A fresh approach to network protection
Contributed by Joe Krull, CPP, VP, Security, Vsecure Technologies (US) ([email protected]).
Contributed articles do not necessarily reflect the viewpoint of the ÆGIS e-Journal. Hackers, Crackers, Nimda, Code Red, Denial of Service, “MafiaBoy”, BadTrans, Back Orifice: Words and catchy names from the world of IT that have been known to strike fear into those that are responsible for the smooth operation and availability of data networks.
Until now, defense of networks was primarily through installation of firewalls, intrusion detection systems, virus scanners and, of course, strong rules and procedures. Although these established and proven methods have been essential to keep networks secure for quite some time, in reality, enterprises are still getting shut down by malicious acts. A new company – Vsecure Technologies (US) Inc. – believes that current network products have inherent limitations that allow hackers and crackers to continue to exploit these limitations. For example, firewalls can be difficult to properly configure, and require constant updating by skilled personnel. Intrusion detection systems generally detect malicious activities and report incursions, but their integration with firewalls and routers makes defeat of an attack in real time extremely problematic.
Vsecure Technologies has taken a different approach. They have developed a transparent network appliance that can be easily installed outside of the firewall to investigate and block suspicious activities before they can become full blown attacks. Unlike other products, the NetProtect Enterprise does not relay on a predefined database. Using sophisticated algorithms and “fuzzy logic,” their NetProtect Enterprise Appliance (roughly the size of a VCR, and powered by embedded Motorola RISC processors) can detect and block network and application scanning attempts (a normal precursor to hacking attacks), defend against misuse of authorizations (such as password cracking attempts), mitigate denial of service attacks, and stop worm distribution methods. Vsecure has focused on easy installation and automatic updating, and a key feature of NetProtect Enterprise is that it is a proactive defense mechanism that does not require human intervention to stop an attack. This is a big plus in organizations short on expertise. However, the information produced by the device will provide valuable information where there is active monitoring and a higher level of sophistication
Early deployments in Israel were extremely successful. As a technology showcase, Vsecure was selected to provide protection for the web portal of the Israeli Olympic games (“Maccabiah”), a prime target of cyber attacks. The appliance allowed more than 2.5 million legitimate users to access streaming video, up to the minute statistics and in depth reporting on the games. It also blocked more than 20,000 attack attempts from more than 1,500 sources!
V-secure is currently looking to introduce their NetProtect Enterprise to selected North American enterprises on an evaluation basis. If you are interested in looking at this new technology for evaluation purposes on your network, please contact Vsecure Technologies by sending an e-mail to [email protected]