On The “Edge”

When inbound ports to networks are opened, private networks become vulnerable to malicious hacking attempts. When a hacker’s primary motivation is theft, that hacker will attempt to gain unauthorized access to a network, intent upon stealing and exploiting private and valuable information. Network intrusion attacks can seriously damage an organization’s reputation, and compromise assets and revenue. 

In order to protect  Titan servers, South River Technologies has written a product called DMZedge Server.  The DMZedge server resides outside the firewall. The  Titan and GroupDrive servers call out to the DMZedge server by opening an outbound port, preventing unauthorized client requests. Client requests are satisfied by a response on the outbound port; no inbound ports are ever opened. No unauthorized requests can gain access to valuable information and resources that exist on the private network.  Access to Titan and GroupDrive servers is securely extended beyond the local LAN with minimal firewall configuration/administration.  You can take an “out of the box” stateful firewall with DENY ALL as the incoming firewall rule, put up a DMZedge server and still have an Internet facing, remotely accessible Titan and/or GroupDrive server.

DMZedge will act as an authentication proxy for internal servers.  If your users authenticate against Active Directory or LDAP, or even Native GroupDrive or Titan authentication, that capability is extended via the Edge server to external networks.  The authentication database is never stored on, or replicated to, the DMZedge server.  It can also listen on all the Titan/GroupDrive supported secure protocols – FTPS, SFTP, HTTPS, and WebDAV over SSL.   It supports multiple server environments as well as server clustering. 

One could explain DMZedge as being both bouncer and doorman – stopping unwanted visitors while allowing residents to enter.  The reality is that it’s a fast, simple way to secure access to internal servers while leveraging existing authentication and data access policies.

PATCH IT!

A familiar icon appeared in my system tray a few hours ago and it got me thinking. Now that’s always dangerous, me thinking.

The icon was the “New updates are available” notification icon. So I started thinking about a conversation I had over the weekend with a new friend of mine, Sean. Sean is an avid Macintosh user. I am not. In the many conversations I have had with avid Macintosh users, the common theme seems to be that a Mac is largely flawless and invulnerable to attack whereas Windows computers are always being attacked because they are horribly vulnerable because of security holes. My personal experience with Windows over the last twenty years is quite the opposite, I have never (knocking on wood here) had a virus or trojan or spyware on any of my Windows based computers. And I have owned or used several dozen such computers over that span and for the last fifteen years they’ve all had constant connections to the Internet.

I thought I should check on the situation from a neutral party. I found a paper from the Computer Engineering and Networks Laboratory – Swiss Federal Institute of Technology titled “0-Day Patch – Exposing Vendors (In)security Performance.”  In the paper the writers compare the speed of response to published vulnerabilities in Microsoft’s Windows and Apple’s Macintosh operating systems. The concept of a “zero day” patch is that the company releases the patch for a vulnerability on the same day it is publicly disclosed. I was surprised by two things: it turns out that Macs and Windows PCs have had about the same number of high and medium vulnerabilities over the study period from January 2002 to December 2007, with Macs having 738 to Windows’ 658; and Microsoft has been much better at releasing 0-day patches over that period with over a 60% average rate of 0-day patches vs Apple’s under 40% average.

Patches are an important feature of any software package and they are often critical in operating systems. At South River Technologies we recently began using our own Windows Server Update Services server to better manage how and when updates are installed. And all of our software packages also have a “Check for Updates” feature. Our new Webdrive for Mac, which is currently in beta testing, also has this feature. I’m amazed when one of our support engineers tells me that a customer is using version 6 of Webdrive (the current one is 9.0) or version 5 of Titan FTP (the current one is 7.11). Like most software companies, we don’t provide support for older versions of the software. The reason is that it can’t be patched. So if you’re using software: PATCH IT!

Time to Call the Exterminator?

It’s been particularly rainy out here in the muggy Mid-Atlantic this spring. And unfortunately that means one thing: ants and other insects invade our dry homes trying to escape the deluge. So as I was pouring my coffee this morning and thinking about what to write for my blog post, I was watching ants scouting for food on the counter and a topic came to mind:

BUGS!

No, not the 8 legged kind. The software kind. Most bugs in software are the result of a well intentioned programmer (like myself) trying to improve the software. Inevitably one feature or improvement will lead to an inadvertent oversight or the breaking of some formerly working code.

I think the key to good programming is not only to get it right, but to care enough to fix the bugs found in the software quickly. To be responsive, not defensive.  How a software company responds to a bug report says a lot about the company and how much they care about their product and ultimately how much they care about their customers. 

At South River Technologies we take great pride in our suite of software solutions and we care about our customers. We’ve enhanced our technical support offerings by hiring two new very capable support engineers and increasing the support options to include paid phone support so that we can be more responsive than ever to the needs of our customers. Our engineers are top notch, and we work diligently, sometimes very late into the night, to offer the finest quality software.

We all make mistakes, in software we call them bugs, in business it matters how we choose to deal with them.

Oh, and honey, if your reading this, yes, please call the exterminator.  🙂 

Help! Where is my Product License Key?

Everywhere you go, there is a need for some kind of code, and if you do not have the correct one, your access is restricted.  From the ATM to Twitter, it seems we need a code to do everything now. At South River Technologies, we are no different. There are support ticket IDs, customer information IDs, trial codes, tracking codes, and license codes.  Occasionally our returning customers find themselves in a sea of codes and business comes to a screeching halt for a few minutes.   Your lifeline is a good record of what you are working with, and the proper steps to finding your registration code within the product itself.  Here are some things to keep in mind:

When you update your product, make sure you are using the correct registration code. Your trial code will not work on the full product version, and your old registration key will not work on the new license or upgrade.  Server codes work ONLY on the server product you purchased, and WebDrive client codes work ONLY on the WebDrive product you purchased.

To locate your registration code(s) within the product, do this:

For Titan FTP Server

Launch the FTP Server Administrator and click Titan Domains, on the “Welcome” tab you will see your registration code.

For WebDrive

Launch WebDrive and click HELP then License; click on Registration & License Information. You will have to deactivate then reactivate your license to see your registration code.

OR

Launch WebDrive, click HELP and select License – Check for Program Updates. Highlight the WebDrive license installed. Click MORE INFO to see your registration code and other product information.

 For GroupDrive

Launch the GroupDrive Server Administrator and click GroupDrive Domains. On the “Welcome” tab, you will see your registration code.

For more specific technical support issues, please review our Knowledge Base Articles or submit a help ticket through our online HELP DESK.

Southrivertechnologies.com

Welcome

Hello and welcome!
Originally founded in 1996, South River Technologies (SRT) is a Maryland based, privately held company, that pioneered and paved the way for document collaboration, secure file access, and managed file transfer. In 2004, SRT received the Baltimore SmartCEO Future 50 award, which recognizes the top 50 fastest growing small businesses in Maryland.  To date, over 65,000 customers have adopted our simple, powerful approach to file management, and we proudly share that our enterprise customers include more than 70 universities across the country.

Our home office is in Annapolis, Maryland, 2 miles from the beautiful South River and about 5 miles from the Chesapeake Bay. We are also conveniently located just 2,461 miles from the heart of Silicon Valley!

It is our pleasure to be able to offer this medium to interact with our customers, answer questions, and provide up to date informtion on our products. This is a conversation  medium, and not a support desk option. For technical support please visit our online help desk at http://www.srthelpdesk.com/, this is a free support option for all.
SRT will be represented weekly by our technical, sales and administrative staff to ensure that you find something new and valuable on a regular basis. You will find information on all of our products: WebDrive, Titan FTP Server, and the DMZedge Server.
We welcome your presence here and hope you will visit us often. My name is Shaunna, and I will be activly monitoring activities here. Your appropriate, relative, and thoughtful posts will make this blog a smashing success!