US says cyberbattle against ISIS will black them out


The U.S. is aggressively targeting ISIS in cyberspace, attempting to halt the group's ability to communicate electronically, Secretary of Defense Ash Carter said Thursday.

Third of US banks OK with passwords even social networks reject

Hellooo? Can anyone explain the logic? Six of 17 major US banks have weaker password enforcement procedures than most social networking websites, according to a new study by an American university. The banks ask users to set up passwords that include letters and special symbols, but a study by researchers at the University of New Haven shows that in around a third of cases these passwords may not be case sensitive.

This means any combination of upper and lower case letters might work.
Ignoring case sensitivity reduces the entropy of login credentials, making them less resistant to cracking as a result. "We were very surprised when we learned that banks have fewer requirements for passwords than social media sites," said Walter Gordillo, '16 of Norwalk, Connecticut, a cyber systems major who took a lead on the University of New Haven Cyber Forensic Research and Education Group (UNHcFREG) project. Banks with the issues include Wells Fargo (70 million customers), Capital One (50 million customers), BB&T, Webster First Federal Credit Union, Chase Bank (50 million customers), and Citibank (200 million customers). El Reg contacted PR representatives of Wells Fargo, Capital One and Chase Bank as well as US banking organisations (Financial Services Information Sharing and Analysis Center (FS-ISAC) and Financial Services Roundtable (FSR)) for reaction to the study. We're yet to hear back, but will update this story as and when we hear more. Frank Breitinger, UNH assistant professor and co-director of UNHcFREG, oversaw the study, which was carried out by UNH undergraduates in an introduction to computer security course. "Consumers believe that banks with several million customers should have strong security mechanisms in place to protect accounts, starting with password policies," Breitinger argued. The research group attempted to contact the banks through their regular hotlines to inform them about what they had found and to ask for a statement in reaction to the findings of the research. "It turned out that it is almost impossible to contact and notify them about a security issue," Breitinger said. "Our findings raise an important question: why do social networking platforms and many others not related to personal and business finances adopt much stricter password policies?" Breitinger asked. More details about the research can be found here. Sweet 2FA Per Thorsheim, an infosec researcher and founder of the PasswordsCon conference, said the findings of the research were "interesting, but not surprising." "Based on what I know of US banks, I think that European banks are ahead of the US in this area [password security]," he told El Reg. "Europe deploys advanced security technology, US does more financial risk analysis." It would be wrong to regard social media profiles as thruway items that are therefore ill-deserving of rigorous password security policies, according to Thorsheim. "Social media sites actually keep a lot more sensitive information about you than any bank will probably ever do.

At the same time, people tend to consider their money more important than information, pictures & videos of themselves, family, friends and colleagues." Password security is only one component of online safety.
In particular, two-factor authentication (2FA) controls are used by many banks to safeguard against account takeover and fraud, Thorsheim added. "Examining the password policy by itself is interesting, there's no mention of two-factor authentication such as software or hardware tokens or biometrics, fraud detection." "I am sure that the affected banks have all done their financial and market risk analysis to justify their security, with perhaps the biggest consideration being 'if we [make] it harder to log in compared to our competition, we may lose customers'," Thorsheim concluded. ® Sponsored: Agile For Dummies, 2nd Edition

Pirates hack into shipping company’s servers to identify booty

Pirates like those shown here aboard a dhow in waters off western Malaysia in January 2006 were using data stolen from a shipping company's systems to target cargo ships and steal specific crates of valuables in hit-and-run attacks.US Navy When the terms "pirate" and "hacker" are used in the same sentence, usually it's a reference to someone breaking digital rights management on software.

But that wasn't the case in an incident detailed in the recently released Verizon Data Breach Digest report, unveiled this week at the RSA security conference. Verizon's RISK security response team was called in by a global shipping company that had been the victim of high-seas piracy aided by a network intrusion. The shipping company experienced a series of hit-and-run attacks by pirates who, instead of seeking a ransom for the crew and cargo, went after specific shipping containers and made off with high-value cargo. "It became apparent to the shipping company that the pirates had specific knowledge of the contents of each of the shipping crates being moved," the RISK team recounted in the report. "They’d board a vessel, locate by bar code specific sought-after crates containing valuables, steal the contents of that crate—and that crate only—and then depart the vessel without further incident." The targeted nature of the attack made it clear to the shipper that the pirates were somehow getting intelligence directly from their computer systems.

The response team discovered that the company used a "homegrown" Web-based content management system (CMS) to manage bills of lading for their cargo ships.

An examination of network traffic to the CMS revealed a Web shell script had been uploaded to the server through a vulnerability in the software.

The shell script backdoor gave attackers remote access to the server, allowing the upload and download of files—in this case, specifically downloading the bills of lading for the company's ships.

The attackers had compromised a number of system passwords in the process as well. However, the attackers made a number of mistakes.

The shell script used straight HTTP rather than taking advantage of the site's SSL encryption—so the contents of the traffic was easily discovered by packet captures. "We were ultimately able to capture every command the threat actors issued, which painted a very clear picture," the RISK team wrote. "These threat actors, while given points for creativity, were clearly not highly skilled.

For instance, we found numerous mistyped commands and observed that (they) constantly struggled to interact with the compromised servers." While they had managed to get initial access to a number of servers, the attackers weren't able to install shell scripts on them because of a network security appliance. Ultimately their activities were limited to the server they had initially gained access through. But their most damning mistake? "The threat actors also showed a lack of concern for their own operational security by failing to use a proxy and connecting directly from their home system," the RISK team noted.

The shipping company shut down the server to fix the vulnerability, and they then blocked the IP address of the pirate's hacker—ending the targeted attacks.

Google, Oracle setting up jurors to fail in API copyright retrial,...

SeabamirumOne of the tech sector's biggest upcoming trials—Oracle v.

Google—careened Tuesday away from the hot-button topic of copyrighting application programming interfaces (APIs) and instead focused on the presiding judge's concern that the tech giants are setting up jurors to fail. US District Judge William Alsup believes it's all so the loser could challenge the verdict of the second upcoming trial set for May. Judge Alsup said Tuesday that the tech giants jointly submitted a proposed questionnaire (PDF) for prospective panelists containing "so many vague questions" that "the loser on our eventual verdict will seek, if history is any guide, to impeach the verdict by investigating the jury to find some 'lie' or omission during voir dire." Enlarge Richard Liu Voir dire is the part of the case in which lawyers question potential jurors about their backgrounds and biases.

And the case is being closely watched by the tech sector and developer community given the high stakes. Oracle is seeking $1 billion in damages after successfully suing the search giant for infringing Oracle's Java APIs that were once used in the Android operating system.

A federal appeals court has ruled (PDF) that the "declaring code and the structure, sequence, and organization of the API packages are entitled to copyright protection." The decision reversed the outcome of the first San Francisco federal trial heard before Alsup in 2012. A new jury, to be chosen for a May 9 Oracle-Google trial, will be tasked to decide whether Google has a rightful fair-use defense to that infringement.

The Supreme Court has so far declined to intervene. Oracle and Google jointly asked the judge on February 29 to extend jury questioning for two days.

That's an unusual request because Alsup's normal jury picking procedure lasts less than a half day. "The Court suspects that a real reason the parties wish to use the proposed questionnaire and its two-day (or more) procedure is to get the names of prospective jurors and their places of residence so that they may conduct extended Internet investigations on the venire prior to the oral voir dire procedure, all in an effort by jury consultants to run demographics against the pool and rank the potential jurors," the judge said.

Alsup added that he would have nothing to do with that: In short, no questionnaire will be used. We will use the Court’s usual voir dire procedure. We will use traditional safeguards to root out any bias. We will have a jury sworn in about three hours and then proceed to opening statements. Jurors will be confronted with a Herculean task as they must decide a vague question in copyright law: does the doctrine of fair use apply in this case? The US Copyright Office says that defense to copyright infringement is decided on a case-by-case basis. "The distinction between what is fair use and what is infringement in a particular case will not always be clear or easily defined.

There is no specific number of words, lines, or notes that may safely be taken without permission.

Acknowledging the source of the copyrighted material does not substitute for obtaining permission," the US Copyright Office says. Google maintains that the APIs should not be protected by copyright because they are necessary for interoperability and that APIs have fostered "innovation and competition" in the software industry. Oracle said it's a "win for innovation" when developers get paid for the intellectual property.

RSA Conference 2016: Launch Pad for Security Products, Partnerships

The annual RSA Conference in San Francisco fills both the North, South and West buildings of the Moscone Center from Feb. 29 to March 4. While keynotes and sessions are a large part of the event, the RSA Conference has long been the place where securit...

Apple’s new ally in unlocking battle: A man whose wife was...

Kārlis DambrānsApple's encryption battle FBI is asking courts to legalize crypto backdoors because Congress won’t Apple prevails in forced iPhone unlock case in New York court Most software already has a “golden key” backdoor: the system update Police chief: There’s a “reasonably good chance” not much is on seized iPhone More GOP presidential hopefuls now side with the FBI in iPhone crypto fight View all…While many tech companies, cryptographers, and privacy advocates have lined up publicly behind Apple in its ongoing fight with federal prosecutors, the company now has an unexpected ally: a San Bernardino man whose wife was shot and severely injured during the December 2015 terrorist attack. On Thursday, Apple published Salihin Kondoker’s letter to the federal judge overseeing the case. In the letter, Kondoker describes how his wife, a San Bernardino County Health Department employee, was shot three times during the attack but survived. Kondoker describes himself as an IT consultant for Pacific Gas & Electric, a public utility that serves much of California. As he wrote: When I first learned Apple was opposing the order I was frustrated that it would be yet another roadblock.

But as I read more about their case, I have come to understand their fight is for something much bigger than one phone.

They are worried that this software the government wants them to use will be used against millions of other innocent people.
I share their fear. I support Apple and the decision they have made.
I don’t believe Tim Cook or any Apple employee believes in supporting terrorism any more than I do.
I think the vicious attacks I’ve read in the media against one of America’s greatest companies are terrible. He went on to explain that his wife also had a county-issued iPhone, noting that both the "iCloud account and the carrier account" were controlled and paid for by the county. "This was common knowledge among my wife and other employees," Kondoker continued. "Why then would someone store vital contacts related to an attack on a phone they knew the county had access to? [The terrorists] destroyed their personal phones after the attack.

And I believe they did that for a reason." As he concluded: Finally, and the reason for my letter to the court, I believe privacy is important and Apple should stay firm in their decision. Neither I, nor my wife, want to raise our children in a world where privacy is the tradeoff for security.
I believe this case will have a huge impact all over the world. You will have agencies coming from all over the world to get access to the software the FBI is asking Apple for.
It will be abused all over to spy on innocent people. America should be proud of Apple. Proud that it is an American company and we should protect them not try to tear them down. I support them in this case and I hope the court will too. Last month, Apple CEO Tim Cook reiterated the company’s firm commitment to privacy and its resolve to fight the unprecedented court order.
If the order stands up to legal challenges, Apple would be forced to create a new customized iOS firmware that would remove the passcode lockout on a seized iPhone 5c as part of the ongoing investigation.

Doing so would allow federal investigators to brute-force the passcode in order to gain access to the phone's content. Last week, Apple filed its formal legal response and set the stage for an important court hearing in nearby Riverside later this month.

Earlier this week, a different judge in a related case ruled in favor of Apple, saying that the company did not have to help the government even if it was able to do so. Both the government and Apple are set to appear before US Magistrate Judge Sheri Pym in Riverside on March 22.

Hackers' Next Target: Police Drones

Even a $35,000 government-ready flying machine can't escape hackers. Pricier means more secure, right? Not exactly.

A security researcher has found that many expensive police drones are vulnerable to hacks.  At San Francisco's RSA conference this week, Nils Rodday showed off flaws in a $35,000 drone's radio connection, opening the device to hackers more than a mile away.  According to Wired, Rodday was able to take full control of a government-ready quadcopter using only a laptop and cheap radio chip.

But any hacker who can reverse-engineer the drone's flight software can take control of the device, sending new navigation commands and blocking those from the actual operator. Rodday, an IT security consultant with IBM Germany, conducted his drone research as a graduate student at the University of Twente in the Netherlands and University of Trento in Italy.

The results were published in a final project called "Exploring Security Vulnerabilities of Unmanned Aerial Vehicles." Sworn to secrecy by the drone manufacturer, Rodday did not disclose the specific machine he tested, or who sells it.

But he did reveal two serious security oversights: poorly encrypted Wi-Fi connecting the drone to its user, and an even less-secure radio protocol. The unprotected drone is an easy target for a man-in-the-middle attack conducted by someone who could be more than a mile away, sending commands to reroute or reprogram the flying machine. "If you think as an attacker, someone could do this only for fun, or also to cause harm or to make a mess out of a daily surveillance procedure," Rodday told Wired. "You can send a command to the camera, to turn it to the wrong side so they don't receive the desired information…or you can steal the drone, all the equipment attached to it, and its information." The unidentified manufacturer has been alerted to the security flaws, and intends to fix the problem in its next model, the magazine said. Unfortunately, the same patch cannot be applied to those drones already flying around. What's worse, Rodday's discovery is likely not confined to just one unmanned aerial vehicle; it could extend to commercial quadcopters, as well. In December 2013, hacker and security analyst Samy Kamkar built SkyJack—a Parrot AR UAV equipped with a Raspberry Pi, engineered to autonomously seek out, hack, and wirelessly take over other drones within Wi-Fi distance.

Comcast accused of violating NBC merger commitment and net neutrality rule

Comcast Stream TV.Comcast Consumer advocacy group Public Knowledge has asked regulators to stop Comcast from exempting its own streaming video service from Internet data caps, saying that selective enforcement of caps violates a merger condition from when Comcast purchased NBCUniversal and may violate a net neutrality rule. Public Knowledge filed its petition with the Federal Communications Commission yesterday.
It relates to "Stream TV," a service for Comcast's Internet-only customers that streams live TV channels to computers, tablets, and phones.
Stream TV doesn't require a set-top box, but Comcast says it "is an in-home cable service delivered over Comcast's cable system, not over the Internet." Stream TV offers some video outside the home, but live TV channels can only be watched on Comcast customers' home Internet connections. Public Knowledge points out that when Comcast won government approval to buy NBCUniversal in 2011, the FCC and Department of Justice "prohibited Comcast from excluding its own services from data caps or metering and required it to count traffic from competing online video services the same as its own." Public Knowledge also says the data cap exemption for Stream TV should be stopped by the FCC's net neutrality order; though the net neutrality rules don't specifically ban zero-rating, the FCC imposed a "general conduct" rule to be applied on a case-by-case basis.

That rule is meant to stop practices that limit consumers' access to content or the ability of online service providers to reach consumers. Comcast argues that Stream TV's data cap exemption doesn't violate the merger condition or net neutrality because it is a cable service and not an Internet one. Public Knowledge is trying to convince the FCC that Comcast is wrong. The merger condition's exact phrasing was that Comcast "shall not measure, count, or otherwise treat Defendant’s affiliated network traffic differently from unaffiliated network traffic." "Stream TV is 'network traffic' for the purpose of this [merger] restriction, no different than traffic from video services like Youtube and Netflix," Public Knowledge's petition said. "Customers access Stream TV via their broadband Internet access subscriptions.
It is not available on a standalone basis without a broadband connection, as MVPD [multichannel video programming distributor] services such as cable TV are.
Stream TV data travels over the same path as other broadband data, from Comcast’s network, and through the cable modem in customers’ homes.

Additionally, viewers watch Stream TV on the same devices (such as personal computers and mobile devices) they use to watch other online video services." Public Knowledge further argued that "Comcast appears to believe that it need do nothing more than physically locate the servers which offer a given broadband service on its own property for that service to be categorically immune from various consumer protection policies." Comcast: “Public Knowledge doesn't have the facts straight” Comcast, which has instituted 300GB monthly data caps and overage charges in parts of its territory, won't be backing down.

The company provided Ars a statement, saying that "Public Knowledge doesn’t have the facts straight." "Our Stream TV cable package does not go over the Internet, so it can’t possibly violate a condition which only applies to Internet content... Stream TV is delivered as a cable service on the same private, managed network that delivers all our other cable television services in the home and is subject to all the regulations that apply to our other cable TV services such as franchise fees, PEG requirements, closed-captioning, and emergency alerts.

Those regulations don’t apply to content that goes over the Internet, just another demonstration how different Stream TV is than Internet delivered services." Comcast also said the FCC declined to take any action on a similar complaint Public Knowledge filed a few years ago about Comcast zero-rating an Xbox streaming application. FCC staff will review Public Knowledge's petition and decide how to proceed, but an FCC spokesperson declined to comment on the merits of the petition. The consumer group asked the FCC to require that Comcast either "eliminate its data caps to the extent they discourage the consumption of online video" or count Stream TV against data caps and take any enforcement action necessary to deter future, similar arrangements. The Comcast/NBCUniversal merger conditions had a time limit and expire in 2018.

The net neutrality rules that apply to the whole broadband are permanent (unless they're overturned in court), but it's not clear how strong a stance the FCC is ready to take against zero-rating. The FCC is examining zero-rating implementations from Comcast, AT&T, and T-Mobile, but it hasn't said whether it will put a stop to any of them. The FCC's net neutrality order only vaguely outlines circumstances in which zero-rating or other practices might violate its so-called "general conduct rule." ISP practices that give end users control over how they access the Internet "and empower meaningful consumer choice" are not likely to violate the rule, the order says. Practices that have anti-comeptitive effects or discourage innovation or investment in online services would be more likely to be deemed violations. Public Knowledge argues that these factors should weigh heavily against Comcast. "By employing data caps and selectively zero-rating its own services, Comcast is reducing the likelihood that increased subscriber demand for unaffiliated online services will drive broadband investment," the group wrote. "It is harming innovation in the edge services market, since Stream TV is not competing through the quality of the overall offering or through a novel business model, but through employing billing practices that are not available to unaffiliated services." A Comcast FAQ indicates that Stream TV may soon be available to people without Comcast Internet service. "If you're not an Xfinity Internet customer, we are working hard to make the required equipment available in 2016," Comcast says.

But it would still only be available inside Comcast's cable footprint, because the company wouldn't have programming rights to sell the service elsewhere, a company spokesperson told Ars.

Defining the Security Operations Center of 2020

VIDEO: Samir Kapuria, senior vice president and GM, Symantec Cyber Security Services, gives a preview of his RSA keynote on how security will evolve. SAN FRANCISCO—Among the many topics of discussion at this year's RSA Conference here is how the security business is changing in the face of evolving threats.
In a keynote presentation set for 2:30 p.m. PT today, Mike Brown, president and CEO of Symantec, is delivering a keynote address on the security operations center (SOC) of 2020, along with Samir Kapuria, senior vice president and general manager, Symantec Cyber Security Services.In a sneak peek preview with eWEEK, Kapuria sat down for a video interview to discuss where his company sees security operations headed in the next four years and how Symantec is positioning itself for the shift."The key for the SOC of 2020 is knowing how to maximize the output from a dearth of talent out there," Kapuria said. "Our priority focus is looking at what can be automated, what can be put into big data analytics and what can be predicted so our people resources will be focused on interpreting, rather than collecting."Watch the full video with Samir Kapuria below: Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.

Follow him on Twitter @TechJournalist.

Cisco issues critical patch for Nexus switches to remove hardcoded credentials

Cisco Systems has released software updates for its Nexus 3000 and 3500 switches in order to remove a default administrative account with static credentials that could allow remote attackers to compromise devices. The account is created at installation...

Serial rapist jailed for life after targeting victims through Match.com

A man has been jailed for life after being convicted of raping, and assaulting divorced or widowed women he met on dating website Match.com. Jason Lawrance, 50, of Liphook, Hampshire. Derbyshire police Jason Lawrance, 50, of Arundel Close, Liphook, Hampshire was described by detective chief inspector Allison Rigby—who led the police investigation—as "a prolific, serial rapist who preyed on women he had contacted through Match.com." On Wednesday, Lawrance was found guilty of five counts of rape, one of attempted rape, and one count of sexual assault by a jury at Derby Crown Court, following a two-week long trial. DCI Rigby said that Lawrance had contacted his victims online but "would quickly move the conversation outside [the] Match.com system." He went on to rape, try to rape, or sexually assault the women. However, he later claimed, when quizzed by police, that the women had consented to having sex with him. "They absolutely did not," said DCI Rigby.

During the inquiry, Lawrance's activity on Match.com—which he had been a member of from 2009 to 2014—was sifted through by police.

The probe led the officers to "several further victims,"  the Derbyshire constabulary said. Match.com worked closely with the police force throughout the investigation, to help track down Lawrance's victims across the country. Senior Crown prosecutor Sue Matthews, of the CPS East Midlands rape and serious sexual offences team, said: Jason Lawrance is a dangerous sexual predator. He has gone from victim to victim, targeting them through online dating sites. Nobody should feel that meeting people through a dating site means that they are consenting to any sexual activity.
If a person does not consent to sexual activity and the perpetrator does not reasonably believe they are consenting, that is an offence, regardless of how the victim meets the perpetrator, or how well they know each other. The victims in this case have shown real courage in telling the court about their ordeal.
It is their evidence that has made Lawrance face the consequences of his actions.
I would like to thank them all for coming forward and giving evidence. Lawrance, who raped his first victim in 2011, had convinced the women to give him their personal details by claiming that he was unable to upload a photo of himself on to his Match.com profile. He then took the conversation away from the dating site, before arranging to meet his victims. A Match.com spokesperson told the BBC that the company had the "most heartfelt concern" for the victims, and added that "the safety of our members is our highest priority." Lawrance was handed a life sentence on Thursday lunchtime at Derby Crown Court.

The 50-year-old will serve a minimum sentence of 12-and-a-half years. This story was updated after publication with news of Jason Lawrance's sentence. This post originated on Ars Technica UK

cPacket Networks Integrates Advanced Analytics into Distributed Monitoring Fabric to Address...

Company’s Monitoring Solutions are the First to Provide Advanced Features Such as Gap Detection in Real-Time across the Entire Network EnvironmentMOUNTAIN VIEW, CA – March 3, 2016 – cPacket Networks, a leading provider of next-generation network monitoring solutions, today announced the cVu 3240NG, which delivers 32 ports of 40G line-rate performance analytics and complete packet inspection.

This is the most powerful Network Performance Monitoring and Diagnostic (NPMD) solution on the market to deliver real-time analysis at 40G line rate per port.

The cVu appliances are the basis of cPacket’s Intelligent Monitoring Fabric, which combines network visibility with packet-level troubleshooting details on-demand.

This allows customers to proactively monitor their network for problems such as traffic spikes, bottlenecks, losses, application misbehavior, and other anomalies – before end-users are negatively impacted.

The integrated solution delivers comprehensive situational awareness, as well as unified access to real-time search across the entire network, and detailed packet-based forensic investigation, for unmatched operational intelligence. cPacket also announced today that it has added gap detection as a feature to its Intelligent Monitoring Fabric.

For example, when targeted at financial services, gap detection identifies missing packets at critical market feeds for equity pricing.

These gaps correlate with missing data that prevents investors from making profitable trading decisions. Historically, detecting such problems was after-the-fact (vs. real-time) and required expensive specialized tools. cPacket’s integrated gap-detection feature identifies the telltale signs of imminent issues in real-time, and eliminates the expensive troubleshooting process after-the-fact.

The integrated visibility allows system administrators to identify exactly where a gap occurred, and provides immediate access to “evidence” based on automatic capture of the specific packets before and after the event. “Even though the migration to 40G started a few years ago, network engineers responsible for delivering high quality of user-experience are still at the early stages of leveraging high-fidelity real-time intelligence," said Kyle Rosenthal, CEO of TachTech, a leading global IT Solutions provider. “The legacy centralized architecture for network visibility ends up being costly and unsuccessful in complex high-speed environments -- they simply don't scale architecturally and are not cost-effective. Often, after feeling the pain with the legacy approach, customers find themselves looking for a better solution.” Distributed Network Intelligence is Key to Real-Time Problem IdentificationAs organizations move to pervasive 40G in both the core and along the network edge, the ability to reliably monitor every link at full line rate becomes a challenge that centralized monitoring architectures cannot handle.

Built around legacy bottleneck-by-design architecture for after-the-fact analysis (including first-generation performance monitoring, packet aggregation and log management solutions), these tools lack real-time capabilities and rely on metrics that are not correlated with the actual application’s behavior. cPacket’s Intelligent Monitoring Fabric and the cVu 3240NG address the emerging challenges for better operational intelligence, with distributed, real-time diagnostics that proactively mitigate network issues that can cause downtime, revenue loss, and poor end-user experience. cPacket’s Next Generation Monitoring Architecture outperforms centralized legacy approaches by performing intelligent distributed analytics “close to the wire,” thus eliminating the bottlenecks of legacy architectures. “Legacy network performance monitoring providers are struggling with an inherent issue: as the market is shifting to higher-speed networks, such as 40G, the historical approach for performance monitoring, capacity planning, and troubleshooting in those high-speed networks does not scale,” said Rony Kay, founder, President and CTO of cPacket Networks. “The increasing gap between the growing challenges, and the capabilities of legacy centralized solutions, makes our Distributed Intelligence increasingly relevant. We are leading the charge for distributed, real-time monitoring.” cPacket’s Intelligent Monitoring Fabric allows enterprises and service providers to troubleshoot network problems over 80 percent faster than traditional legacy tools.

This next-generation architecture is made possible by cPacket’s patented Algorithmic Fabric Chip, which performs distributed analysis directly at the wire.

Additionally, cPacket’s cSTOR Forensic Storage arrays archive packet traffic to allow administrators to retrieve data and conduct forensic investigations.

The SPIFEE dashboard is the portal to multiple distributed cVu and cStor appliances, and allows visualization, correlation, and drill-down. AvailabilityThe cVu 3240NG is available beginning March 15 from cPacket Networks.

A 24-port version, the cVu 2440NG, is also available.

For more details please visit us at www.cpacket.com. About cPacket NetworkscPacket Networks offers large-scale network operators and service providers a unique Distributed Monitoring Architecture that delivers higher operational efficiency and integrated intelligence than their legacy performance monitoring solutions.

The distributed intelligence allows operators to proactively identify problems before they negatively impact end-users and can reduce troubleshooting time to resolution by over 80 percent.
Improving operational efficiency and being proactive enables customers to achieve OPEX and CAPEX savings.

Based in Silicon Valley, CA, cPacket’s solutions are deployed in some of the world’s largest networks.

To learn more about cPacket Networks and its products, please visit www.cpacket.com or follow on Twitter @cPacketNetwork. ### cPacket, cPacket Networks, cVu, cStor, SPIFEE, Distributed Monitoring Architecture, and Integrated Monitoring Fabric are trademarks or registered trademarks of cPacket Networks. Press Contacts:Alan Wanders / Nick RingrowSpreckleyT: 020 7388 9988E: annodata@spreckley.co.uk