NETWORK WORLD NEWSLETTER: TIM GREENE ON VPNS 11/23/04 Today's focus: Ways to help prevent potential security risks of using Google Desktop Search
Dear [EMAIL PROTECTED], In this issue: * How virtual desktops could negate Google Desktop Search risks * Links related to VPNs * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Intel IT Productivity; Increasing ROI Learn how to effectively measure employee productivity, manage IT investments and reduce the Total Cost of Ownership in enterprise data management. Visit Intel's IT Productivity center. Click here to download white papers, books and IDC Research. http://www.fattail.com/redir/redirect.asp?CID=88597 _______________________________________________________________ THE 2005 IT ROADMAP: Future Vision - Attend the Technology Tour Event of the Year! Where is IT headed? Which technologies are the new must-haves? Which look good now but are dangerous risks? Find out first and see solutions free at this exclusive reserve-now-or-you're-on the-outside-looking-in event! http://www.fattail.com/redir/redirect.asp?CID=88577 _______________________________________________________________ Today's focus: Ways to help prevent potential security risks of using Google Desktop Search By Tim Greene Last week, we alerted readers to potential security problems that might arise from blending SSL VPNs with Google Desktop Search. Since Google's search tool caches and indexes everything that goes on a desktop, it keeps a record of everything that goes on in SSL VPN sessions, too. SSL VPN cache cleaners don't wipe out Google Desktop Search caches, so whatever is cached from SSL sessions remains available to the search tool. The risk is that if the machine used was borrowed or is otherwise insecure subsequent users could find the cached information. There are several ways to address this, one of which is use of a virtual desktop - software that sets up a desktop session, which can be wiped out entirely when it is over, leaving no unencrypted trace of the information accessed during the session. One such software is Sygate's Sygate On-Demand Virtual Desktop, which is also sold by SSL VPN vendors Array Networks, Aventail, Juniper and Netilla. Last week, Aventail and Juniper said their versions of Virtual Desktop protected content from being cached by Google Desktop Search, but it turned out that content of Word documents is cached unencrypted. Sygate says it has worked out a fix that will make sure Word content is encrypted as well. Sygate is scheduled to distribute the patch to its customers and partners today. Google Desktop Search, which is still in beta test, is popular because it helps people find things on their computers quickly. Like instant messaging, it is likely to be downloaded to many business computers for its utility and without thought of whether it could compromise security. There are many ways to deal with this new potential breach of SSL VPN security, all of which are available now. First, set business policies against downloading Google Desktop Search or at least require that it be shut off during SSL VPN sessions. This is the weakest of the measures because it relies on end users actually complying with the rules. Second, software agents that check the configuration of computers seeking access to SSL VPNs can be set with policies that deny access if Google Desktop Search is running. These host-checking policies can be made less severe by allowing limited VPN access if the search tool is turned on. Third, require a virtual desktop for all SSL VPN sessions. While the Word bug proved a vulnerability, these virtual desktops - also called encrypted vaults - do work. To make sure, users should test them against all the applications that are available over their VPNs to ensure that Google Desktop Search does not cache the content unencrypted. Once customers are sure the virtual desktop protects their set of VPN content, they can rest easy about Google Desktop search - at least for now. RELATED EDITORIAL LINKS Desktop search engines threaten SSL VPN security Network World, 11/15/04 http://www.nwfusion.com/news/2004/111504googledesktop.html _______________________________________________________________ To contact: Tim Greene Tim Greene is a senior editor at Network World, covering virtual private networking gear, remote access, core switching and local phone companies. You can reach him at <mailto:[EMAIL PROTECTED]>. _______________________________________________________________ This newsletter is sponsored by Intel IT Productivity; Increasing ROI Learn how to effectively measure employee productivity, manage IT investments and reduce the Total Cost of Ownership in enterprise data management. Visit Intel's IT Productivity center. Click here to download white papers, books and IDC Research. http://www.fattail.com/redir/redirect.asp?CID=88597 _______________________________________________________________ ARCHIVE LINKS Breaking VPN news from Network World, updated daily: http://www.nwfusion.com/topics/vpns.html Archive of the VPN newsletter: http://www.nwfusion.com/newsletters/vpn/index.html _______________________________________________________________ FEATURED READER RESOURCE NW FUSION PARTNERS' SITES NOW AVAILABLE Network World Fusion Partners is a collaborative effort between Network World and sponsoring Partner companies. Each microsite contains best-of-breed information as well as custom content not found anywhere else, including a custom email newsletter and special offers. It is current, top-of-mind information that is readily accessible and bundled into one comprehensive package. Visit the NWFusion Partner sites to learn about storage solutions, network access solutions, optical networking and more. Visit NWFusion Partners at: <http://www.nwfusion.com/go/nwprr> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
