throughout information technology
departments, from the U.S. to
Japan, at about this time last
year. It was in that instant that
all IT and security administrators,
for the most part, were
collectively patting one another’s
backs upon successfully averting
a Y2K catastrophe.
At ease with this interval of
breathing space after, in some
cases, years of planning for the
2000 bug, many managers
decided that they would dwell on
the long and drawn-out
technological fight awaiting them
dealt with matters surrounding infosecurity. Most professionals now
readily understand that these issues form an enduring and far-reaching
problem, not dependent on a certain date, that will end in plenty of
trouble being delivered to their businesses.
With some analysts, such as Bear, Stearns & Company, Inc., predicting
that the Internet security marketplace could reach $15 billion worldwide
by 2004, it is obvious that not only are IT administrators comprehending
the caliber of new cyberthreats, but their bosses are also doing so. The
company states that the rush to engage in e-business is forcing
security to be a number one priority for organizations everywhere. To be
sure, the steady doling out of dollars will only continue on this upward
trend as a result of a corporate-wide realization that technology and
the Internet will spawn the future global economy and, eventually,
become standard ways of devising and sealing business deals.
Still, some organizations, whether in the States, Germany, Singapore or
any other country, are struggling with the huge task of differentiating
sound security vendors from the here-today-gone-tomorrow types.
Additionally, it is proving tough for executives and administrators, even
now, to effectively ascertain what combinations of security products
and services their firms truly require to maintain flourishing e-businesses.
To aid them in their search for the best security technologies and the
companies that offer them, this edition of SC Magazine forecasts the
hot happenings, technologies and companies of 2001. In Technologies to
Watch in 2001, a complementary feature to the cover story, respected
industry analysts explain what they believe to be the security tools and
services organizations should tirelessly examine as they engage in
business-to-business (B2B) and business-to-consumer (B2C) activities.
And though one of our analysts predicts that managed service providers
(MSPs) will be employed by corporations more frequently this year, it
was concluded that this area of information security warranted a more
in-depth look by way of a separate feature, MSPs Flex their Infosecurity
Muscles.
Surges in Security
The infosecurity solutions and services coming around the bend appear
to be more of the same. The difference, however, is that many of the
technologies, like public key infrastructure (PKI), biometrics and
smartcards, repeatedly foretold in recent years to be massively taken up
by organizations all over the globe, may really catch on in 2001. This
adoption of stronger security mechanisms, experts contend, will happen
none too soon, given that cyberassaults in this and coming years will be
more targeted and extremely disastrous for the business world.
The attacks of the past 365 days have been catalogued and dissected
ad nauseam. Yet, the many times an item about a hacker breach or a
DDoS attack hit mainstream publications, what companies were actually
doing about the risks was often overlooked. How can organizations
prevent that confidential information from being compromised again or
their brand name from being soiled once more?
Myriad anti-virus, intrusion detection system (IDS), virtual private
network (VPN), biometric, content security, PKI and trusted operating
system providers, as well as a multitude of other security companies are
looking for buyers. Though none can say they have the cure that will
fully treat all the security ailments any one company may face, they all
have infosecurity expertise and specialties that together may very well
fortify an enterprise for years to come.
Bob Lonadier, director of security strategies for Hurwitz Group, an
analyst firm, states that the information security marketplace is just
getting started. Top-level executives are seeing the successes they can
reap from use of the Internet and related technologies, but now with
increased and well-publicized security assaults, they are also realizing
the countless problems that arise with inadequate security.
Besides wanting to spend their monies more effectively, companies also
want the products and services they buy to truly protect them. They
want to be assured that they won’t be receiving a call in the middle of
the night from the IT security administrator explaining they’ve been
infiltrated by a virus that will take days or weeks to clean out. Instead,
they envision the IT security manager telling them the next day that a
virus infection was sidestepped due to a strong product they invested in
and strong policies they implemented. Three distinct divisions in the
security market will answer these customers’ wants, says Lonadier.
Category Killers: These solution providers are focused on a needed
security niche. They flourish by dominating that grouping. With
this specific niche success, they may eventually expand their
baseline offerings.
Security Aggregators: These vendors specialize in various point
solutions that can be managed easily by an IT administrator under
one umbrella. They offer one-stop-shopping for the variety of
security tools that many companies desire these days.
Security as a Service: Though really just beginning, MSPs will take
away worries from the company by overseeing their security
needs on a fee basis. They follow general technological trends.
Whatever companies decide to outsource, the MSP option should
be part of a corporation’s overall security policy and program – not
necessarily the whole kit and caboodle.
“It’s all around reducing complexity,” Lonadier says of infosecurity
trends. “Executives are looking at the plans for [2001] and are saying,
‘Gee, I’m getting more efficient in every aspect of my IT expenditure,
except security’.”
Intrusion Detection
Last year, SC Magazine foresaw intrusion detection systems improving,
thereby playing more prevalent and key roles in organizations’ overall
security. While longer-lived companies, such as Internet Security
Systems (ISS) (www.iss.net), Network Associates’ PGP Security
(www.pgp.com) and Computer Associates (www.ca.com) continued
their strong leadership positions in this area, other companies also saw a
great deal of play and respect bid to them.
The further development of AXENT Technologies’ NetProwler
(www.axent.com) should be watched carefully over the course of this
year. Having been acquired by Symantec Corporation, the AXENT
division may very well exploit its new owner’s vulnerability assessment
technology, which automates the detection and correction of machine
and network hole and virus update infrastructure, to enhance
NetProwler’s detection of network intrusion. Theoretically, such
automation could back the IDS by sending it ‘cures’ when it detects a
breach.
By launching Tripwire HQ Manager late last year, Tripwire Security
(www.tripwire.com) has created a central management tool that
enables companies to easily monitor their network over multiple
platforms. Providing such functions as centralized reporting, database
generation, creation and distribution of policies and much more, this tool
makes Tripwire a key player in allowing corporations to control the
integrity of their systems.
The likes of Cybersafe Corporation (www.cybersafe.com), with its
Centrax software, has seen increasing growth. In addition to offering
this real-time monitoring solution, they have entered the service arena
by partnering with Counterpane Internet Security, Inc.
(www.counterpane.com), a strong MSP in this arena. International
Intrusion.com (www.intrusion.com) and Atlanta-based METASeS
(www.metases.com) are other MSPs offering strong monitoring and
response services.
Derivations of IDS companies are also finding customers. ClickNet
Security Technologies (www.clicknet.com) is a growing contender in this
area. It touts its entercept software as a proactive intrusion detection
tool that uses a security-rule-based engine to identify potentially
hazardous operations. When malicious activity is detected, the
predefined reaction is executed and a log with comprehensive detail
about the attempt and reaction is sent to the control station. This
company has seen much growth and recently partnered with Cisco
Systems (www.cisco.com) to support its SAFE e-Business Security
Framework.
Recourse Technologies, Inc. (www.recourse.com) is another vendor that
has an interesting dynamic to detecting intrusions. Its ManHunt and
ManTrap products protect networks by covertly gathering data on the
hack attack, while also determining the attack source. Also a fighter of
breaches, Top Layer Networks’ (www.toplayer.com) AppSwitch works
with a company’s existing firewall and IDS to help prevent network
intrusions.
More companies to watch include NFR Security, Inc. (www.nfr.com),
Hiverworld, Inc. (www.hiverworld.com), Network ICE (www.networkice.
com), CyberTrust (acquired in 1999 by Baltimore Technologies as a
means of enhancing product offerings) and LANguard
(www.languard.com). For telecommunications IDS, look to eNetSecure
(www.enetsecure.com), Sandstorm Enterprises, Inc.
(www.sandstorm.net) and SecureLogix Corporation
(www.securelogix.com). Another vendor of note, Harris Corporation
(www.STATonline.com), specializes in vulnerability and risk assessment
to better Internet and network security through their Security Threat
Avoidance Technology (STAT) product line.
Access Control and Remotely Connecting
Protecting all of a company’s information can be an overwhelming task.
Though management of access can have different meanings for different
people, here it applies to web, server, network and applications access
control. The increased importance of these solutions may be attributed
to the rise of B2C commerce and B2B dealings.
Evidian, a BullSoft Groupe company (www.evidian.com), is trying its
hand at protecting corporate information on the Internet and within the
enterprise with its AccessMaster solution. A security management
solution, it provides web authentication and authorization technology
that permits users to access multiple web and enterprise applications
with one log-on and one password, among other features. The tool
presents application security, while also reducing the workload of the
administrator and increasing convenience for end-users.
Securant Technologies (www.securant.com) has a booming business
that has seen astounding growth in the past several months. The
ClearTrust SecureControl suite is rules-based in managing application
access to web-based applications. The product proves ideal to
companies engaging in B2B by providing user authentication,
authorization, true single sign-on, delegated administration,
application-level threat detection, policy assessment and auditing.
Netegrity’s (www.netegrity.com) SiteMinder is another reliable tool for
organizations wanting to securely and centrally manage B2B, B2C and
intranet portals. Offering seamless integration with partner sites, it also
personalizes access and use for each customer. Netegrity signed
agreements with 46 new customers in the third quarter, and now has
250 customers worldwide. Watch this company experience further
growth over the next year, especially as the need for secure portals in
e-business exchanges continue to rise.
Though perhaps not thought of as a pure access control vendor,
Sanctum, Inc. (www.sanctuminc.com) is a company to watch when it
comes to protecting web sites from unwanted intruders. Sanctum’s web
application security software, AppShield and AppScan, secures and
monitors web applications for potentially malicious behavior.
E-businesses are safeguarded against assaults ranging from site
defacement or compromise of customer information to theft of products
or corporate espionage.
There are a number of companies offering similar access control tools
and other products allowing for secured remote connections. Some to
keep in mind as you search for the right solutions include RedCreek
Communication, Inc. (a hardware provider of VPN and firewall solutions,
RedCreek acquired Internet Dynamics, Inc. to offer Conclave, a
policy-based access control tool) (www.redcreek.com), Sygate
Technologies, Inc. (www.sygate.com), Gilian Technologies
(www.gilian.com), Safewww, Inc. (www.safewww.com) and CrossLogix,
Inc. (www.crosslogix.com).
Content Protection
Email is one of the main forms of communications for corporations today.
If this mode of sharing critical business knowledge goes down, an
enterprise’s operations rapidly flounder. Companies everywhere are
realizing just how crippled they could be without email. More
importantly, they see just how vulnerable their information and networks
are as a result of inadequately protecting this gateway.
A number of organizations readily come to mind when talk of email
security begins. Symantec Corporation (www.symantec.com) continues
to strengthen its leading position with new products and services, such
as Norton Anti-Virus Corporate Edition 7.5 for enterprise-wide
protection. The product’s Digital Immune System technology provides
automatic virus detection, analysis and delivery of remedies to an
infected PC or entire corporate network with or without the
administrator. Of course, also big news for Symantec this year was its
acquisition of AXENT Technologies.
ScanMail from Trend Micro (www.trendmicro.com) is another tool that
provides centrally controlled protection against viruses, spam and
malicious code. Its MacroTrap technology enables it to detect and
remove known and unknown macro viruses using heuristics. This
proactive feature allows administrators to fight viruses for which
signatures do not exist. Look for Trend Micro to continue bettering its
family of products.
Now that Baltimore Technologies (www.baltimore.com) has acquired
Content Technologies, prepare for new integrated solutions to hit the
market next year. By bringing Content’s policy-based content security
product, MAILsweeper, to its already strong e-business security
portfolio of PKI and m-commerce solutions, Baltimore will be
well-positioned to develop new and innovative security solutions.
In addition to other mainstay organizations such as Sophos Anti-Virus
(www.sophos.com) and McAfee (www.mcafeeb2b.com), a Network
Associates business, F-Secure Corporation (www.f-secure.com) also
proves to be a strong provider. Not only does the security player
protect a company’s network through a distributed firewall, VPN and
cryptographic technology, it also boasts malicious code protection and
centrally managed security for all mobile devices and remote stations.
No doubt, the company will continue growing and bettering these
wireless security devices as time passes.
Yet another innovation that launched this past year and will, no doubt,
become a core solution in protecting content is GAP technology.
SpearHead Security Technologies, Inc. (www.sphd.com) seems to be on
the forefront of this area with its AirGAP system, a software/hardware
combo, which offers protection against viruses, DoS attacks and other
malicious code by creating two separate networks disconnected from
one another within the same box.
Whale Communications (www.whalecommunications.com) also uses a
similar technology it has coined Air Gap. Called e-Gap, its system
complements the company firewall, terminating all TCP/IP connections at
the air gap. Communications are then inspected and moved via the gap
to protected and critical e-business systems.
On top of offerings that provide a distinct break between the Internet
and crucial information systems, certain vendors are attempting to be
more aggressive in their battle with malicious code. The concept of
anti-virus systems being more proactive is increasingly becoming a facet
of the enterprise war cry. After the LoveBug virus and various trojans
hit a plethora of organizations this past year, they wondered why the
anti-virus tools they had in place didn’t prevent the onslaughts.
Consequently, some providers are pointing to the reactionary methods
of signature-based detection in touting their wares.
Pelican Security (www.pelicansecurity.com) is an up-and-coming vendor
that uses dynamic sandboxing technology to proactively protect
networks from known and unknown mobile code. Its SafeTNet tool uses
corporate-defined policies that control malicious code’s access to data
and system files, applications and other network resources.
Finjan Software (www.finjan.com), a similar and older solutions provider,
has received accolades for its SurfinShield product, which also tackles
the problem of malicious code through behavior monitoring. With its
patent pending X-Box technology, said to enhance Java’s ‘sandbox’,
SurfinShield provides security against malicious forms of ActiveX arriving
via email, the web or Instant Messaging.
Sybari (www.sybari.com), TenFour (www.tenfour.se), Panda Software
(www.pandasoftware.com), Pointsec Mobile Technologies, Inc.
(www.pointsec.com) and Diversinet Corp. (www.dvnet.com) are
providers that also boast solutions in this area. WatchGuard
Technologies, Inc. (www.watchguard.com), well-known for its firewall
and VPN tools, has also introduced a LiveSecurity subscription service
that provides virus alerts and other updates to its products and
WebBlocker database.
Biometrics and Smartcards
As e-business continues its non-stop flow, authentication mechanisms
that are stronger than the traditional username and password scheme
are in demand. Enter biometric technology and smartcards.
Traditionally, biometric security was widely adopted by intelligence
agencies and other government entities. Often said to be the only true
form of authentication, biometrics uses fingerprints, retinal scanning and
voice recognition to armor networks and data. Now, corporations with
high-value information and assets are entertaining thoughts of adopting
this stringent protection for themselves.
SecureSuite from I/O Software, Inc. (www.iosoftware.com) is a
comprehensive solution accessing PC workstations. Besides
authenticating users at logon, the tool also uses the SecureSession
feature to add extra security when accessing particular applications.
SecureSuite’s ease of deployment and use also adds to its appeal.
Through its partnerships with AuthenTec (www.authentec.com), a
provider of fingerprint sensors, and Microsoft, which will include I/O’s
SecureSuite and Biometric Application Programming Interface in new
versions of the Windows OS, the company is fast-becoming a market
leader. Look for more of the same from them next year.
Digital Persona (www.digitalpersona.com) of California offers a
fingerprint authentication system, UareU Deluxe and will soon launch
UareU Online Biometric Authentication Service. Now in Beta, the site will
be an Internet authentication service that maintains an anonymous
fingerprint database for companies, to provide easy, secure and fast
user authentication to access sensitive information or engage in
safeguarded e-commerce. Given this development, this vendor will
appeal greatly to the health care, financial and ASP market at an even
greater pace over the coming year.
Also, take a look at Biodata (www.biodata.com), Iridian Technologies,
Inc. (formerly IriScan, Inc.) (www.iriscan.com), American Biometric
Company (www.biomouse.com) and Identix (www.identix.com), if you
happen to be an organization searching for the strong security biometric
tools can give.
“Already biometrics is catching on, (but) … I’m disappointed the
Americas haven’t gone the way of the Europeans,” says Charles Cresson
Wood, security expert and author of the well-read Information Security
Policies Made Easy, which is now being used by PentaSafe Security
Technologies (www.pentasafe.com) for its VigilEnt Policy Center tool.
Any visit to Europe will tell you that smartcards and tokens have been
more widely adopted in those countries compared to other regions.
Nevertheless, some experts believe that the United States may play
catch-up in the next one to two years.
Wood explains that credit card companies, such as American Express,
have made inroads into the adoption of smartcards although more needs
to be done. It may be that as PKI is deployed on a wider basis,
smartcard use will grow since it provides the means to safely and
securely store digital certificates needed for PKI.
HID Corporation (www.hidcorp.com), having just expanded its line of
smartcards, is most certainly a mover and a shaker in the market. The
addition of the IQcard MIFARE product allows for the securing of any
number of applications, including e-commerce, access to medical
records and more. It accomplishes this by separating files, while also
providing mutual authentication, data encryption and electronic purse
functions.
Datakey (www.datakey.com), CRYPTOCard (www.cryptocard.com),
Keyware (www.keyware.com), Aladdin (www.ealaddin.com), ActivCard
(www.activcard.com), Schlumberger Smart Cards (www.1.slb.com),
Utimaco Safeware (www.utimaco.com), Thinkpulse, Inc.
(www.thinkpulse.com) and more are vendors to review when considering
migration to smartcard security implementations.
PKIs, VPNs and Cryptography
A number of experts agree that VPNs finally seized a place this past
year in a company’s security configuration. With the many partners,
contractors, remote users and telecommuters that need access to the
company network, VPNs seemed an easy-to-use, reliable and scalable
solution. Best practices and standards being adopted and followed by
most VPN vendors also facilitated this broad acceptance.
In addition to WatchGuard, F-Secure and PGP Security, a number of
other companies have strong VPN products worth considering. These
include Alcatel (www.alcatel.com), AppGate (www.appgate.com), Asita
Technologies (www.asitatech.com), BorderWare
(www.borderware.com), Check Point (www.checkpoint.com), SafeNet,
Inc. (www.safenet-inc.com) (formerly IRE) and Lucent Technologies
(www.lucent.com).
Now that LASAT Networks (www.lasat.com) of Denmark has merged
with Eicon Technologies to form Eicon Networks, its operations in the
U.S. look to be expanding. With the launch of its WAP-enabled thin
server, MASQUERADE, and its SAFEPIPE family of VPN products, which
use IPsec, 128-bit and triple-DES encryption, this is a company to keep
an eye on.
Although VPNs have finally seen triumphs, the year of PKI has yet to be
fully realized and, in fact, this repeated declaration – “This is the year of
PKI!” has become a running joke among industry professionals. Those
hoping that PKI will soon be completely deployed by organizations,
rather than being undertaken only in pilot programs, may finally find their
wish filled this year. If not all together, some say, at least the
beginnings of widespread adoption will start unfolding.
With SSH Communications Security’s (www.ssh.com) recent release of
its IPSEC Express 4.0, the company has heightened the functionality of
its IPsec (Internet protocol security) solutions. The newest version
supports the VxWorks operating system, as well as the industry’s latest
Internet and industry standards, such as IPv6, enhanced PKI, and the
new Rijndael cryptography standard. In facilitating the execution of
IPsec and PKI industry standards, SSH’s toolkits bring strong,
cryptographic security to IP networks. This company will continue
raising the bar for quickly implementing various security applications with
ease.
A strong player in the mobile e-business security marketplace, Certicom
(www.certicom.com) recently made great strides in the world of wireless
PKI with the release of its Trustpoint suite. Touted as bridging the gap
between wired and wireless worlds, this line of solutions enables
companies to use compact, standards-based certificates with their
existing directory and PKI systems. These small, but fast, certificates
can protect exchanges launched from mobile phones, PDAs and pagers.
This company will continue with its innovative and creative undertakings
in infosecurity next year.
Again, Baltimore is a key player here, but Entrust and VeriSign
(www.verisign.com) also play major roles. In particular, Entrust
Technologies (www.entrust.com), which is one of the longest-standing
players in this territory, has developed a broad range of products which
is the envy of many of their competitors. Not to be overlooked are
Canadian Crysalis-ITS (www.chrysalis-its.com), Cylink
(www.cylink.com), ValiCert (www.valicert.com), SPYRUS
(www.spyrus.com) and the long-standing RSA Security
(www.rsasecurity.com).
While many vendors in this area of infosecurity have found it difficult to
convince the corporate marketplace of the need to properly secure their
B2B transactions, Entegrity Solutions (www.entegrity.com) has
succeeded with at least 200 of the Fortune 2000 companies. Their
mixture of out-of-the-box products in the Trust Solutions range offers
(amongst other things) policy-based secure email and mobile security for
laptop users.
Late last year, nCipher, Inc. (www.ncipher.com), a developer of
hardware security products for PKI applications, expanded its sales
efforts to include South America. Headquartered in the U.K., it also has
offices in the United States where sales are growing. Besides offering
accelerator products to increase performance of network devices, the
company also offers products such as nForce, nShield and KeySafe to
facilitate the deployment of a PKI. Look out for this vendor to
continually enhance offerings and widen its global reach.
SHYM Technologies (www.shym.com), a manufacturer of tools that
enable the quick and less complicated deployment of often-problematic
PKIs, will continue making a name for itself. Also, pay close attention to
the service provider trend pushed along by Pricewaterhouse-Coopers’
(www.pcwglobal.com) beTRUSTed offering that was launched late last
year.Of course, there are other cryptographic technologies that protect
corporate information in more readily deployable solutions. PC Guardian
(www.pcguardian.com) provides strong encryption of important data,
while Kyberpass Corporation (www.kyberpass.com), Rainbow, Inc.
(www.rainbow.com), and Xcert International, Inc. (www.xcert.com) are
others on the list that should be examined.
The Market WaveBecause today’s business world demands security, an
inordinate number of infosecurity companies have arrived on the scene.
The market, however, will bear out the true and reliable vendors from
those attempting to simply ride the proverbial wave to expand their
bottom lines. In attempts to maintain spots in this changing and volatile
market, some vendors may try to complement their tools with services.
Also, as it was this time last year, too many acquisitions and mergers to
count will occur in this one. Smaller players or those with a weak
presence will continually be bought out or just fall out of the picture.
“It’s definitely a challenge for IT managers to identify products and
vendors that will remain in the marketplace for the long haul,” says
David Morrow, director of investigative services for the newly formed
Fiderus, a security consulting company. “Nobody wants to be stuck with
a product that is suddenly obsolete when the provider is acquired and
stops supporting it.”
Extensive research and consulting by vendor-neutral firms may help
corporations in their search for the perfect security tools. Moreover,
companies’ executives must understand their business needs and
operations completely to know exactly what parts of it need protecting
and how this is best accomplished. No matter these steps, though,
there are bound to be companies or technologies that may be alien to
some folks.
One emerging solution not to be overlooked is the trusted operating
system. Hewlett Packard (www.hp.com) and Sun Microsystems
(www.sun.com) are the old guard in this area, but this year other
providers that offer strong technologies include Argus Systems
(www.argus.com), Cyber-Ark (www.cyber-ark.com) and Qiave
(www.qiave.com) which was recently purchased by WatchGuard.
These trusted operating system tools and other security devices chosen
by companies will be further tested by the strength of the training and
policies that should be put in place. If an organization fails to arm its
employees with infosecurity knowledge, warn many experts, any tool
can likely be rendered quite useless. Prompted by PentaSafe’s new
VigilEnt Policy Center tool, other vendors will begin launching solutions
that help end-users get educated.
The requirement for these training tools and lessons for users about
infosecurity benefits will be exacerbated by cultural beliefs that change
from country to country. To answer demands derived from different
parts of the world, vendors will have to keep up with the unique laws,
regulations and feelings of those areas. Explains Morrow, to be viable
security providers, companies must have a worldwide presence and,
therefore, strong understanding of the countries they serve. It all comes
back, after all, to that evolving international digital economy.
“The global economy is here and successful security players will have to
be global and understand local laws and regulations to compete. In some
ways, the technical solutions will be easy. It is the local laws and
cultural beliefs that will be difficult to navigate,” he maintains. “I think
the successful global IT security player will have to be very adept at
dealing with the many different views and political systems we’ll
encounter. Many other countries, such as China, view security and
technology from a profoundly different vantage point than Western
countries do. Even Western Europe has implemented very strict personal
privacy laws compared to American standards … We’ll be wrestling with
these cultural and political differences long after the technical problems
are overcome.”
Yet the task immediately at hand is solving those dreaded security
problems. While this job may seem daunting, organizations still searching
for answers can take heart – with the scores of vendors peddling their
solutions, it’s a buyers’ market. Companies just have to do their
homework before they go shopping.
Top Ten Internet Threats
by Katherine Henry
Here is a round-up of the top ten threats in the U.S., U.K. and Asia
Pacific region. It’s worth remembering that Internet security solutions
are also improving to keep up to date with the threats. Notable among
these are trusted operating system (TOS) solutions that can prevent
most, if not all, of the threats listed below.
Super-user vulnerabilities: The goal of most ‘hacks’ is to gain
super-user control (or Windows Administrator control). Super-user
is all-powerful and can disable security applications, such as
intrusion detection systems or firewalls.
Disgruntled employees: Since they are ‘authorized’ users,
disgruntled employees can perform sensitive operations from within
your security perimeter. They can take down system resources,
alter data content and install backdoors for later use.
Buffer overflows: These are a common vulnerability and new
ways to exploit them are discovered by hackers on a regular basis.
Buffer overflows can be used to gain super-user control.
Kernel attacks/loadable kernel modules: These are a more
sophisticated form of attack that allow hackers to corrupt or
replace programs in the operating system kernel itself to cause
severe system damage.
Application security flaws: Given the speed to market of
e-business software, programs frequently have bugs, many of
which can be exploited to gain access to other applications or the
system as a whole.
CGI-script exploits: CGI script implementation often has bugs
and frequently introduces security holes that can be used to
attack web servers.
Password sniffing: Hackers often use this method to guess a
legitimate user’s password in order to gain access to the system
and to gain greater access for future attacks.
Human error: Corporations rely upon good security practice
among their employees to safeguard systems. It is not uncommon
for hackers to engage in myriad social engineering activities, such
as posing as members of the IT department or partner companies’
IT departments, to gain passwords or access to computers that
can later be used for theft or damage.
Virus/trojan horse: These are surreptitiously installed programs
specifically designed to cause damage or to open up holes so that
attackers may gain system entry at a later date.
Denial of service: The DoS attack deliberately floods a server
with false requests to shut down or slow down traffic to that
server. It is most frequently launched from other powerful
computers that have been hacked (known as zombie machines),
and have had programs installed on them to create these false
requests.
Katherine Henry is marketing communications manager for Argus
Systems Group Ltd. in the U.K.
Balancing the Load
by Illena Armstrong
Reliability is key when attempting to gain an unfaltering spot in the world
of e-business. Services that an organization offers, products it sells,
applications it uses within and without its walls, and the security
mechanisms it has put in place, must remain up and running, delivering
dogged performance.
There are several suppliers of solutions that facilitate the high
availability and scalability of Internet and enterprise applications. One of
the leaders in this space is StoneSoft Corporation. Combining
load-balancing and high availability features, their StoneBeat cluster
technology ensures that companies’ critical network components
continue their operations. Application independent, the solution is
scalable from small- to enterprise-sized businesses.
Evidian, a Groupe Bull company, has released SafeKit, a 24-by-7
software solution for e-business application load-balancing and fail over.
This product, too, provides maximum service performance in scalable
secure management software that strengthens Internet and e-business
functions.
Known more for its security appliances that boast firewall, VPN,
anti-virus and content filtering capabilities, SonicWALL, Inc. just entered
the fray when it recently acquired Phobos Corporation, a hardware
company that produces products that offload and accelerate secure
transaction processing. Though SonicWALL has traditionally catered to
small and medium businesses, look for this company to make great
strides into the large enterprise and e-commerce markets with its newer
offerings, like SonicWALL Load Balancing Rack or the SonicWALL SSL
Accelerator Rack.
Yet another company to be mindful of during the course of the year is
NetScreen Technologies. Its Internet security systems and hardware
devices enhance the performance of firewalls, VPNs and traffic control
for e-businesses, as well as broadband and application service providers.
Scalability, manageability and strong performance form the foundation to
its line of solutions.