Stonesoft Corporation

Last updated
Stonesoft Corporation
Type Division
Industry Network Security
Founded Helsinki, Finland (1990 (1990)) [1]
FounderIlkka Hiidenheimo
Hannu Turunen
FateAcquired by McAfee (2013)
Headquarters
Helsinki
,
Finland
Area served
 Worldwide
Key people
Ilkka Hiidenheimo
(Chairman & CEO)
Juha Kivikoski
(COO)
Mikael Nyberg
(CFO) [2]
Jarno Limnéll
(Cyber Security Director [1] )
Products Network security
Firewall
IPS
VPN
Security appliances
Virtual appliances
Number of employees
222 (Dec 2011) [3]
Parent Forcepoint
Website stonesoft.com

Stonesoft Corporation was a public company that developed and sold network security solutions based in Helsinki, Finland. It was publicly owned until 2013 when it was acquired by Intel's subsidiary McAfee. [4]

Contents

Stonesoft does business globally, with a regional headquarters in Atlanta, Georgia, United States, and sales offices throughout Europe, the Middle East, and China.

In July, 2013 McAfee, a part of Intel Security, completed a tender offer to acquire all Stonesoft products and technologies. Stonesoft became a part of the McAfee Network Security Business Unit. Stonesoft firewall products were renamed McAfee Next Generation Firewall. McAfee sold Stonesoft to Forcepoint in January 2016. [5]

History

Founded in 1990, [1] Stonesoft started as a systems integrator in the Nordic regions of Europe. In 1994 it introduced StoneBeat, a technology for creating a high availability pair of firewalls in an active-passive configuration. In 1999, the company extended StoneBeat with a patented load balancing clustering technology, [6] launching StoneBeat FullCluster. It was one of the first technologies certified in Check Point's OPSEC program. [7]

In 2001, Stonesoft expanded its product set into the firewall/VPN space, becoming a direct competitor to Check Point. The StoneGate Firewall/VPN was launched on March 19, 2001. In January 2003, the company introduced the first virtual firewall/VPN solution, for IBM mainframes. [8]

In 2010, the company released information via CERT-FI [9] on Advanced Evasion technique (AETs) that met with skepticism in the community. Further AETs were released in 2011, and eventually verified by independent labs and researchers. [10] [11] [12]

In 2012 “Stonesoft” replaced the “StoneGate” product name. From now on, Stonesoft is used both as the company and product name. [13]

Stonesoft Corporation's product sales for Q3 2012 were circa 5.6 million euros. The product sales grew by approximately 18%. The Q3 net sales were approximately 9.2–9.3 million euros, which equals a growth by14-16%. The growth was lower than expected. [14]

Products

Its product portfolio includes firewall/VPN devices, IPS (intrusion detection and prevention systems), and SSL VPN systems, [15] each available as hardware appliances, software, and VMware-certified virtual appliances. [16]

Each of the components, as well as third-party devices, can be managed from the Stonesoft Management Center. [17] The product portfolio differentiates through unique clustering and load balancing technologies based on the company's older StoneBeat technology, originally developed for Check Point FireWall-1.

Stonesoft's current product portfolio can be divided into five major categories: [15]

The Stonesoft Firewall/VPN has placed in Gartner's Magic Quadrant for Enterprise Network Firewalls for several years, and is currently placed in the niche quadrant. [18] Gartner notes that Stonesoft "serves a set of placements well – usually, high availability is key or when the leaders are otherwise not welcome". [18] The Stonesoft firewall/VPN is regarded for its "robust performance and feature set relative to company resources, and it has a loyal customer base". [18]

The Stonesoft IPS has also placed in Gartner's Magic Quadrant for Network Intrusion Prevention, currently in the “visionaries” quadrant. [19] It is also certified by ICSA Labs Network Intrusion Prevention and Detection category, and is one of only four vendors in the consortium to achieve that certification. [20] Stonesoft has also received favorable reviews from NSS Labs for both the next generation firewall capability (2012) and the intrusion detection and prevention system. [21] [22]

Controversy

In 2008, the Helsinki Court of Appeal issued a decision in a case brought against Stonesoft and several members of its management team. The court "held that two members of the company's board of directors and a former CEO through gross negligence had failed to give a profit warning in due time". [23] The issue at hand was discrepancies between the profitability forecasted in the company's year 2000 interim reports and the actual state of the company at that time. The reports indicated the company was sound and profitable, yet "a profit warning should in fact have been issued". [23] The District Court of Helsinki had originally dismissed the claims in a decision on November 15, 2006. [24]

Advanced Evasion Techniques

In 2010 Stonesoft informed the public about a new evasion technique that can bypass security defences. Stonesoft defines the Advanced Evasion Techniques (AETs) as ”virtually limitless in quantity and unrecognizable by conventional detection methods. They can work on all levels of the TCP/IP stack and work across many protocols or protocol combinations.” [12]

According to Max Nyman, Stonesoft Corporation's Senior Marketing Manager, AETs can deliver malicious code without detection and without leaving trace. [25]

On July 23, 2012 Stonesoft released a free tool that enables organisations to test their network security. [26]

Related Research Articles

An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms.

<span class="mw-page-title-main">McAfee</span> American global computer security software company

McAfee Corp., formerly known as McAfee Associates, Inc. from 1987 to 1997 and 2004 to 2014, Network Associates Inc. from 1997 to 2004, and Intel Security Group from 2014 to 2017, is an American global computer security software company headquartered in San Jose, California.

Cisco PIX was a popular IP firewall and network address translation (NAT) appliance. It was one of the first products in this market segment.

Fortinet is a cybersecurity company with headquarters in Sunnyvale, California. The company develops and sells security solutions like firewalls, endpoint security and intrusion detection systems. Fortinet has offices located all over the world.

Trusted Information Systems (TIS) was a computer security research and development company during the 1980s and 1990s, performing computer and communications (information) security research for organizations such as NSA, DARPA, ARL, AFRL, SPAWAR, and others.

<span class="mw-page-title-main">Ivanti</span> American IT software company

Ivanti is an IT software company headquartered in South Jordan, Utah, United States. It produces software for IT Security, IT Service Management, IT Asset Management, Unified Endpoint Management, Identity Management and supply chain management. It was formed in January 2017 with the merger of LANDESK and HEAT Software, and later acquired Cherwell Software.

Check Point Integrity is an endpoint security software product developed by Check Point Software Technologies. It is designed to protect personal computers and the networks they connect to from computer worms, Trojan horses, spyware, and intrusion attempts by hackers. The software aims to stop new PC threats and attacks before signature updates have been installed on the PC. The software includes.

Data loss prevention (DLP) software detects potential data breaches/data exfiltration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use, in motion, and at rest.

Secure Computing Corporation (SCC) was a public company that developed and sold computer security appliances and hosted services to protect users and data. McAfee acquired the company in 2008.

<span class="mw-page-title-main">Sourcefire</span> American computer security company

Sourcefire, Inc was a technology company that developed network security hardware and software. The company's Firepower network security appliances were based on Snort, an open-source intrusion detection system (IDS). Sourcefire was acquired by Cisco for $2.7 billion in July 2013.

<span class="mw-page-title-main">TriGeo Network Security</span>

TriGeo Network Security is a United States–based provider of security information and event management (SIEM) technology. The company helps midmarket organizations proactively, protects networks and data from internal and external threats, with a SIEM appliance that provides real-time log management and automated network defense - from the perimeter to the endpoint.

<span class="mw-page-title-main">Comodo Internet Security</span>

Comodo Internet Security (CIS) is developed and distributed by Comodo Group, a freemium Internet security suite that includes an antivirus program, personal firewall, sandbox, host-based intrusion prevention system (HIPS) and website filtering.

<span class="mw-page-title-main">NetScreen Technologies</span> American technology company that was acquired by Juniper Networks

NetScreen Technologies was an American technology company that was acquired by Juniper Networks for US$4 billion stock for stock in 2004.

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

In network security, evasion is bypassing an information security defense in order to deliver an exploit, attack, or other form of malware to a target network or system, without detection. Evasions are typically used to counter network-based intrusion detection and prevention systems but can also be used to by-pass firewalls and defeat malware analysis. A further target of evasions can be to crash a network security defense, rendering it in-effective to subsequent targeted attacks.

In computer networking, Cisco ASA 5500 Series Adaptive Security Appliances, or simply Cisco ASA, is Cisco's line of network security devices introduced in May 2005. It succeeded three existing lines of popular Cisco products:

<span class="mw-page-title-main">Palo Alto Networks</span> American technology company

Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference. It is a partner organization of the World Economic Forum.

The following outline is provided as an overview of and topical guide to computer security:

Forcepoint is an American multinational corporation software company headquartered in Austin, Texas, that develops computer security software and data protection, cloud access security broker, firewall and cross-domain solutions.

Unified threat management (UTM) is an approach to information security where a single hardware or software installation provides multiple security functions. This contrasts with the traditional method of having point solutions for each security function. UTM simplifies information-security management by providing a single management and reporting point for the security administrator rather than managing multiple products from different vendors. UTM appliances have been gaining popularity since 2009, partly because the all-in-one approach simplifies installation, configuration and maintenance. Such a setup saves time, money and people when compared to the management of multiple security systems. Instead of having several single-function appliances, all needing individual familiarity, attention and support, network administrators can centrally administer their security defenses from one computer. Some of the prominent UTM brands are Cisco, Fortinet, Sophos, Netgear, Huawei, Wi-Jungle, SonicWall and Check Point. UTMs are now typically called next-generation firewalls.

References

  1. 1 2 3 Reuters Editorial (24 May 2012). "Stonesoft appoints Jarno Limnéll as Director, Cyber Security". Reuters.com. Archived from the original on 27 May 2012. Retrieved 29 January 2018.{{cite web}}: |author= has generic name (help)
  2. "McAfee Next Generation Firewall and McAfee Firewall Enterprise - Intel Security". Stonesoft.com. Retrieved 29 January 2018.
  3. "Annual Report 2011" (PDF). Stonesoft.com. Archived from the original on 25 April 2012. Retrieved 29 January 2018.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  4. "Press Releases". Stonesoft.com. Retrieved 29 January 2018.
  5. "Acquisition of Stonesoft (McAfee Next Generation Firewall) and Sidewinder (McAfee Firewall Enterprise) - Forcepoint". blogs.forcepoint.com. Retrieved 29 January 2018.
  6. "United States Patent: 6856621 - Method of transmission of data in cluster environment". Patft.uspto.gov. Retrieved 29 January 2018.
  7. "Technology Partners". Check Point Software. Archived from the original on 4 March 2012. Retrieved 29 January 2018.
  8. "Error". 3 April 2011. Archived from the original on 3 April 2011. Retrieved 29 January 2018.
  9. Viestintävirasto. "Viestintävirasto -". www.cert.fi. Retrieved 29 January 2018.
  10. "The BIG Question". Isaca.org. Archived from the original on 29 January 2018. Retrieved 29 January 2018.
  11. "Maybe the initial discoveries were just the tip of an iceberg". Icsalabs.com. Archived from the original on 29 January 2018. Retrieved 29 January 2018.
  12. 1 2 "Should you panic? An Advanced Evasion Techniques overview". Thetechherald.com. 17 February 2015. Archived from the original on 29 January 2018. Retrieved 29 January 2018.
  13. "Taloussanomat". Ilta-Sanomat (in Finnish). 2023-05-17. Retrieved 2023-05-17.
  14. "Press Releases". Stonesoft.com. Retrieved 29 January 2018.
  15. 1 2 "McAfee Next Generation Firewall and McAfee Firewall Enterprise - Intel Security". Stonesoft.com. Retrieved 29 January 2018.
  16. "Virtual Appliances - Solution Exchange". Vmware.com. Retrieved 29 January 2018.
  17. "McAfee Next Generation Firewall and McAfee Firewall Enterprise - Intel Security". Stonesoft.com. Retrieved 29 January 2018.
  18. 1 2 3 "Value Added Distributor of IT Security Solutions - Exclusive Networks" (PDF). Exclusive Networks UK.
  19. "Press Releases". Stonesoft.com. Retrieved 29 January 2018.
  20. "ICSA Labs". Icsalabs.com. Archived from the original on 29 January 2018. Retrieved 29 January 2018.
  21. "Next Generation Firewall Reviews & Comparisons - Learn More!". 18 June 2012. Archived from the original on 18 June 2012. Retrieved 29 January 2018.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  22. "Network Intrusion Prevention System Comparisons & Reviews - Learn More!". 20 June 2012. Archived from the original on 20 June 2012. Retrieved 29 January 2018.
  23. 1 2 "Archived copy" (PDF). www.dittmar.fi. Archived from the original (PDF) on 20 July 2011. Retrieved 15 January 2022.{{cite web}}: CS1 maint: archived copy as title (link)
  24. "THE DECISION OF THE HELSINKI COURT OF APPEAL CONCERNING ALLEGED DELAY OF STONESOFT'S PROFIT WARNING IN FEBRUARY 2001". EuroInvestor.
  25. Eduard Kovacs (14 June 2012). "Softpedia Exclusive Interview: Max Nyman on Advanced Evasion Techniques". Softpedia.com.
  26. "Stonesoft Pen Testing Tool Uses Advanced Evasion Techniques, Firm Says". Securityweek.Com. 23 July 2012. Retrieved 29 January 2018.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.