Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

Cymphonix Undoes Anonymous Activity

New tool lets IT block anonymous proxies, making it harder for end users to hide their behavior online

NEW YORK -- Recently, users have been getting a raft of new tools and services that could prevent IT departments from monitoring their Internet activity. Today, however, a vendor released a tool that could let IT strike back.

Cymphonix here at the Interop conference launched Network Composer Version 7, a new release of its smart gateway appliance that doesn't just reduce unauthorized Web activity -- it also cuts down on wasted bandwidth.

Network Composer v7 offers a feature called Anonymous Proxy Guard, which lets IT departments block the usage of services such as Anonymizer and EverPrivate. These services, designed to protect the privacy of consumers and home users, allow business users to bypass corporate restrictions on Internet access and surf the Web anonymously, making it impossible for IT to track the user's online behavior.

"While many organizations have content filtering in place to control Internet usage, they have not been able to effectively detect or control the usage of anonymous proxy sites until now," says Brent Nixon, vice president of product development at Cymphonix. The new gateway release can identify traffic going through improper ports, and block the use of proxy sites, he says.

The new release would not block the use of a native browser such as Browzar, which doesn't operate as a proxy.

The new product also offers policy management features that let administrators control who can access the Internet, when they can access it, and what content they can have, Cymphonix says. For example, an organization could enforce a policy that allows the accounting department open access to the Internet after business and during the lunch hour, but block that traffic during business hours to preserve bandwidth for critical apps, the company says.

Cymphonix Network Composer Version 7 will be available in mid-October and will be offered to current users at no charge, the company states.

— Tim Wilson, Site Editor, Dark Reading

  • Cymphonix Inc.

    Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Exploits Released for As-Yet Unpatched Critical Citrix Flaw
    Jai Vijayan, Contributing Writer,  1/13/2020
    Active Directory Needs an Update: Here's Why
    Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus,  1/16/2020
    Microsoft Patches Windows Vuln Discovered by the NSA
    Kelly Sheridan, Staff Editor, Dark Reading,  1/14/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win a Starbucks Card! Click Here
    Latest Comment: This comment is waiting for review by our moderators.
    Current Issue
    The Year in Security: 2019
    This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
    Flash Poll
    [Just Released] How Enterprises are Attacking the Cybersecurity Problem
    [Just Released] How Enterprises are Attacking the Cybersecurity Problem
    Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2019-14629
    PUBLISHED: 2020-01-17
    Improper permissions in Intel(R) DAAL before version 2020 Gold may allow an authenticated user to potentially enable information disclosure via local access.
    CVE-2019-17125
    PUBLISHED: 2020-01-17
    A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS.
    CVE-2019-17127
    PUBLISHED: 2020-01-17
    A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation.
    CVE-2020-3940
    PUBLISHED: 2020-01-17
    VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability.
    CVE-2020-6862
    PUBLISHED: 2020-01-17
    V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability. Unauthorized users could log in directly to obtain page information without entering a verification code.