Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Windermere Wades Into Network Security

Surveillance and monitoring specialist gets ready to enter the network security market

Security specialist The Windermere Group, which up to now has developed surveillance products for government agencies, is extending its focus to internal networks.

"The product that we're building allows for secure Web browsing between domains," explains Tom Ruoff, director of Windermere's systems division, adding that this will link networks with different security levels and protect the data being transferred among them.

The government defense sector alone, for example, relies on a number of different networks, such as the top-secret Joint Worldwide Intelligence Communications System (JWICS), the Secret Internet Protocol Router Network (SIPRNet), and the Non-Classified Internet Protocol Router Network (NIPRNet), all of which have their own security standards.

At the heart of Windermere's effort, backed by government funding, is a device Ruoff describes as a "guard." This, he adds, has been in development for two years and will carefully monitor traffic between different networks.

Specifically, the guard consists of software developed by Windermere running on a Sun Microsystems V40 server. This, in turn, links up with Microsoft's Terminal Server and Citrix's ICA technology.

According to Ruoff, the guard will be more secure than using a firewall. "With a firewall, you can undermine the operating system," he explains, adding that the guard instead uses a hardened version of the Linux operating system called Security Enhanced (SE) Linux.

Bob Egan, director of emerging technologies at analyst firm TowerGroup, tells Byte and Switch that, increasingly, users are turning more and more to products that serve as a secure bridge between networks. "Setting up systems with devices that have built-in security and monitor data in motion are becoming increasingly more prevalent," he says. "9/11 really changed the game, and people began to realize that security is a distributed problem."

Egan agrees that firewalls can be compromised. "Simple browser technology requires so many ports to be open on the firewall that you're shooting holes in your firewall with a 10-gauge shotgun." But the analyst warns that a hardened version of Linux is hardly a silver bullet. "Linux feels more secure today because it's a smaller target" than Windows.

But Windermere, nonetheless, appears to be getting some traction for its new devices. Ruoff tells Byte and Switch that the technology has already been tested within the U.S. government, and he expects to see the guards fully deployed within a couple of defense agencies early next year.

Commercial deployments could also be on the agenda. "If Pfizer or Merck were concerned about information leakage from their research department out to the Internet, then these are the kinds of devices that would reduce that risk," says Ruoff.

The Annapolis, Md.-based vendor, however, is not the only firm tackling the network security problem, and a number of suppliers, including Getronics, already have offerings in this space. But, Ruoff says that, rather than focusing on specific network protocols, the guard will look for changes in individual service activity, such as email.

Egan believes that this is a sensible strategy. "Focusing on a more services-based approach fits in with my notion that security is a distributed problem," he asserts. "If somebody gets into your email system, the email system is down."

U.S. organizations have been dogged by a string of security snafus over the last couple of years, with the Veterans' Administration recently hitting the headlines over a stolen laptop. (See VA Reports Massive Data Theft.) Although the laptop reappeared last week, the episode underlined the importance of implementing robust security policies and technology. (See Breaches Stress Need to Improve, IT Managers Walk Tape Tightrope, Financial Security: Priceless, Don't Be a Data Privacy Dunce, and CardSystems Responds to Security Incident.)

Pricing for Windermere's network security offering, which will be on the market in early 2007, is expected to be in the region of $250,000 for around 200 concurrent users.

— James Rogers, Senior Editor, Byte and Switch. Special to Dark Reading.

  • Citrix Systems Inc. (Nasdaq: CTXS)
  • CA Inc. (NYSE: CA)
  • Getronics NV
  • Microsoft Corp. (Nasdaq: MSFT)
  • Sun Microsystems Inc. (Nasdaq: SUNW)

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Overcoming the Challenge of Shorter Certificate Lifespans
    Mike Cooper, Founder & CEO of Revocent,  10/15/2020
    US Counterintelligence Director & Fmr. Europol Leader Talk Election Security
    Kelly Sheridan, Staff Editor, Dark Reading,  10/16/2020
    7 Tips for Choosing Security Metrics That Matter
    Ericka Chickowski, Contributing Writer,  10/19/2020
    Register for Dark Reading Newsletters
    White Papers
    Current Issue
    Special Report: Computing's New Normal
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    How IT Security Organizations are Attacking the Cybersecurity Problem
    How IT Security Organizations are Attacking the Cybersecurity Problem
    The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2020-10-20
    The Transaction Insight reporting component of TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System, TIBCO Foresight Archive and Retrieval System Healthcare Edition, TIBCO Foresight Operational Monitor, TIBCO Foresight Operational Monitor Healthcare Edition, TIBCO Foresight Transaction...
    PUBLISHED: 2020-10-20
    The Boxstarter installer before version 2.13.0 configures C:\ProgramData\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged users. To exploit the vulnerability, place a DLL in this directory that a privileged service is looking ...
    PUBLISHED: 2020-10-20
    In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory.
    PUBLISHED: 2020-10-20
    DomainMOD before 4.14.0 uses MD5 without a salt for password storage.
    PUBLISHED: 2020-10-20
    Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed (ID 4771) event on a ...