Expert Whitepaper – Cyber Security and e-Crime: A Guide for Educators

No Comments

Good friend of Bloxx and education expert, Ollie Bray has once again given us a top-notch Whitepaper with specialist advice and tips. This time round the focus is on educating internet users on threats lurking in the World Wide Web. However, in this day and age, it’s not all about telling folk what’s out there, it’s about learning how we can protect ourselves from it all. In many cases it’s based on training users to remain secure while using a school or workplace network, for example. Something which can should (actually) be a big concern for everyone of all backgrounds, from teachers, students, employees, business owners, right up to the CEO’s and Directors of the world.

Here is a little snippet;

Whilst the industry constantly evolves their defence systems to protect against Cyber Security issues or attacks, the people responsible will also sharpen their tools to commit e-crimes. Relying on technology based solutions, sophisticated malware or virus protection is not alone the answer, the only plausible approach is a combination of the right e-safety tools plus education and knowledge.

This Bloxx guide provides educators with invaluable insights and information to develop their approaches for learning about aspects of Cyber Security and crimes that have developed using technology. The guide walks the reader through the basic concepts, cyber issues and most importantly provides useful resources.

So whether you’re concerned about online threats and want to get up to speed on the risks out there, or are simply intrigued by cyber security and the developments being taken to protect users, download the whitepaper and share the handy tips! Thanks again Ollie!

Bloxx Products & Google Safe Search

No Comments

As you may know in late 2013 Google began defaulting all client connections to be made over SSL, this meant that without using our SSL decryption module (SSL Intercept available in version 6 and above) your Bloxx Web Filtering solution was unable to enforce Google Safe Search to users web requests as the communication between the Client and Google was encrypted.

Google eventually implemented a method (No SSL Search) that would allow networks to enforce Safe Search if all Google requests were pointed to a specific farm of servers.  These servers would only ever respond over HTTP and in turn would allow the Bloxx Web Filters to enforce Google Safe Search on a per policy basis, this could be achieved without the need to use our SSL Intercept module as the communication between the Client and Google was not encrypted.

In order to set your network up with No SSL Search all you had to do was make a change to your internal DNS servers so that requests to Google domains would always resolve to the No SSL Search server farm.  In Version 7.0 we introduced support for this functionality where instead of making changes to your DNS server all you had to do was set the Disable encrypted Google search under Filtering > Global Settings > Content Filters.

Google recently announced that they are retiring the “No SSL Search” option and instead are introducing a “Force Safe Search” option which means that if you point to the new server farm all requests to Google made from the Client will be fully encrypted however all searches will have Safe Search enforced.

In Bloxx Version 7.6 we changed the previous functionality added in 7.0 so that it will point to the new Force Safe Search option that Google have implemented.

If this new method is enabled you will run in to the following limitations;

  • All requests regardless of user will be forced to use Google Safe Search, this means you will lose the ability to set this on a per user basis.
  • If you have this option enabled and you are not using our SSL Intercept module the Bloxx appliance will be unable to provide search query reports for Google.  You will also be unable to use the Search Alerts functionality added in 7.4 for Google.

Recommendations

Google have indicated that the “No SSL Search” option will be retired at some point in December 2014 but have not given an exact date, nor have they advised what will happen if you do nothing and wait for them to switch the No SSL Search farm off.  We recommend that you take one of the following steps to ensure there is minimal impact to your organisation when this happens;

  1. We strongly recommend the use of our SSL Intercept module, this will allow the Bloxx solution to treat SSL requests in the same way as HTTP requests.

    This  not only allows the Bloxx Solution to enforce safe search on a per policy basis but also track what people are searching for which you can review in reports or configure search alerts to be notified when clients enter search terms you wish to be notified of.

  2. Use Google’s new method and accept the above limitations. (Remember you will need to upgrade to Software Version 7.6!)
  3. Restrict access to Google and use an alternative Search Engine.

Version 5 Customers

If you are running our Version 5.x software version we are unable to decrypt SSL content as the SSL Intercept module is only available in Version 6 and above, Bloxx do not have a method to enforce Google’s new method.

If you need to enforce Google Safe Search for your clients Google have a few options you can perform on client machines or by modifying your DNS servers.  Please see the following link for more information on how to do this: https://support.google.com/websearch/answer/186669?hl=en-GB

Please contact your account manager if you’d like to discuss upgrading to Version 7.
Click here for more information on Google Safe Search, remember the Google Safe Search filter isn’t 100% accurate but will help you avoid most adult content.

Again, as no exact date has been given in December 2014 we strongly recommend any affected customers to take action now to ensure minimal impact to your organisation.

Work in Education? Share your opinion for the chance to win an iPad!

No Comments

Teacher writing on blackboard

 

At Bloxx we love a challenge, that’s why our products are innovative and developed on the back of needs and requirements of our existing customers, and of course the industry trends and advances in tech.

In order to keep up-to-date with the madness that is the Web security market, sometimes we’ve gotta get a helping hand. This time we need it from one of the most intensely scrutinized sectors – where e-safety is concerned – Education.

Last year we surveyed over 200 educational professionals to identify how Anonymous Proxies had changed, the impact they have upon educational organisations and how much staff really knew about these pesky filter-avoiding-Facebook-accessing-sites.

Get a quick run-down on last year’s survey with our Anonymous Proxies – 5-key facts doc OR if you want the full whack you can download the survey results report.

So what do we want from you now?

Web and email filtering requirements change from one company to the next (even within the same industry) all organisations come with their own challenges, and the teaching bodies of the world are CERTAINLY no different!

News headlines have been cropping up left, right and centre spotlighting Social Media and the risks it can bring, although a lot of it is good press. Social media can enable us to communicate more effectively, connect with old/new friends and let’s not forget, to share the odd ‘no filter’ picture.

However, bearing in mind all the amazing-couldn’t-live-without features that come with social networks, in certain environments all of these are merely distractions. Distractions that can become incredibly detrimental to both the user and organisation. Especially if that organisation is of an educational nature, the duty of care to protect students and staff may come under inspection by Ofsted, The US department of Education, or the likes.

To give us another security hurdle to fling ourselves over, students and staff can now use their own devices on campus networks. This concept is referred to as, Bring Your Own Device (BYOD), or BYOT (T = Tech.) as it is now known – ‘device’ was just too specific to categorize watches, glasses, clothes and whatever else. This mobility opens up new areas of concerns for SysAdmins everywhere. Especially those concerned with younger, more impressionable users in a controlled learning environment.

If you are a teaching professional or in a techy position in an education environment we need to hear from you, and your opinions could land you a new iPad! Click here for the survey, and please share to your relevant contacts.

Start Survey button

 

 

 

 

Bloxx Introduces New Version of its Web Filter and Secure Web Gateway

No Comments

Bloxx Introduces New Version of its Web Filter and Secure Web Gateway

Dateline September 10th, 2014 – Bloxx, a leader in Web content filtering and security, today announced the release of the latest version of its Web Filter and Secure Web Gateway products. The new release enables organizations to proactively manage social media, real-time flash file categorization to manage access to flash games and search alert reports that provides real-time email notification of search terms.

“Social media has fundamentally shaped how we now communicate. Companies have opened up these platforms more broadly to users to enable them to engage customers, prospects and increase brand awareness. But they need to be sure that by doing so they are not increasing business risk,” said Charles Sweeney, CEO, Bloxx. “The latest version of the Bloxx Web Filter and Secure Web Gateway seeks to understand how users are interacting with social media and the wider web so that companies can realize all of the benefits of social media and proactively mitigate the risks.”

Additional new features of the Bloxx Web Filter and Secure Web Gateway include:

  • Google Authentication that allows education organizations to deliver single sign on for Chromebooks
  • Flexible Reports that expands the extensive reporting capability already available by providing direct access to traffic and user, groups and policy databases

The new versions of the Bloxx Web Filter and Secure Web Gateway will be available in late September as hardware appliances or software appliances for VMware Esxi and Microsoft Hyper-V.

More information available here.

Bloxx & the SSL 3.0 “Poodle” vulnerability – CVE-2014-3566

No Comments

SSL 3.0 “Poodle” vulnerability – CVE-2014-3566

What is poodle?

On Tuesday 14 October 2014, Google published details of a vulnerabilty in the design of SSL version 3.0, which allows the plaintext of secure connections to be calculated by a network attacker, this has been dubbed “Poodle” (Padding Oracle on Downloaded Legacy Encryption).

You can read the full advisory here.

What steps should I take to secure against the vulnerability?

The most critical action is to upgrade client browsers to their latest versions.

Microsoft recommends you disable SSL 3.0 and enable TLS 1.0, TLS 1.1 and TLS 1.2 in Internet Explorer. (Read more)

Firefox and Chrome have anounced plans to drop SSL 3.0 over the coming months: (Read more here and here )

Firefox have also released an SSL version control add-on available here.

How does this affect The Bloxx product range?

This vulnerability primarily affects clients, so as described above, using secure client software is the most efficient immediate way of protecting against this. Server admins should also consider phasing out long term support for SSL 3.0.

Bloxx web filter products

Traditionally for HTTPS requests, the web filter allows the client to negotiate the SSL/TLS handshake directly with the secure web server, the appliance is not directly involved with this negotiation.

The exception to this is if you use SSL intercept to perform SSL decryption. In this scenario, the client negotiates the SSL handshake with SSL Intercept and then SSL intercept negotiates the SSL handshake to the upstream secure webserver.  More secure protcols (TLSv1.2/TLSv1.1/TLSv1.0) are preferred by SSL intercept by default.

Our research & development team are working on looking to allow you to disable clients or servers negotiating SSL 3.0 in a future firmware release.

Bloxx email filter

The bloxx email filter supports STARTTLS for secure transmission of email messages. SSL 3.0 negotiation is currently allowed, but restricted to a very strict cipher set which doesn’t include any changing block cyphers. Our R&D team are looking into dropping support for this by default, whilst having the possibility of re-enabling support on request if still required for compatibility with older systems.

Additional note

The Bloxx Web filter and Email filter ranges currently support SSL 3.0 connections to access the admin web user interface of the products. We recommend the use of secure client browsers when accessing the interface and our R&D teams will be looking into the impact of dropping support for this protocol in future versions.