| |
Real Security in a Virtual World
By
Cassimir Medford, April 2000
Hackers tend
to employ sophisticated antidetection schemes, many of which
are easily available on the Internet. A live "intelligent"
security monitor that can scan the network for security breaches
and vulnerabilities seems like a pretty good scheme to counter
this kind of activity. That scheme is the value proposition
pioneered by Internet Security Systems Inc. The Atlanta company
markets SAFEsuite, a set of security auditing and scanning
tools designed as both an alarm system and a test system for
the installed enterprise security system.
 Another
notable add-on tool for VPN networks is EverLink, a software
system that approaches the problem of security from the application
layer. EverLink, from Anyware Technology Inc. of City of Industry,
CA, takes a granular approach, allowing corporations to grant
authorized access to individual outsiders rather than universal
or group access to the entire network. Access is also specific
to the application, computer or file inside the firewall.
All other applications, computers or files will be securely
hidden from the outsider or remote user.
"Our product is complementary with VPN technology because
we address areas VPNs don't address. We give systems administrators
a whole new level of control," explains Ming Huang, chief
technology officer and founder of Anyware. In other words,
it pays to know who is talking to whom. "VPNs can only
control the packets; they cannot control a telnet session,
for instance. We give system administrators additional functionality
at the application layer. The VPN may be secure, but the corporation
may not know who is sending what to whom," he says.
Read
Full Article
|
