F-Secure VPN+ 4.1 Released

F-Secure has released a new version of F-Secure VPN+, its Virtual Private Network (VPN) software. Many features have been added, including support for dial-up connections and the DHCP distribution of addresses in Windows 95, 98 and NT 4.0 environments. Installation is easier, and compatibility with all major IPSec manufacturers’ products has been improved.

This is F-Secure’ fourth-generation VPN software. F-Secure VPN+ secures vital TCP/IP traffic between local area networks and remote offices, partners, and travelling employees. F-Secure VPN+ follows the standard IPSec and IKE data security protocols developed by IETF. Compliance with these standards has been verified by compatibility tests.

The new 4.1 version makes the implementation and enforcement of company-wide security policies easy. Implementing policies requires no action by end users. All security settings are managed centrally and are updated through network connections using the F-Secure Management Framework.

The F-Secure VPN+ is delivered in Workstation, Server, Gateway and Enterprise Gateway versions. Combining these versions enables makes it possible to build an entire system to protect all data connections, including local area networks. Supported platforms are Windows 95, 98 and NT 4.0.

New Versions of F-Secure SSH Released

F-Secure has released a new version of its F-Secure SSH Tunnel & Terminal product. The new version includes many new features, such as an SFTP function for the safe transfer of files to workstations running Windows 95, 98 and NT 4.0. The product supports several encryption algorithms, such as Blowfish, Twofish, 3DES, and IDEA.

F-Secure SSH Tunnel & Terminal can protect all TCP/IP connections. It encrypts all terminal connections used in remote system management. Secure file transfer (SFTP) encrypts all file transfers between the client and the server. F-Secure SSH products are based on Version 2.0 of the Secure Shell protocol, which is currently being standardized by the IETF.

F-Secure SSH has become the de facto global standard for remote system management. Additionally, with F-Secure SSH’s tunneling feature, all TCP/IP-based traffic can be protected. Tunneling enables secure reading of e-mail and secure Web browsing.

F-Secure SSH 2.0.12 is available in client and server versions. Both client and server software work on all common UNIX platforms. Client software is also available for Microsoft Windows 95, 98 and NT 4.0 environments.

New Version of F-Secure NameSurfer Ships

F-Secure has released Version 2.1 of its F-Secure NameSurfer software. Network administrators can use the software to remotely control DNS name servers (Domain Name Service) with ease.

The name service is a critical element of all IP-based networks. DNS converts IP addresses into easily remembered names and vice versa. F-Secure NameSurfer offers the network administrators an easy-to-use Web interface for DNS management.

The graphical user interface and automatic error checking keep the administrator from creating erratic DNS information. The slightest error in the DNS database can cause the entire IP network to cease functioning. That is why the accuracy of DNS data is vital for the functioning of reliable and secure Internet and intranet networks.

New features in F-Secure NameSurfer 2.1 include support for Bind 8 and the automatic updating of a secondary name server. Additionally, F-Secure NameSurfer 2.1 supports secure (DNSSec) dynamic DNS updates (DynDNS).

The software works on all popular Unix platforms.

F-Secure Broadens its Linux Product Base

F-Secure is now shipping F-Secure Anti-Virus for Linux. The product offers Linux users the most comprehensive anti-virus system in the world. Virus protection is updated automatically through the Internet.

F-Secure SSH for Linux has been available for a long time. It offers Linux users secure terminal connections, file transfer and X11 and TCP/IP connections over open networks. F-Secure SSH utilizes the SSH2 protocol, which is the de facto standard for secure remote system management.

F-Secure NameSurfer for Linux has also already been available. It provides network administrators with an easy-to-use Web interface for DNS management. The product saves both time and resources needed for the maintenance of name services. The DNS converts Internet names into IP addresses, and is an essential part of all TCP/IP-based networks.

F-Secure VPN+ for Linux will start shipping this year. It provides the user with the services of the fourth-generation VPN network. F-Secure VPN+ protects vital TCP/IP network connections in local area networks between offices and partners, as well as the connections with remote and traveling employees. F-Secure VPN+ has been thoroughly tested for compatibility and compliance with the IPSec and IKE protocols standardized by the IETF.

Action on the Web

www.F-Secure.com is Five Years Old

The web services of F-Secure turned five years old in April 1999. For any web site, this is a long period of time. When it started up, the F-Secure web site was the first one in the world to focus on data security. To celebrate this anniversary, F-Secure has organized a lottery where you can win data security products and other prizes.

How long is five years in the world of internet? A very long time, indeed.

In April, 1994, there was no www.microsoft.com, no www.ibm.com, no www.apple.com. There was no Geocities, no AltaVista, and no Hotmail.

Netscape Navigator and Internet Explorer did not exist. Five years ago, the most commonly used browsers were NCSA Mosaic and the text-based Lynx. Other browsers included Cello and Winweb.

Most web surfers were using UNIX-based systems. The most widely-used operating systems for PCs were MS-DOS and Windows 3.x.

Five years ago, most web sites and web users were connected to universities. There were about 2,000 Web sites in the world. Two and a half years later, there were 650,000 sites. Now, five years later, there are more than 4,000,000 web sites in the world.

Five years ago, the F-Secure server was the only server on the Web that provided anti-virus information. After its start-up, the server has received hundreds of millions of information requests.

New Look at Data Fellows Web Site

Our redesigned Web site makes it easier find the information you need. Come take a look at our new look at:

http://www.F-Secure.com/

F-Secure Anti-Virus Updates

F-Secure Anti-Virus is updated every day. You should regularly update the version you get with this CD-ROM to ensure the best level of protection.

F-Secure ships new software versions on a CD-ROM every couple of months, but makes new virus signature databases available much more often via FSUPDATE and F-Secure BackWeb.

FSUPDATE

The easiest way to download database updates for F-Secure Anti-Virus 4 is FSUPDATE, a self-contained executable that that installs itself. You can simply download the latest FSUPDATE.EXE from the F-Secure Anti-Virus Web Club, run it, and relax. FSUPDATE locates the correct file locations and updates them automatically.

FSUPDATE is updated every day on the F-Secure web server. From the Web Club page, you can find detailed instructions for fetching and using the program, and for distributing the updates to your company’s computers. To go to the Web Club, click the globe icon on the F-Secure Anti-Virus toolbar, or connect directly to this web address:

http://www.F-Secure.com/anti-virus/webclub/

F-Secure BackWeb

F-Secure Anti-Virus 5 supports F-Secure BackWeb, a new tool that provides you with automatic virus signature database updates directly from the Data Fellows web site. Updates are sent directly to F-Secure Management Server and forwarded to the workstations either totally automatically or with the click of a mouse after your review of the update.

F-Secure BackWeb downloads files automatically, using bandwidth left unused by your other Internet applications, so you are automatically alerted when new information has been received, and you can always be sure that you'll have the latest updates, without having to search the Web. For an overview of F-Secure BackWeb, see:

http://www.F-Secure.com/download-purchase/backweb.html

Virus News

A Busy Year

The spring and early summer of 1999 were written in history because of three major virus incidents. The three largest virus outbreaks in history occurred during March, April, and June: Melissa, CIH and ZippedFiles.

W97M/Melissa

The Melissa macro virus spread globally within a few hours on the March 26, 1999.

Spreading through e-mail as a chain letter, Melissa is estimated to have infected more than 300,000 computers. Actual damages, however, remained fairly low.

F-Secure Anti-Virus recognizes and removes the Melissa virus.

Win95/CIH

Exactly one month after Melissa, the CIH virus was activated. Unlike Melissa, the CIH virus was expected. It had been going around for almost a year – the CIH virus had been programmed to overwrite hard disks and Flash BIOS chips activating on the April 26.

CIH caused widespread damage, especially in Asia. It is the most destructive computer virus ever seen.

CIH caused damage to approximately 600,000 computers. Some of them lost all the information stored on them; some of them also lost their BIOS chips, and maintenance was required.

F-Secure Anti-Virus recognizes and removes the CIH virus.

ZippedFiles

ZippedFiles was an e-mail chain letter similar to Melissa. It appeared on June 10,

1999. Unlike Melissa, ZippedFiles tries to inflict direct damage by overwriting users’ documents.

Before the epidemic was stopped, almost 150,000 computers were infected.

The author of the ZippedFiles virus has not been identified.

F-Secure Anti-Virus recognizes and removes the ZippedFiles virus.

The Virus Damages of 1999

An American research organization, Computer Economics, Inc., estimates that during the first half of 1999, companies around the world lost $7.6 billion because of computer viruses.

Frequently Asked Questions & Answers

F-Secure’ Anti-Virus support provides help on all virus and data security questions. Contact information can be found at the end of this section.

A: Data Fellows fully supports the Windows 2000 operating system. Testing with beta versions of Windows 2000 is under way.

We do not support beta versions of operating systems. The new F-Secure Anti-Virus for Windows 2000 will be released at latest 60 days after Windows 2000 is released and shipped by Microsoft.

A: Not really. Even though dozens of viruses are known to cause trouble on Friday the 13^th, none of them are very common. Currently there is no reason to be particularly worried about viruses on the "unlucky days."

A: Surprisingly, only two or three viruses are presently known that will try to activate at the turn of the year 2000 or 2001. However, these viruses may surface before the end of the year.

The writers of viruses may try to use the confusion caused by the Y2K problem to cover the problems caused by their viruses. However, no such activities have been discovered.

A: The Web Club contains the most recent information concerning our products. The Web Club can be found by clicking the globe icon on the toolbar of F-Secure Anti-Virus, or by opening the following address in your web browser:

http://www.F-Secure.com/anti-virus/webclub/

F-Secure Anti-Virus Support Center contains detailed support advice:

http://www.F-Secure.com/support/

The daily updated virus descriptions can be found at:

http://www.F-Secure.com/virus-info/

You can contact our support staff by e-mail at:

Anti-Virus-Support@F-Secure.com

F-Secure Anti-Virus Release 4.05

The new version detects and removes many more viruses than version 4.04.

Updating from version 4.04 to 4.05 on the Windows NT environment does not require local administrative rights.

GZ files corrupted in a certain way could kill the AVP search engine. This has now been fixed.

The disinfection of locked files in Windows 95 now works better.

When the Windows 95 version disinfects a virus from memory, it previously did not recommend booting the computer for safety reasons. Now the recommendation is made.

In the NT environment, Gatekeeper tried in vain to use the floppy drive in certain situations. This has now been fixed.

F-Secure Anti-Virus 4.05 includes version 3.04.825 of the F-PROT search engine and version 3.00 (builds 126, 129 and 131 on Windows 95, 98 and NT, respectively) of the AVP search engine.

F-Secure Anti-Virus Release 5.00

F-Secure Anti-Virus 5.00 support Windows 95, 98 and NT 4.0.

Please consult the F-Secure Anti-Virus 5 Customer Briefing and the F-Secure Anti-Virus 5 Administrator’s Guide, both of which are available on your F-Secure CD-ROM, for information about the new functionality in F-Secure Anti-Virus 5, F-Secure Administrator and F-Secure Management Server.

The New World of Security with F-Secure Framework

Background

The data security needs of today’s corporate networks are radically different from those a couple of years back. The Internet explosion in particular has introduced new security threats and made old ones much more serious for modern networked organizations.

Computing has evolved to a distributed network model where individuals can access corporate resources from virtually anywhere in the world. The growth of the Internet as a business tool has required corporations to open up their networks, making their systems and data vulnerable to an increasing number of threats.

Today, data security must be implemented directly on the devices that are used to access, process and store confidential information. Adequate levels of security can not be maintained at a gateway or server level anymore. However, if security measures are widely distributed, security management becomes a major issue.

Protective perimeter approach to security - such as firewalls - has been easy to manage and that has been the major reason for its success. New management technology is required to combine the high level of security of the widely distributed approach and ease-of-management of the centralized approach.

The F-Secure Solution

All F-Secure products are integrated into the F-Secure Framework management architecture, which provides a three-tier, scalable, policy-based management infrastructure for an enterprise security system.

Integrated Security

To address the needs of corporate customers’ demand for integrated security solutions, many software providers have opted to bundle several point applications together and market such bundle as a product suite. However, the level of actual integration achieved by product suites is limited; typically product suites are only integrated to the extent that individual applications share a common installation procedure. The architecture of the F-Secure Framework, on the other hand, allows for the seamless functional integration of a corporate customer’s security applications.

The framework allows systems administrators to manage all the important security technologies from a single management console and realize the full benefits of the integration of F-Secure’ various best-of-breed security products. A major benefit from this tight integration is ease of use, deployment and administration and unified way of managing settings and configuration across the security applications. Due to tight integration organization can also avoid security problems related to the combining of two security products that have not been designed to operate in tandem and which may actually have the undesirable side-effect of creating new security gaps.

Widely Distributed Security

Existing corporate security solutions which protect particular elements of an enterprise network are insufficient to cover a wide range of current day security problems. For instance, gateway security solutions cannot protect against unauthorized actions by insiders. Conversely, existing corporate firewall solutions typically restrict effective network access for mobile users and others that are located outside of the firewall. F-Secure believes that to be effective, corporate security solutions must protect data where such data is stored and processed. In line with this belief, the architecture of the F-Secure Framework is based on distributed security agents that protect each element of the enterprise network where data is stored and processed. The F-Secure Framework security solution is distributed throughout the network, including individual employee workstations, servers, gateways (email servers, firewalls, routers, VPN gateways) and mobile devices such as laptops where valuable corporate information may be stored and processed.

Centralized Management

The F-Secure Framework incorporates a centralized security manager component for setting and enforcing security policy across the enterprise network. Through the F-Secure Framework, the systems administrator of the corporation manages and oversees enterprise’s security systems and implements security policy decisions through the framework. The centralized model allows for greater control over the security system of the enterprise and gives systems administrators the flexibility to implement enterprise-wide security policy changes rapidly and inexpensively. Centralized security also increases productivity as the implementation of security policy is invisible to end-users, and does not require end-user training or attention.

The policy-based management system used by F-Secure Framework enables the security administrator to make the security related decisions in advance and not need to rely on the end-users to react the right way when an incident occurs. The administrator is always in control of security and can actually make it impossible for the end-users to change the security settings on their workstations. Competing workstation level products let the end-users access their settings, reconfigure them or even completely disable them at will.

High Scalability

The F-Secure Framework has been designed to manage smaller workgroup LANs as well as enterprise-wide WANs. By simply adding more F-Secure Management Servers, the software package and policy distribution component of the F-Secure Framework, the corporate customer can scale its F-Secure Framework-based security system to cover even the largest networks. The high degree of scalability allows corporations to expand their security networks without significant reconfiguring or training costs.

Low Total Cost of Ownership

The F-Secure Framework and F-Secure best-of-breed applications have been developed with the aim of reducing the total cost of ownership of an enterprise-wide security system. According to Gartner Group, security spending in the legacy centralized computing environments such a IBM mainframes absorbs between 2-3 percent of the total IT budget. In contrast, in the networked, client/server, Web based environments the spending rate exceeds 15 percent. The PC Cost Breakdown report from Gartner Group shows that 43% of the annual costs come from end-user operations, typically the result of lost productivity because of the user fiddling with the computer and playing with the settings. F-Secure Framework helps reduce these costs through the invisible nature of the end-user components.

Because the F-Secure Framework is centrally managed by the systems administrator, there is no need to train end-users. As the F-Secure Framework provides for the integration of the various aspects of a corporation’s data security needs, the company does not have to spend time and money to make heterogeneous applications function together.

A seamlessly integrated system also reduces the time and cost of fixing potential security gaps caused by the use of incompatible security applications. In addition, the F-Secure Framework and F-Secure’ best-of-breed applications have been built to be both easy to install and easy to use. Security application updates and upgrades can be sent automatically using push technology, dispensing with the need for manual updates, and any changes in security policy by the systems administrator can be implemented automatically.

Extensibility

F-Secure Framework’s extensibility allows organizations to deploy the scope and width of security required by their current business needs. Adding other Framework-enabled applications into the system later is a snap due to tight integration: no need to invest in new administration, management or deployment tools and training.

For more information about F-Secure Framework, see this web page:

• http://www.F-Secure.com/products/framework/

F-Secure Anti-Virus Update Bulletins