Calyptix Team Expands - AGAIN!

We are delighted to announce that we have expanded our business development and technical teams to support our growing partner base. Kristen Wild, Steve Wild and Terry Van Winkle join us after nearly two years of building a successful channel for StorageCraft in the SMB arena. We have also added in the technical area! These guys will supplement our current team as we respond to growing interest from partners and prospects across the midwest and west coast. Please make sure to stop by and see our new and existing team members at SMB Nation October 4-6 in Seattle.

Tell it to the Vendors!

Business Solutions is looking for VAR feedback on a fairly comprehensive vendor survey. I was pleased to see they included all vendors - not just the ones who advertise with them! At Calyptix we hate the dreaded "V" word (more later).

This is your chance to let your partners (including us) know how you feel about products, programs and service. Please feel free to spread the word. I can not vouch for the others - but we will be listening (it's in our DNA)!

The results will be in the January 2009 issue of Business Solutions with a feature of a Special Report titled the "Best (and Worst) Channel Vendors."
Take the survey. Business solutions is offering for those who complete the survey by Oct. 8 a chance for 11 prizes - 10 $100 Visa gift cards and 1 $500 Visa gift card. Take the survey here: www.BSMinfo.com/BestVendors

Calyptix in the Blogs

We have a new page on our main website: Calyptix in the Blogs.

It points to various community blogs that have mentioned Calyptix. We just created that page so it's not very complete yet — if you come across any other blog posts about us, let us know!

And at some point, we might create an RSS feed for that page.

Meanwhile, please check it out!

Aberdeen UTM Survey: Has Your Company "Unified" Threat Management?

Invest 15 minutes to help determine the future of all-in-one security by participating in an independent research survey on UTM devices sponsored by Aberdeen Group. Learn more.

New case studies: Trinity Episcopal School and Waypoint Solutions Group

We just added three new case studies to our Testimonials page — one from Trinity Episcopal School and two from Waypoint Solutions Group. They describe how both organizations have used the AccessEnforcer successfully in their environments.

Check them out — and the other case studies too if you haven't seen them!

Dan and Fred: thank you for your continued support and for participating in our case studies!

No Friday Funnies, sorry

Too busy crunching code..

Calyptix AccessEnforcer as your firewall for SBS 2008

Sometime ago, Harry Brelsford, CEO of SMB Nation, asked his readers on his e-newsletter what they thought about Calyptix AccessEnforcer as a firewall to use in conjunction with SBS 2008.

One of our partners, Jason Harrison, responded to Harry's request. Harry has published Jason's response.

For ease of reference, here's what Jason said:

I too have an extensive background with ISA / SBS firewalls (dating back to Proxy 2.0) and decided last year to start making the move towards stand alone UTM devices replacing ISA and the basic SBS standard firewall solution. Why? UTM’s provide yet another critical layer of enhanced security that the SBS platform did not offer. Now with the SBS 2008 changes, I find myself ahead of the curve a bit in this area.

I started off working with SonicWALL devices. I continued to look for alternatives because I was not that satisfied with what SonicWALL had to offer. I did deeply investigate WatchGuard and several others (all that were mentioned in the newsletter plus a few more). I choose Calyptix Security as the UTM / firewall device of choice for the following reasons:

• Easy to configure and manage
  
• Hardware platform was far superior to the competition (1GHz processor, 512MB RAM, 40+ GB HD – killer hardware man! Pair it up with SBS 2008 premium and you have EBS lite! J)
  
• Software platform – OpenBSD OS: The most secure OS on the planet! Snort technology: sets the bar by which all other IDS/IPS systems are compared – THE gold standard in the industry, used by FBI and the Pentagon / US Dept of Defense.
  
• DyVax: Calyptix own ground breaking, zero day, anti-malware, signature-less, scanning engine – first to catch all of the major threats over the last couple of years based on independent reports.
  
• SBS Integration / AD Integration
  
• Company has the SBS market square in their sights and wants to become THE UTM choice for the SBS market.
  
• Killer features, solid information about security events, traffic trends, web use, etc.
  
• Friendly flexible licensing
  
• Incredible performance – one user streaming video or some other bandwidth intensive process does not bottleneck at the gateway like on other lower powered devices (SW would choke – only 200Mhz processor and 16MB cache)
  
• It just works really, really well
  

Simply put, Calyptix is the box! We’ve been using it here since early spring. I have been recommending / deploying it everywhere including replacing quite a bit of other firewalls with the Calyptix solutions.

For another partner's thoughts, check out Scott Cover's in-depth UTM comparison, where he compared Calyptix and AccessEnforcer against several other firewall products, including SonicWALL and Untangle. We've posted his comparison here before, but now's a good time to bring it up again! :)

Jason and Scott, thank you for your kind words! We appreciate you working with us and putting the word out there for us.

Calyptix on Twitter

We have a Twitter feed that we've been kinda updating off and on.

Just thought you Twitter users out there might want to know. Perhaps if more people actually subscribe to it, we might actually update it more often. :)

Another way to track stolen Macs

In July, I blogged about using Adeona to track stolen laptops.

A user at Mac OS X Hints recently posted a more advanced method to track stolen Macs. It requires a lot of scripting work and your own server though. But if you're a DIY type, this might appeal to you more than Adeona.

Calyptix Friday Funnies #3

While pondering the maximum CIDR size a UI element should support...

<@lteo_remote> hm coeme to think about it someone did say they have a /16. not because they needed it, just so happened they have it
< jlpilkin> wow
<@lteo_remote> china and japan will cringe when they hear that
< jlpilkin> lol

OpenBSD 4.4 available for pre-orders

OpenBSD 4.4 is now available for pre-orders.

In no particular order, here's what I'm looking forward to in the new release:

• New sysmerge tool to assist in upgrading config files
  
• OpenSSH 5.1, including chroot support and visual fingerprinting
  
• Better PF record keeping
  
• tcpbench TCP benchmarking tool
  
• relayd enhancements
  
• dhclient is now aware of interface link state and reacts to changes
  
• WPA
  
• vmt driver: basically VMware tools
  
• Improved malloc (pretty much a rewrite -- ph33r otto@!)
  
• OpenCVS improvements
  
• Serial console configuration now automatically detects speed -- great news for those of us installing headless boxes!
  

Remember to order early! The OpenBSD team ships CDs on a first come, first served basis.

And what OpenBSD released would be released without a song -- this time, it's the Star Wars themed "Trial of the BSD Knights"! It's a tribute to the 4.4BSD team (because it's OpenBSD 4.4).

I've already started working on building the AccessEnforcer source code on post-OpenBSD 4.4 snapshots to get ready for the new release. Really looking forward to it! :)

A big thanks to the OpenBSD team for what I'm sure is a rock-solid release!

Defcon NOC: Powered by OpenBSD

Wired published an article on how OpenBSD was used as part of the Defcon Network Operations Center (NOC).

For those who do not know, Defcon is the largest annual conference for hackers (sorry, "hacker" purists). There were over 9,000 participants at this year's conference.

The Wired blog post mentions that "the temporary wireless network that serves the Defcon attendees is the most hostile on the planet." So it makes total sense that only the most secure systems should power that network -- hence the Defcon network admins chose OpenBSD.

That same OpenBSD is used as the foundation of Calyptix Security's AccessEnforcer SMB all-in-one firewall, precisely because of its impeccable security track record.

If it's good enough for Defcon, it's good enough for your SMB customers! :)

Is Google sucking the "Chrome" off your Browser?

The SBS Diva has identified a few EULA questions about Chrome.
It looks complicated...even for me the lawyer.

Could there be more to Chrome than meets the eye? Is Google "sucking the "Chrome" off your Browser"? Maybe Google plans on Going Green by Burning your CPU cycles when you search? I am not sure it is possible, but it seems covered by the EULA.

Google is all about sorting and organizing content which is no small task. The enormity of the issue is only getting worse. The legal structure of the EULA suggests there may be MUCH more at play here. Not sure.... Take take a deeper dive over as SBS Diva's Blog Post on Chrome EULA. In partiucular check out Setion 11.2 and the comments to her post.

I guess I have to check with my super geek (Lawrence) - I am sure he is up!
Leveraging community data can yield enormous benefits. However, the buyer (or free user) should be made aware and understand the implications. Google should provide more clarity on its intentions for Chrome.

Has anyone looked at the Source Code yet? Lawrence…..(add it to you to do list)!

AccessEnforcer on Google Chrome

Google Chrome, Google's new browser which we talked about yesterday, has been released.

And woo-hoo, it works on the AccessEnforcer...



...so far :)

We'll need to keep testing it some more, but for now it looks like it's working great, even on our JavaScript- and AJAX-intensive pages.

BTW that screenshot is a preview of the upcoming AccessEnforcer v2.0-beta user interface. :) If you want to take a deeper look at it, check if we're coming to your city!

More Security Regulations on the Way

If at first you don't succeed, try again, and again and..... When laws, regulations and standards don't get the job done.... we get more! I am not complaining - that might violate my professional stardards as a lawyer and even upset a few UVA Law clasmates.

However, two separate announcments caught my eye this evenning that suggest a trend - the tide of security regulation is soon to be on the rise (significantly and through a few different channels).

First, the state of California joins Minnesota in an effort to legistate standards imposed by the credit card industry (Payment Card Industry Data Security Standard). Interestingly, the liability provision has been watered down to avoid the wrath of the Arnold "the Terminator's" veto (experienced last year)! Given the continued vague guidelines and limited liability, I would not expect much to result from these activities.

A much more intresting and subtle announcement came out of the Army. The US Army wants to know about the IT security practices of its contractors. I would expect to see these findings resurface in the next twelve months as specific standards for Army contractors. Much like Walmart - DoD can (and should) drive major market shifts. "Customer" market influence can drive change far more swiftly and meaningfully. However, contractor guidelines to be effective must provide clear and concise standards that are far more easily implemented. I hope the DoD will learn a lesson from the PCI DSS experience.

Maybe the Army (and its contractors) should look at AccessEnforcer - with OpenBSD, IPSec VPN, Calyptix Remote VPN, Intrusion Prevention System....and more... it might be just what the little guys need to beef up their systems!

So Google decides to release a new browser

Over the long weekend, various tech news site were abuzz with news that Google will be releasing its new browser Chrome (screenshots) -- initially for Windows, and then for Mac and Linux.



I'm not sure if I should be happy or sad.

On one hand, it's a good thing because it's yet another browser, and if for some reason, people are not happy with the current selection of browsers, they can try Google Chrome.

On the other hand, it's yet another browser to support (warts and all), especially if you're a web designer/developer, or if your product runs off a web-based UI -- like our own AccessEnforcer.

On yet another hand (you didn't know I have three hands now, did you), Google tends to have pretty interesting ideas on UI design. As a UI junkie, it's always fun to check out new interface designs and explore the rationale on why things are placed the way they are on the UI.

Chrome is supposed to be based on Webkit, the same engine that powers Safari. And we do test AccessEnforcer's UI with Safari pretty intensively internally, so hopefully that means that the transition to Chrome will be seamless.

On not-so-recent news, IE8 beta is out, and so yep that's yet another browser to support.

And IE6 definitely needs to die.. but hopefully only when Autotask is natively usable on non-IE browsers, because we're currently depending on IE6 running on CrossOver in order to access Autotask. :)