollars."