Real-time visibility into Greynets

(07/12/2007)

Greynets are Internet-enabled communication applications that are installed on an end user's system without permission from IT and are highly evasive to existing security infrastructure. While many of these applications deliver collaborative benefits to users, they pose a unique challenge to network administrators by traversing the network through a variety of ports and evasive techniques. If left unmanaged, greynet applications can impact productivity, become vectors for malware attacks, and introduce compliance risks including leakage of confidential information.

While some greynets such as Skype, public instant messaging (IM) and Web Conferencing have legitimate business uses, IT requires visibility and control to ensure their safe and productive use. With other greynets, such as P2P file sharing, video streaming, and anonymizers, the risks might outweigh the benefits and organizations need the ability to accurately detect and block them.

According to the 2007 survey Greynets in the Enterprise: Third Annual Survey of Trends, Attitudes and Impact, the number of greynet applications installed at a typical work location has increased significantly in the past year. According to the survey, the number of work locations with eight or more greynet applications in use has almost tripled in the last three years.

The costs of greynet usage can be very high. In the recent survey, IT managers reported spending an average of nearly $289,000 annually to repair or re-image company PCs after malware attacks that occurred over greynets. On average, IT managers experience nearly 39 incidents per month that require some kind of repair or remediation to end user PCs and each repair requires, on average, about nine hours of work.

FaceTime Communications has launched GreynetsGuide.com, a Web-based guide aiming to be a comprehensive reference center to help enterprise network administrators better understand evasive and consumer-oriented applications like public IM clients, P2P file-sharing, anonymizers, IPTV and consumer VoIP that are increasingly being adopted by employees.

GreynetsGuide.com details the source, behavior and effective removal tools for more than 600 greynet applications of concern to IT managers. FaceTime Security Labs’ researchers are identifying and adding new greynets to the database daily.

FaceTime is also offering a free tool called RTDiscover™ that will enable IT managers to gain visibility into the greynet traffic that is traversing their networks.

FaceTime RTDiscover, delivered on DVD, provides a comprehensive report of greynet and Web traffic on the enterprise network at user, group and enterprise levels. RTDiscover presents the user with a real-time view of all malware threats including spyware, adware, keyloggers and rootkits currently resident on PC endpoints throughout the organization.

“Our goal is to provide a comprehensive public resource that catalogs and provides independent analysis of the greynet applications that have become pervasive on enterprise networks,” said Frank Cabri, vice president of marketing and product management for FaceTime. “Just as SpywareGuide.com is the definitive resource for identifying and controlling malware, GreynetsGuide.com is designed to be the definitive resource for understanding and controlling greynets in the enterprise.”

“Enterprises face three key risks from unmanaged greynets: confidential or proprietary information leaking out, malware and other infections entering the network, and the legal ramifications due to insufficient archiving and retrieval,” Cabri explains.

“With so many greynet applications freely available online, the IT security manager must examine the behavior of the company’s own workers, and understand the nature of these greynets before setting and enforcing security and management policies,” said Cabri. “GreynetsGuide.com provides a resource for understanding the true nature of these stealthy applications, to aid in making policy decisions about their use on the corporate network.”

“We’re providing enterprise IT with the information they need to manage the new work environment where employees feel empowered to download the applications they determine necessary to do their jobs,” said Cabri. “Workers take these applications for granted as a just another convenient way to do business, keep up with friends and take a well-deserved break during work hours, but IT understands that the potential costs are very real and very high.”

Related topics:  Internet and Web security   Network Security   Security threats and vulnerabilities   Virus, Worm, Email security, spyware and malware 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources