The GFI Blog
This blog features discussions regarding several issues that system admins face on a daily basis plus the latest security issues and company news. Click here to access the blog!
White papers
Web Monitoring
 | Web security: |
| 10 steps to effective web security Achieving comprehensive Web Security is not a trivial task. The threat landscape of the Web is complex and ever evolving ... and implementing mechanisms to mitigate threats coming from the various risks is a difficult task. |
| Web-based security threats: |
| How attacks have shifted and what to do about it As email and web technologies converge, the number of security threats has grown, both in terms of creativity and effectiveness.Web-based threats are proving to be a nightmare for IT administrators and computer users. Although technology helps to counter these threats, a more holistic approach is needed,one that includes strict and enforceable policies as well as a proper awareness program. |
| Web reputation: |
| How it can help increase your online protection Web Reputation is the latest method in use to boost protection against current to future malicious content on the web for those browsing the Internet. Using Web Reputation, websites are assessed for immediate and potential threats, malicious content and risky characteristics and a score (0 – 100) is given. |
| Internet use in SMBs: |
| Towards a comprehensive internet security strategy for SMBs Small and medium-sized businesses (SMBs) need a comprehensive Internet security strategy to be able to protect themselves from myriad web-based threats. Defining and implementing such a strategy requires proper preparation, a clear understanding of the technologies and methods that can be adopted, a good user-education program and a proactive approach to security. |
| Web Monitoring: |
| Why SMBs Need to Deploy a Web Monitoring Tool Most organizations today use the Internet to conduct business, giving employees access to what is, without doubt, an essential business tool. However, non-work related Internet use by employees is a common and growing concern for management. One effective way of maintaining comprehensive control is to use a web monitoring and web security solution. |
| Internet use in Organizations: |
| The importance of an acceptable use policy In this White Paper we examine both the extent of the problem of misuse, and the role the creation and dissemination of an Acceptable Use Policy (AUP) can offer in helping an enterprise avoid unwanted consequences and enabling it to deal with transgressions in a fair and systematic way that will survive legal challenges without reducing employee morale and productivity. |
| Web Monitoring for Employee Productivity Enhancement: |
| Employees both want and don’t want to have their Internet use restricted The key to success in gaining productivity and employee acceptance of the problem is the perception of fairness, clear goals and self enforcement. Web monitoring is good for business. |
| Internet Monitoring: |
| Not ‘Big Brother’ but ‘Wise Management’ In an ideal world everything conducted at a business would be related to a business, but that isn’t always the case. Just as the telephone, company car, and photocopier have been used for non-business related matters, so too has the Internet and email. |
| Social Networking at Work: |
| Thanks, but no Thanks? If you own a business would you want your employees to be so keen on social networking that they could be spending unacceptably long periods of time online and chatting? No. And while most employers are willing to close an eye to the occasional quick browse and update, they are more concerned about those who abuse the system. |
| To block or not to block: |
| Why web filtering is no longer a taboo The way we use the Internet has fundamentally changed in the last 20 years, driven by the introduction of the World Wide Web. The way the web has reshaped how we use the Internet and how we deliver content to users is phenomenal and has far exceeded the original expectations of its creator, Tim Berners-Lee. |
Email Archiving
| Archiving Technologies: |
| Email management, Compliance, Stubbing and Journaling Email archiving is no longer an option for organizations and the key to a successful implementation is choosing the right email archiving technology for that organization. |
| Email archiving: |
| There’s more to archiving than keeping copies of old emails Email is the lifeblood of modern business, without which productivity and day-to-day communications soon break down. Incidents such as the failure of BlackBerry maker RIM’s back-end systems which crippled millions of BlackBerry email smartphones serve as an easy reminder of just how important email is today. |
| Why Organizations Need to Archive Email: |
| The underlying reasons why corporate email archiving is important. This white paper examines the different methods for deploying and managing email archive solutions in an organization. It also specifies key requirements that any full featured email archiving system should include. |
| Compliance with the Requirements of GDPdU: |
| GFI MailArchiver 6 complies with GDPdU Requirements This white paper examines the different methods for deploying and managing an email archive solution in an organization and specifies the key requirements that a full featured email archiving system should include. |
| Going beyond Exchange 2010: |
| Why it pays to have a dedicated email archiving solution Why do you need a dedicated email archiving solution? If you have migrated to Microsoft Exchange 2010, would the in-built archiving functionality not suffice? Offloading your email archiving needs to a dedicated, central repository not only results in improved server performance but provides the organization and its users with greater accessibility to email than ever before |
Security Scanning and Patch Management
| Patch Management with GFI LanGuard™ & Microsoft WSUS: |
| A cost effective and easy solution for network-wide patch management. This white paper provides an overview of how to use GFI LanGuard and Microsoft Windows Software Update Services (WSUS) to keep your network automatically updated with the latest security patches. |
| Patch management: |
| Fixing vulnerabilities before they are exploited Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department undertakes on a daily basis. This white paper examines the important role played by patch management to help organizations keep their PC real estate fully up-to-date with the latest security patches, without unduly compromising reliability, productivity, security and data integrity. |
| PCI DSS Compliance: |
| The Payment Card Industry Data Security Standard and GFI Software products This document outlines what GFI can do to assist in your achieving PCI DSS compliance. The intent of this document is to provide you with GFI's understanding of the requirements, and how the GFI Software product line (including three of our flagship products: GFI LanGuard™, GFI EventsManager™ and GFI EndPointSecurity™) can assist you to meet PCI compliance as outlined in the PCI DSS Requirements. |
Network Fax Technology
| Faxing in a virtual environment: |
| GFI FaxMaker, helping customers evolve their faxing GFI Software™ understands the needs of our customers to evolve their faxing to improve efficiency and cost effectiveness. GFI FaxMaker™ is a world-trusted fax solution that helps you accomplish just that by combining faxing with virtual environments. |
| Integrating faxes Into today’s world of healthcare records |
| One area in particular is causing some challenges in the push to e-records: faxing This white paper examines the obstacles preventing the move away from fax machines, and the benefits of having a communications system that integrates faxed documents into healthcare systems and solutions. |
| GFI FaxMaker™ helps with HIPAA Compliance: |
| GFI FaxMaker helps health organizations to address security issues GFI FaxMaker allows for the sending/receiving of faxes via an email client thereby providing a secure vehicle for the distribution and receipt of faxes that contain Protected Health Information (PHI). |
| Integrated Network Faxing is key to Improved Productivity and InformationSecurity: |
| Network faxing reduces labor costs and increases information security. This white paper details how integrated network faxing remains a relevant technology that can give you a business edge in an always competitive marketplace, providing higher productivity and helping you save thousands of dollars in labor costs and more. |
| Save Time and Money with Integrated Network Faxing: |
| Reduce labor and material costs while cutting down on lost or misplaced faxes A This white paper details how integrated network faxing remains a relevant technology that can give you a business edge in an ever competitive marketplace, providing higher productivity and helping you save thousands of dollars in labor costs alone. |
| Network Fax Technology: |
| Choose the right fax server software and hardware. A fax server buyers' guide, this paper describes the features you need to look for in fax server software and why. It also discusses the type of fax server devices (fax cards) available and which is right for you. |
| Fax Routing: |
| An introduction to fax routing. A look at how network fax packages are able to determine the right recipient of an incoming fax. |
| Sending Faxes in real-time over an IP Network: |
| How to benefit from Fax over Internet Protocol (FoIP) to send faxes. This technical white paper gives an introduction to fax over Internet Protocol (FoIP) and explains the various usages and advantages of FoIP including Least Cost Routing (LCR). |
Email Security: Content Checking, Anti-Spam and Antivirus
| Email security: |
| Hosted or on-premise? Email is at the very core of how we communicate today, and nowhere is this more prevalent than in the workplace. With the broad availability and adoption of broadband, email has quickly risen to supplant both the phone and fax machine as the primary form of day-to-day and legally-binding business communication. |
| Email security: |
| Cloud vs. On-premise solutions Choosing whether to put your email security in the cloud or host it on premise is a major decision. Hopefully this white paper will help. |
| Why One Virus Engine is Not Enough: |
| Multiple virus engines are needed to reduce time lag between virus outbreak and virus protection. This white paper examines why having multiple anti-virus scanners at mail server level substantially reduces the chance of virus infection and explores ways in which this can be achieved. |
| Why You Need an Email Exploit Detection Engine: |
| The dangers of email exploits are many. This white paper explains what email exploits are, provides examples of common email exploits, and discusses why a non signature-based approach (in other words, a different approach than just that of a virus engine) is needed to protect against email exploits. |
| Protecting Your Network Against Email Threats: |
| There is a real need for comprehensive server-based email security. This white paper explains why anti-virus software alone is not enough to protect your organization against the current and future onslaught of email viruses and threats. Examining the different kinds of email attacks and issues that threaten today's organizations, this paper describes the need for a solid server-based email security solution to safeguard your network. |
| GFI MailSecurity's Deployment Strategies: |
| Which operating mode(s) to use in your network environment: a simple guide. GFI MailSecurity™ can be deployed as an SMTP gateway or as a VS API version for Exchange 2000/2003. This technical white paper describes each operating mode and helps you decide which to deploy and whether you should deploy both. |
| BitDefender Virus Engine: |
| Facts & figures This article provides key information about the BitDefender anti-virus engine and shows why you can rely on its technology to protect your network. |
| Kaspersky Labs virus engine: |
| Facts & figures This article provides key information about the Kaspersky anti-virus engine and shows why you can rely on its technology to protect your network. |
| Binary translation: |
| Design of x86 Emulator for Generic Unpacking CPU emulation has been used over the years for a multitude of objectives. It allows an application compiled for a specific target platform to be run on a host platform with a completely different or overlapping architecture set. |
| Greylisting: |
| Decrease junk mail, increase productivity The goal of GFI MailEssentials Complete Online™ is to improve business productivity by reducing the volume of junk mail. While MailEssentials Complete Online detects a vast majority of today’s junk email, we are continually working on new approaches to combat the increasing sophistication of spammers. Greylisting is one of the ways MailEssentials Complete Online reduces junk mail and saves you time. |
| Email Continuity: |
| Safeguard email communications 24/7 Email is a critical communications tool. Email downtime means a loss of productivity, possible compliance and regulatory issues related to data loss or even lost revenues. Minimizing email downtime is an increasingly important part of an organization’s messaging infrastructure and its disaster prevention and recovery strategy. |
| Email Security: |
| Why SMBs need an email security strategy Whether you’re an organization with 50 employees or a global corporation with 50,000, spam and viruses can wreak havoc on your business. SMBs need to make sure they are armed with the best security solutions available – demanding enterprise-class protection paired with fast deployment, ease of management and flexible configuration options. And, all at a price they can afford. |
| How to Block NDR Spam: |
| A large number of organizations have been victims of NDR spam that has an effect similar to a Distributed Denial of Service on the email system. This white paper provides a technical explanation of NDR Spam and recommend solutions that can prevent or limit exposure to this kind of unsolicited email. |
| How to Keep Spam Off Your Network: |
| What are the features to look for in anti-spam technology? This article defines phishing and identity theft and explains why it is important to protect your users against such attacks. |
| Protect Your Users Against Phishing Attacks: |
| Need an introduction to phishing This article defines phishing and identity theft and explains why it is important to protect your users against such attacks. |
| Messaging and Web Security: |
| Best Practices for 2011 and beyond In an Osterman Research survey conducted during January 2011, decision makers and influencers demonstrated that they are decidedly pessimistic about the future of spam and malware problems for 2011. |
| Greylisting – Simple concept, highly effective technique: |
| Another tool to reduce the volume of spam hitting a network Greylisting is one technique that can help administrators to reduce the volume of junk email while also saving time that might otherwise be spent reviewing lengthy quarantines and digest messages. |
| Email Security Solutions: |
| GFI's hosted email filtering solution is available in two versions Through the recent acquisition of Katharion™, GFI Software is able to offer a hosted email filtering solution in conjunction with GFI MailEssentials and GFI MailSecurity. |
| Email security in small and medium-sized businesses: |
| No organization can afford to operate without an email security strategy. The risk landscape is constantly changing with new threats surfacing every day. This white paper looks at email security in small and medium businesses, the solutions available and what features SMBs cannot do without. |
| Email Continuity: |
| Protecting your business against email downtime Email is a critical communications tool. Email downtime means a loss of productivity, possible compliance and regulatory issues related to data loss, or even lost revenues. Minimizing email downtime is an increasingly important part of an organization’s messaging infrastructure and of its disaster prevention and recovery strategy. |
| Email Security Solutions: |
| GFI's hosted email filtering solution is available in two versions Through the recent acquisition of Katharion, GFI Software is able to offer a hosted email filtering solution in conjunction with GFI MailEssentials and GFI MailSecurity. |
Event Log Monitoring
| How to configure IBM iSeries event collection with Audit and GFI EventsManager: |
| Configuration of IBM iSeries event collection with Audit and GFI EventsManager This document explains how to configure and use GFI EventsManager to collect IBM iSeries (formerly AS/400) audit events through Audit, a software tool developed by Raz-Lee. |
| SharePoint event collection: |
| How to configure SharePoint event collection with LOGbinder SP and GFI EventsManager™ This document explains how to configure and use GFI EventsManager to collect Microsoft SharePoint audit events which have been processed by LOGbinder SP in order to make the information more readable and manageable. |
| The Need for Effective Event Management: |
| Challenges, strategies and solutions to effective event management. This white paper shows where GFI EventsManager fits in this picture and how it is an invaluable asset in the corporate toolbox. |
| How to Perform Network-wide Security Event Log Management: |
| Use GFI EventsManager for intrusion detection and essential auditing of security event logs. This white paper explains the need to monitor security event logs network-wide and how you can achieve this using GFI LanGuard S.E.L.M. (now GFI EventsManager). It is written by Randy Franklin Smith, author of the in-depth series on the Windows security log in Windows 2000 & .NET Magazine. |
| Deploying GFI EventsManager™: |
| Calculate the number of instances required to manage your network. This technical white paper gives an overview of how GFI EventsManager works and discusses installation and deployment issues while enabling you to calculate the number of GFI EventsManager instances required on your network. |
Security
| Vulnerability Management: |
| Your company’s personal virtual consultant Managing a large and growing PC estate is no simple matter, particularly if you are doing it manually. Keeping a close watch on a couple of PCs can be straightforward, and a diligent IT manager will manage to keep such machines fully patched and free of troublesome software. But what happens when your estate grows beyond one or two machines? |
| PCI DSS Compliance: |
| The Payment Card Industry Data Security Standard and GFI Software products This document outlines what GFI can do to assist in your achieving PCI DSS compliance. The intent of this document is to provide you with GFI's understanding of the requirements, and how the GFI Software product line (including three of our flagship products: GFI LanGuard, GFI EventsManager and GFI EndPointSecurity) can assist you to meet PCI compliance as outlined in the PCI DSS Requirements. |
| Patch Managment with GFI LanGuard & Microsoft: |
| A cost-effective and easy solution for network-wide patch management This white paper provides an overview of how to use GFI LanGuard and Microsoft Windows Software Update Services (WSUS) to keep your network automatically updated with the latest security patches. |
| Security and SMBs: |
| Security considerations for small- and medium-sized businesses (SMBs) It is never possible to guarantee that a company is totally secure or that a breach will not occur, however implementing the latest tools and providing ongoing, end-user education will minimize those risks and allow companies to focus more on growing their business rather than repairing it. |
| Security Threats for SMBs: |
| Security threats are becoming increasingly sophisticated and harder to detect. Many small and medium sized businesses are still unaware of the threats that exist. This guide to security threats for SMBs outlines the most common threats and how they can be dealt with. |
| Social Networking and Security Risks: |
| As with any new tool or application, it is always important to keep a close watch on its security implications. Each of these tools comes with its own set of security concerns which can put your information systems and/or personal data at risk. This white paper will look at some of these risks and identify possible solutions to help protect you, your personal information and your company data. |
| Patch management: |
| Fixing vulnerabilities before they are exploited Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department undertakes on a daily basis. This white paper examines the important role played by patch management to help organizations keep their PC real estate fully up-to-date with the latest security patches, without unduly compromising reliability, productivity, security and data integrity. |
| Dynamic Threats: |
| How to Succeed Against Modern Malware Sophisticated malware attacks against government agencies and large organizations are on the rise. They are all too often successful, due to the malware’s ability to slip past traditional security defenses. To combat these modern threats requires swift, comprehensive defense through dynamic malware analysis. |
Data Backup
| Master Class Series: |
| Backup Microsoft Hyper-V Virtualization enables companies to build fully functional infrastructures that are easily recovered and maintained with minimal effort and reduced hardware costs. Through cloning and replication, IT industries can replicate and test clients' environments without breaking clients' business continuity. |
| Data Backups: |
| How to create a complex and secure backup strategy Data is the lifeblood of every organization and business. Data theft and data loss through negligence or hardware failure can cause irreparable damage if the data is not easily retrievable. That is why making regular backups of an organization’s data are so important. |
| Understanding Data Backups: |
| Why SMBs need to backup data Data is the lifeblood of every organization yet many either fail to backup their data or they are not doing so properly. Losing data can be catastrophic for a business. This white paper explains why backups are important and the challenges they face. |
| The Business Implications of not having a Backup Strategy: |
| Where Businesses get it wrong A business that fails to maintain a copy of its data is asking for trouble at some point in time. It is extremely easy to lose data and all but impossible to rebuild if backups don't exist. Are you backing up your data regularly? This white paper outlines the risks of not having a backup strategy. |
| Hybrid Technology: |
| On-premise VS. Cloud-based solutions As the price of storage and bandwidth continues to drop fast, Cloud-based services are becoming more and more attractive to small and medium-sized businesses (SMBs) which are seeking to reduce licensing costs, avoid recruiting IT staff and focus fully on their core responsibility - growing the business. |
Portable Storage and Device Control
| The Threats Posed by Portable Storage Devices: |
| Uncontrolled use of iPods, USB sticks, PDAs and other devices leave you at risk. In a society where the use of portable storage devices is commonplace, there is a real risk to business. The threat that these devices pose to corporations and organizations is often ignored. This white paper examines the nature of the threat that devices such as iPods, USB sticks, flash drives and PDAs present and the counter-measures that organizations can adopt to eliminate them. |
| Managing security in a device driven windows environment: |
| Device driven security GFI Software™ understands the needs of our customers to evolve their faxing to improve efficiency and cost effectiveness. GFI FaxMaker™ is a world-trusted fax solution that helps you accomplish just that by combining faxing with virtual environments. |
Networking
| Network Environments: |
| The key to the success of your business Your network environment is one of the keys to the success of your business. Most business people don’t fully believe this, even after long discussions and mounds of evidence to the contrary. |
Antivirus
| Cybercriminals and security attacks: |
| What your business must know Malware attacks have become increasingly prevalent with more than one million unique malware samples uncovered each month. And with threats on the rise, businesses are starting to question the capabilities of their security infrastructure. |
| Hackers don’t discriminate: |
| Viruses attack all platform users Historically, few viruses have been written to attack Mac-based operating systems. But as the popularity of these devices has increased, so has the popularity of Mac-targeted malware. Regardless of whether your organization uses Windows-based PCs or Macs or a mix of both, you need a solution that provides protection for all operating systems. |
| Social networking malware: |
| The dangers facing SMBs Social networking has changed the way businesses communicate with their customers and partners, with most organizations now incorporating social media into their marketing and communications strategies. Unsurprisingly, the popularity of this new media has also created an influx of social-specific malware. |
| Basic security: |
| Why purchasing antivirus, anti-spyware and a firewall is a must Paid security solutions offer significantly higher levels of protection, along with far greater value for the money through the inclusion of a broader range of key features tailored for the home user, while supporting parents and offering tools to help protect children from online harm. |
| Why Customers Love VIPRE® Business: |
| Facts & figures Selecting an antivirus solution for your organization is an important decision. You need to protect your systems but you also need to ensure that the software you choose is cost-effective and easy to maintain. |
| Increasing Performance in Enterprise Anti-Malware Software: |
| Minimize the impact on system performance and user productivity, without sacrificing protection The ideal antivirus, anti-malware infrastructure should be easy to manage, while minimizing the impact on system performance and user productivity. This series examines the factors that contribute to slow anti-malware performance, the factors to consider when selecting an anti-malware solution, and finally, the best practices for deploying anti-malware products. |
| Antivirus Scanning Performance and System Resource Utilization Comparison: |
| Compare popular products to avoid bloat IT system administrators need to balance the security requirements of the enterprise with usability of PCs. As the threat landscape evolves, PC security solutions have become resource hungry to the point that the PC becomes unusable during periods of security scanning. Tests show that VIPRE Business endpoint security solution offers better scanning performance with minimal system resource usage. |
| When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) Box for Protecting Endpoints: |
| Working with a smaller provider can be a breath of fresh air In their “Sector Insight” research study, Aberdeen Group investigated the considerations small business should take when selecting anti-malware solutions. Read this research paper to learn why Aberdeen recommends small businesses be open to endpoint security solutions from vendors other than McAfee and Symantec. |
| Protecting Against the New Wave of Malware: |
| A new approach to antivirus is necessary This Osterman Research white paper examines why older, traditional antivirus approaches don't work and why a new approach to endpoint security is required to better protect your users, your data and your long-term viability as a company from malicious threats. Learn about the scope of the malware problem and strategies that can help you defend against evolving malware threats. |
| VIPRE Business Takes a Bite out of Bloatware: |
| When it comes to antivirus software, bigger is definitely not better The remedy to bloatware is a better, more efficient product that is specifically engineered to scan, detect and remove myriad security threats without impacting performance and taking a big bite out of the IT capital expenditure budgets. Learn about the scope of the malware problem and strategies that can help you defend against evolving malware threats. |
| How to tell if that pop-up window is offering you a rogue anti-malware product |
| Beware of unexpected pop-ups asking you to install antivirus software Rogue anti-malware products are a bane for every Internet user, especially those who have little or no technical knowhow. These are hundreds of scare ware ‘products’ on the Internet. This white paper examines this type of scam, explains how they work, what to look out for and how to prevent your computer from being infected. |