Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Windermere Wades Into Network Security

Surveillance and monitoring specialist gets ready to enter the network security market

Security specialist The Windermere Group, which up to now has developed surveillance products for government agencies, is extending its focus to internal networks.

"The product that we're building allows for secure Web browsing between domains," explains Tom Ruoff, director of Windermere's systems division, adding that this will link networks with different security levels and protect the data being transferred among them.

The government defense sector alone, for example, relies on a number of different networks, such as the top-secret Joint Worldwide Intelligence Communications System (JWICS), the Secret Internet Protocol Router Network (SIPRNet), and the Non-Classified Internet Protocol Router Network (NIPRNet), all of which have their own security standards.

At the heart of Windermere's effort, backed by government funding, is a device Ruoff describes as a "guard." This, he adds, has been in development for two years and will carefully monitor traffic between different networks.

Specifically, the guard consists of software developed by Windermere running on a Sun Microsystems V40 server. This, in turn, links up with Microsoft's Terminal Server and Citrix's ICA technology.

According to Ruoff, the guard will be more secure than using a firewall. "With a firewall, you can undermine the operating system," he explains, adding that the guard instead uses a hardened version of the Linux operating system called Security Enhanced (SE) Linux.

Bob Egan, director of emerging technologies at analyst firm TowerGroup, tells Byte and Switch that, increasingly, users are turning more and more to products that serve as a secure bridge between networks. "Setting up systems with devices that have built-in security and monitor data in motion are becoming increasingly more prevalent," he says. "9/11 really changed the game, and people began to realize that security is a distributed problem."

Egan agrees that firewalls can be compromised. "Simple browser technology requires so many ports to be open on the firewall that you're shooting holes in your firewall with a 10-gauge shotgun." But the analyst warns that a hardened version of Linux is hardly a silver bullet. "Linux feels more secure today because it's a smaller target" than Windows.

But Windermere, nonetheless, appears to be getting some traction for its new devices. Ruoff tells Byte and Switch that the technology has already been tested within the U.S. government, and he expects to see the guards fully deployed within a couple of defense agencies early next year.

Commercial deployments could also be on the agenda. "If Pfizer or Merck were concerned about information leakage from their research department out to the Internet, then these are the kinds of devices that would reduce that risk," says Ruoff.

The Annapolis, Md.-based vendor, however, is not the only firm tackling the network security problem, and a number of suppliers, including Getronics, already have offerings in this space. But, Ruoff says that, rather than focusing on specific network protocols, the guard will look for changes in individual service activity, such as email.

Egan believes that this is a sensible strategy. "Focusing on a more services-based approach fits in with my notion that security is a distributed problem," he asserts. "If somebody gets into your email system, the email system is down."

U.S. organizations have been dogged by a string of security snafus over the last couple of years, with the Veterans' Administration recently hitting the headlines over a stolen laptop. (See VA Reports Massive Data Theft.) Although the laptop reappeared last week, the episode underlined the importance of implementing robust security policies and technology. (See Breaches Stress Need to Improve, IT Managers Walk Tape Tightrope, Financial Security: Priceless, Don't Be a Data Privacy Dunce, and CardSystems Responds to Security Incident.)

Pricing for Windermere's network security offering, which will be on the market in early 2007, is expected to be in the region of $250,000 for around 200 concurrent users.

— James Rogers, Senior Editor, Byte and Switch. Special to Dark Reading.

  • Citrix Systems Inc. (Nasdaq: CTXS)
  • CA Inc. (NYSE: CA)
  • Getronics NV
  • Microsoft Corp. (Nasdaq: MSFT)
  • Sun Microsystems Inc. (Nasdaq: SUNW)

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Oldest First  |  Newest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 10/23/2020
    7 Tips for Choosing Security Metrics That Matter
    Ericka Chickowski, Contributing Writer,  10/19/2020
    Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
    Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    How IT Security Organizations are Attacking the Cybersecurity Problem
    How IT Security Organizations are Attacking the Cybersecurity Problem
    The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-24847
    PUBLISHED: 2020-10-23
    A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticat...
    CVE-2020-24848
    PUBLISHED: 2020-10-23
    FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.
    CVE-2020-5990
    PUBLISHED: 2020-10-23
    NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
    CVE-2020-25483
    PUBLISHED: 2020-10-23
    An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
    CVE-2020-5977
    PUBLISHED: 2020-10-23
    NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.