Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Windermere Wades Into Network Security

Surveillance and monitoring specialist gets ready to enter the network security market

Security specialist The Windermere Group, which up to now has developed surveillance products for government agencies, is extending its focus to internal networks.

"The product that we're building allows for secure Web browsing between domains," explains Tom Ruoff, director of Windermere's systems division, adding that this will link networks with different security levels and protect the data being transferred among them.

The government defense sector alone, for example, relies on a number of different networks, such as the top-secret Joint Worldwide Intelligence Communications System (JWICS), the Secret Internet Protocol Router Network (SIPRNet), and the Non-Classified Internet Protocol Router Network (NIPRNet), all of which have their own security standards.

At the heart of Windermere's effort, backed by government funding, is a device Ruoff describes as a "guard." This, he adds, has been in development for two years and will carefully monitor traffic between different networks.

Specifically, the guard consists of software developed by Windermere running on a Sun Microsystems V40 server. This, in turn, links up with Microsoft's Terminal Server and Citrix's ICA technology.

According to Ruoff, the guard will be more secure than using a firewall. "With a firewall, you can undermine the operating system," he explains, adding that the guard instead uses a hardened version of the Linux operating system called Security Enhanced (SE) Linux.

Bob Egan, director of emerging technologies at analyst firm TowerGroup, tells Byte and Switch that, increasingly, users are turning more and more to products that serve as a secure bridge between networks. "Setting up systems with devices that have built-in security and monitor data in motion are becoming increasingly more prevalent," he says. "9/11 really changed the game, and people began to realize that security is a distributed problem."

Egan agrees that firewalls can be compromised. "Simple browser technology requires so many ports to be open on the firewall that you're shooting holes in your firewall with a 10-gauge shotgun." But the analyst warns that a hardened version of Linux is hardly a silver bullet. "Linux feels more secure today because it's a smaller target" than Windows.

But Windermere, nonetheless, appears to be getting some traction for its new devices. Ruoff tells Byte and Switch that the technology has already been tested within the U.S. government, and he expects to see the guards fully deployed within a couple of defense agencies early next year.

Commercial deployments could also be on the agenda. "If Pfizer or Merck were concerned about information leakage from their research department out to the Internet, then these are the kinds of devices that would reduce that risk," says Ruoff.

The Annapolis, Md.-based vendor, however, is not the only firm tackling the network security problem, and a number of suppliers, including Getronics, already have offerings in this space. But, Ruoff says that, rather than focusing on specific network protocols, the guard will look for changes in individual service activity, such as email.

Egan believes that this is a sensible strategy. "Focusing on a more services-based approach fits in with my notion that security is a distributed problem," he asserts. "If somebody gets into your email system, the email system is down."

U.S. organizations have been dogged by a string of security snafus over the last couple of years, with the Veterans' Administration recently hitting the headlines over a stolen laptop. (See VA Reports Massive Data Theft.) Although the laptop reappeared last week, the episode underlined the importance of implementing robust security policies and technology. (See Breaches Stress Need to Improve, IT Managers Walk Tape Tightrope, Financial Security: Priceless, Don't Be a Data Privacy Dunce, and CardSystems Responds to Security Incident.)

Pricing for Windermere's network security offering, which will be on the market in early 2007, is expected to be in the region of $250,000 for around 200 concurrent users.

— James Rogers, Senior Editor, Byte and Switch. Special to Dark Reading.

  • Citrix Systems Inc. (Nasdaq: CTXS)
  • CA Inc. (NYSE: CA)
  • Getronics NV
  • Microsoft Corp. (Nasdaq: MSFT)
  • Sun Microsystems Inc. (Nasdaq: SUNW)

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Threaded  |  Newest First  |  Oldest First
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 10/27/2020
    Chinese Attackers' Favorite Flaws Prove Global Threats, Research Shows
    Kelly Sheridan, Staff Editor, Dark Reading,  10/27/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    How IT Security Organizations are Attacking the Cybersecurity Problem
    How IT Security Organizations are Attacking the Cybersecurity Problem
    The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-27652
    PUBLISHED: 2020-10-29
    Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
    CVE-2020-27653
    PUBLISHED: 2020-10-29
    Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
    CVE-2020-27654
    PUBLISHED: 2020-10-29
    Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
    CVE-2020-27655
    PUBLISHED: 2020-10-29
    Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.
    CVE-2020-27656
    PUBLISHED: 2020-10-29
    Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.