http://fiercemarkets.tradepub.com/free/w_ai05/pf/w_ai05.pdf
White Paper: Five-Step Plan for Securing your Enterprise WLAN
AirTight Networks, February 2007

Wi-Fi misuse, abuse, or attack can cause financial harm; an effective network defense now requires the ability to control all wireless activity that impacts your business. This paper, developed by Lisa Phifer for AirTight Networks, decomposes the challenge of securing an enterprise WLAN into five essential steps and recommends best practices to ensure the safety and integrity of today's enterprise networks.

http://www.wi-fiplanet.com/tutorials/article.php/3667586
WPA PSK Crackers: Loose Lips Sink Ships
Wi-Fi Planet, March 23, 2007

Either version of WPA can stop wireless eavesdropping -- with one big caveat. The encryption keys upon which they depend must never be disclosed. That's where PSK crackers come in. In this tutorial, Lisa Phifer explains how PSK crackers work and suggests ways to mitigate this risk for home WLANs.

http://searchnetworking.bitpipe.com/detail/RES/1173126666_544.html
Webcast: Blurring the boundaries - Tying wireless security to wired LANs
SearchNetworking, March 28, 2007

In this webcast, Lisa Phifer discusses how to effectively mitigate wireless-specific threats while efficiently leveraging existing network security policies and infrastructure investments, from combining remote access security practices with new wireless host tools to complementing conventional vulnerability assessment with new wireless IPS and unified security event management systems.

http://searchsecurity.bitpipe.com/detail/RES/1173127684_69.html
Podcast: How wireless voice will impact wired network security
SearchSecurity, March 28, 2007

Many companies already know how to move private VoIP traffic over corporate Ethernet LANs. But how will running VoIP over wireless LANs impact the security policies and technologies used within corporate networks? In this podcast, Lisa Phifer considers some of the challenges that lie ahead.

http://searchnetworking.com/tip/0,289483,sid7_gci1245043_tax305878,00.html
Tip: Using VLANs to control wired and wireless traffic
SearchNetworking, March 15, 2007

Today, many business networks rely on VLANs to partition Ethernets and control destinations reached by each worker. As users begin to shift between Ethernet and Wi-Fi throughout the work day, it makes sense to apply VLANs to both wired and wireless. In this tip, Lisa Phifer describes common methods for mapping Wi-Fi stations onto corporate VLANs and suggests when you might want to do so.

Unified Threat Management

http://informationsecurity.techtarget.com/magItem/0,291266,sid42_gci1245604,00.html
Boxed In: Enterprise UTM
Information Security Magazine, March 2007

Unified threat management (UTM) appliances which integrate (at least) firewall, IPS, and antivirus onto a single platform, have long appealed to SMBs. But does UTM have a place in the enterprise? In this InfoSec feature, Lisa Phifer interviews four enterprises about their UTM experiences.

http://searchsecurity.com/tip/0,289483,sid14_gci1247072,00.html
Fighting Spyware with Unified Threat Management
searchSecurity, March 27, 2007

Winning the war against malicious spyware requires a layered defense, applied at the desktop, server and network edge. In this tip, Lisa Phifer considers how unified threat management (UTM) appliances can help to defeat spyware at network and workgroup perimeters.

http://searchsecurity.bitpipe.com/detail/RES/1174057962_653.html
Webcast: UTM - The New Breed
searchSecurity, March 28, 2007

Today, nearly every firewall vendor claims to deliver UTM. However, it can be quite challenging to make apples-to-apples comparisons when trying to select a UTM appliance. In this Webcast, Lisa Phifer explores the services and features provided by many of today's UTM products, including those designed for enterprise deployments.

Mobile Security

http://searchmobilecomputing.com/tip/0,289483,sid40_gci1243728,00.htmlu
Mobile devices: Corporate security strategies
searchMobileComputing, February 14, 2007

At the Gartner Wireless and Mobile Summit 2007, analysts painted a scary picture for companies grappling with mobile/wireless security. In her latest searchMobileComputing tip, Lisa Phifer reports on business needs and strategies for securing mobile wireless devices.

Network Access Control

http://searchnetworking.bitpipe.com/detail/RES/1173818310_333.html
Webcast: Fitting NAC Into Your Corporate Network
SearchNetworking, March 15, 2007

NAC makes it possible for companies to exert control over corporate network access based on endpoint security profiles. Reaching that point requires making some far-reaching decisions about network architecture. This Webcast, Lisa Phifer explores where NAC policy enforcement points can be placed, and how to integrate them with existing remote access and LAN security solutions.

http://searchnetworking.bitpipe.com/detail/RES/1173890854_893.html
Podcast: NAC Appliances -- Shortcut to Managing Network Access
SearchNetworking, March 15, 2007

In this Podcast, Lisa Phifer discusses why NAC appliances are quickly becoming popular, how they fit into network architectures, and how they compare to full-blown infrastructure NAC strategies for managing network resource access.

http://searchnetworking.com/tip/0,289483,sid7_gci1245936_tax305874,00.html
Tip: Using NAC to strengthen your SSL VPN
SearchNetworking, March 15, 2007

Given that SSL VPNs can be used from unmanaged home or public PCs, it is critical to assess the remote endpoint's security when deciding whether to permit access to corporate resources. Here, Lisa Phifer explores why NAC functions are used to strengthen SSL VPNs, and their relationship to industry initiatives like TNC, NAP, and NAC.

Dave Piscitello's Blog

Dave's web log has a new domain name! While all past blog links at hhi.corecom.com will remain reachable, please bookmark this blog's new domain name: http://www.securityskeptic.com

http://www.securityskeptic.com/arc20070201.htm#BlogID592u
Migrating to Mac: Exploring OS X network assessment utilities
SecuritySkeptic, February 26, 2007

Dave describes his experiences migrating his network assessment and security "tool kit" from Windows XP to Mac OS X, and some of his early experiences exploring the world of network assessment utilities that complement many popular Open Source network and security utilities with Mac's friendly UI.

http://www.securityskeptic.com/arc20070201.htm#BlogID590
Testing Recursive Name Servers for IPv6 and EDNS0 Support
SecuritySkeptic, February 12, 2007

Last month, Dave wrote about the need to test firewalls to determine whether they could correctly process IPv6 addresses and the use of EDNSO in DNS message exchanges to prepare for the inclusion of "quad A" records in the root hint and root zone files, and how this led to his SSAC committee's call for community participation to extend testing beyond his "skunk works" efforts. In February, Dave and SSAC/RSSAC colleagues formulated a new set of tests for resolvers, and called on the community to assist in testing recursive name servers.

http://www.securityskeptic.com/arc20070301.htm#BlogID603
Adding AAAA RRs of root name servers to hints and root zone files
SecuritySkeptic, March 26, 2007

After months of testing and even more months of deliberation and debate, the RSSAC and SSAC committees have forwarded a recommendation to IANA recommending that AAAA records of root name servers be included in the root hints and root zone files and that both type A and type AAAA records be returned in DNS priming responses from root name servers (irrespective of whether IPv4 or IPv6 transport is used). Here, Dave summarizes the contents of this report and reflects on the time and talent invested.

http://www.securityskeptic.com/arc20070301.htm#BlogID600
KisMAC for the Mac OS X
SecuritySkeptic, March 7, 2007

Dave describes his experiences installing KisMAC, a handy wireless LAN discovery, security, and network assessment utility for Mac OS X fans.

-----------------------------------------------------------------

Cornerstone is an electronic publication of Core Competence, Inc. If you do not wish to receive future issues, please reply to this message or send email to cornerstone@corecom.com with the word "remove" in the subject line or message body.

For additional information about Core Competence, visit our web site http://www.corecom.com
For past issues, visit our CornerStone page http://www.corecom.com/html/cornerstone.html
Send us a subscribe message to receive future issues of CornerStone.