Vendors spotlight two-way security

Featured eBooks
Changes in State and Local Government Workforces
NASCIO Special Report 2024
A New Era of Social Media Regulation
Insights & Reports
Unlocking digital potential: Strategies for modernizing government services
Presented By Adobe
Download Now
Unlocking public sector potential
Presented By NTT DATA
Download Now
By William Jackson
 

Connecting state and local government leaders

By William Jackson

|

Monitoring, filtering and blocking network traffic to defend against a multitude of threats and faux pas are among the hot technologies at this year's RSA Security Conference.<br>

SAN FRANCISCO'Monitoring, filtering and blocking network traffic to defend against a multitude of threats and faux pas are among the hot technologies at this year's RSA Security Conference.

Gateway appliances offering layers of protection are the flavor of the moment. With spam one of the major villains of the networked world, any device worth its salt includes some kind of spam blocking. But with the collapse of the enterprise perimeter as the primary line of network defense, tools now are keeping an eye on internal and outgoing traffic as well as incoming traffic, and mobile users outside the enterprise are receiving attention, as well.

About 60 percent of cell phones delivered today are Java enabled, said Shlomo Touboul, chief executive officer of Finjan Software Inc. of San Jose, Calif. Mobile gaming has been a strong driver for the devices, which can receive applets and run applications as well as provide phone service and exchange e-mail.

'It's a nightmare for service providers' who are trying to keep up with the product-specific applications and extensions for phones, Touboul said. So far, there have been no serious cell phone exploits discovered in the wild, although Finjan has developed hostile demonstration code to exploit the devices.

'It's terrifying to think how easy it is,' he said. Service providers do not want to wait for the exploits to appear before providing protection, he said. 'They are telling us, 'We learned our lesson from the PC.''

Finjan is addressing the problem by extending the scanners for its SurfinGate devices to include extensions being added by cell phone vendors and developers. 'We put the server at the service provider site,' Touboul said, and scan for malicious applications. The new products are being tested now with cellular service providers.

Several products offer suites of filtering services. The Content Management Suite, from WebWashers AG of Germany, resides on a gateway device. In addition to spam filtering, it provides a choice of antivirus engines, Uniform Resource Locator blocking and filtering of Secure Sockets Layer traffic. The spam filter uses a variety of methods to control unwanted e-mail traffic, including white lists and black lists, examining header information and content, look-up of senders and links, and a statistical filter with a dictionary.

The suite's neatest trick, available next month, will be SSL filtering. The encrypted traffic is stopped at the proxy level and a second secure session is initiated with the server. In between, unencrypted traffic can be examined on the gateway and filtered according to user policies. The company has its work cut out for it selling this feature.

'There is a lot of interest in SSL filtering,' said Frances Schlosstein, WebWasher's vice president of business development. 'But it hasn't been on anybody's radar screen before because it hasn't been available.'

Group Technologies USA Inc., a subsidiary of a German company headquartered in Milford, Mass., is adding several new features to its SecuriQ.Wall filtering product for Lotus Domino and Microsoft Exchange e-mail platforms. It uses lexical analysis of words, content scanning, black lists and white lists for senders, and sender-recipient combos to block and keep track of e-mail. In May it will begin scanning zipped files and Portable Document Format files as well. The company also will introduce a self-learning engine that can recognize new spam by analyzing the traffic.

The company claims the Interior Department and the Customs Service among its customers. Company president Karl-Heinz Dahley said that although keeping spam out is the goal for most of his customers, government users are becoming more concerned about keeping confidential information in. He said scanning outgoing traffic is becoming just as vital as scanning incoming.

Keeping track of outgoing traffic is the whole point of a new feature in Version 2.0 of the Teros-100 Application Protection System from Teros Inc. of Santa Clara, Calif. APS sits in front of a Web server farm and inspects incoming and outgoing packets at the application layer. It comes programmed with hundreds of rules for what kinds of traffic and behavior should be allowed or blocked, and after several days of monitoring a system it learns from usage patterns which rules should be enforced and which should be waived.

A new module called SAFEIdentity is being added to the APS as a free option to keep an eye on Social Security numbers. 'All the heavy lifting is in the core processing,' said CEO Bob Walters. The SAFEIdentity module adds some additional rules for looking at numbers in the outgoing traffic.

The module recognizes Social Security numbers from either a string of nine numerals, or the usual groupings of three, two and four numerals, separated by spaces or dashes. When it recognizes a Social Security number, it can apply rules to block, log or otherwise regulate it according to the user's policy. This can keep confidential information from leaving an enterprise through unauthorized means, making identity theft more difficult.

Nokia Americas Inc. of Irving, Texas, has come up with a device it calls an e-mail firewall to add another layer of defense to the enterprise perimeter. Message Protector is an appliance running Nokia's Ipso-SX hardened operating system that sets between the firewall and the e-mail servers and acts as a mail transfer agent. It does packet inspection, scans for viruses, strips macros, watches for malicious behavior, checks content and blocks spam at the rate of 120,000 messages per hour for messages averaging 14K. Latency varies, depending on the type and length of messages being examined, but because e-mail is a store-and-forward technology delays are not critical.

'This box is configured to call home for updates' for malicious code and spam signatures, said product manager Haig Colter. It also is persistent, and can unzip 62 layers to get down to the content. The same box can handle outgoing as well as incoming traffic, or multiple boxes can be used.

Message Protector is available now for $15,000 per box, plus licensing based on the number of users. There is government interest in the product, but 'procurement is not exactly an overnight process,' Colter said.

NEXT STORY: Defense program spurs wider government use of smart cards

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.