Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Windermere Wades Into Network Security

Surveillance and monitoring specialist gets ready to enter the network security market

Security specialist The Windermere Group, which up to now has developed surveillance products for government agencies, is extending its focus to internal networks.

"The product that we're building allows for secure Web browsing between domains," explains Tom Ruoff, director of Windermere's systems division, adding that this will link networks with different security levels and protect the data being transferred among them.

The government defense sector alone, for example, relies on a number of different networks, such as the top-secret Joint Worldwide Intelligence Communications System (JWICS), the Secret Internet Protocol Router Network (SIPRNet), and the Non-Classified Internet Protocol Router Network (NIPRNet), all of which have their own security standards.

At the heart of Windermere's effort, backed by government funding, is a device Ruoff describes as a "guard." This, he adds, has been in development for two years and will carefully monitor traffic between different networks.

Specifically, the guard consists of software developed by Windermere running on a Sun Microsystems V40 server. This, in turn, links up with Microsoft's Terminal Server and Citrix's ICA technology.

According to Ruoff, the guard will be more secure than using a firewall. "With a firewall, you can undermine the operating system," he explains, adding that the guard instead uses a hardened version of the Linux operating system called Security Enhanced (SE) Linux.

Bob Egan, director of emerging technologies at analyst firm TowerGroup, tells Byte and Switch that, increasingly, users are turning more and more to products that serve as a secure bridge between networks. "Setting up systems with devices that have built-in security and monitor data in motion are becoming increasingly more prevalent," he says. "9/11 really changed the game, and people began to realize that security is a distributed problem."

Egan agrees that firewalls can be compromised. "Simple browser technology requires so many ports to be open on the firewall that you're shooting holes in your firewall with a 10-gauge shotgun." But the analyst warns that a hardened version of Linux is hardly a silver bullet. "Linux feels more secure today because it's a smaller target" than Windows.

But Windermere, nonetheless, appears to be getting some traction for its new devices. Ruoff tells Byte and Switch that the technology has already been tested within the U.S. government, and he expects to see the guards fully deployed within a couple of defense agencies early next year.

Commercial deployments could also be on the agenda. "If Pfizer or Merck were concerned about information leakage from their research department out to the Internet, then these are the kinds of devices that would reduce that risk," says Ruoff.

The Annapolis, Md.-based vendor, however, is not the only firm tackling the network security problem, and a number of suppliers, including Getronics, already have offerings in this space. But, Ruoff says that, rather than focusing on specific network protocols, the guard will look for changes in individual service activity, such as email.

Egan believes that this is a sensible strategy. "Focusing on a more services-based approach fits in with my notion that security is a distributed problem," he asserts. "If somebody gets into your email system, the email system is down."

U.S. organizations have been dogged by a string of security snafus over the last couple of years, with the Veterans' Administration recently hitting the headlines over a stolen laptop. (See VA Reports Massive Data Theft.) Although the laptop reappeared last week, the episode underlined the importance of implementing robust security policies and technology. (See Breaches Stress Need to Improve, IT Managers Walk Tape Tightrope, Financial Security: Priceless, Don't Be a Data Privacy Dunce, and CardSystems Responds to Security Incident.)

Pricing for Windermere's network security offering, which will be on the market in early 2007, is expected to be in the region of $250,000 for around 200 concurrent users.

— James Rogers, Senior Editor, Byte and Switch. Special to Dark Reading.

  • Citrix Systems Inc. (Nasdaq: CTXS)
  • CA Inc. (NYSE: CA)
  • Getronics NV
  • Microsoft Corp. (Nasdaq: MSFT)
  • Sun Microsystems Inc. (Nasdaq: SUNW)

     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/6/2020
    Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
    Stephen Ward, VP, ThreatConnect,  7/1/2020
    Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
    Derek Manky, Chief of Security Insights and Global Threat Alliances, FortiGuard Labs,  7/2/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-15600
    PUBLISHED: 2020-07-07
    An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
    CVE-2020-15599
    PUBLISHED: 2020-07-07
    Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
    CVE-2020-8916
    PUBLISHED: 2020-07-07
    A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We recommend updating, or to res...
    CVE-2020-12821
    PUBLISHED: 2020-07-07
    Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.
    CVE-2020-15008
    PUBLISHED: 2020-07-07
    A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation. As the code creates dynamic SQL for the insert statement and utilizes the user su...