- Email: [email protected]
Fraud on the Internet reduced
February
7999
Ne fwork Security
Tool centralizes firewall configuration
Fraud on the Internet reduced
cryptographic WebSentrv.
In an attempt to simplify the task of managing security, Cisco has announced a new tool to centralize firewall configuration, reports PCWeek. The Cisco Security Manager tool, which will be introduced as part of Cisco’s new VPN strategy, is the first security piece delivered as part of the Cisco Assure policy networking initiative.
Racal Security and Payments’ new WebSentry security modules offer system integrators a costeffective solution to provide the cryptographic functionality necessery to support the Secure Electronic Transaction (SET) standard for both merchant and acquirer bank (payment gateway) applications. Reducing risk of fraud for Internet transactions, WebSentry modules use the latest techniques in cryptography to provide a flexible means of purchasing goods and services over public networks. This enabling technology will allow the financial institutions to meet the worldwide E-commerce demand that, according to recent estimates, is expected to reach E6.14 billion by the Year 2003, representing 2.5% of all retail purchases.
WebSentry is housed in a tamperresistant and tamper-evident case. In addition, no plaintext keys are exposed outside the tamper-resistant circuity and within the case is housed batterybacked tamper protected memory. Operation, module management and access control are under smartcard and PIN protection. WebSentry modules also use smartcard components to form Local Master Keys (LMK) that are used to protect certain cryptographic keys when outside the circuitry.
As part of this initiative, Cisco intends to create applications that enable administrators to define network policies such as security that will, in turn, automatically configure the Cisco hardware on the network. The Windows NT-based Cisco Security Manager eliminates the need to configure each firewall individually, making the task of installing and managing a large number of firewalls much simpler and faster. The first release of the software will work with Cisco’s Pix firewalls, although Cisco intends to extend its reach to manage its Internet Operating System (10s) firewall, VPN offering and NetRanger intrusion detection system. Centralized configuration of the Pix firewalls has been a weak spot for Cisco. The product enables administrators to define a network security policy graphically and includes consistency-checking mechanisms to ensure that policies have their intended effects. Different security policies can be defined for different groups and implemented on the appropriate firewalls. The software also performs auditing and can create reports based on device performance.
0 1999 Elsevier Science
Ltd
Racal’s offering, claims the company, provides the necessary infrastructure to accommodate the widest range of throughput requirements of merchants and acquirer banks in a SET environment. WebSentry also the meets mandatory requirements of highly secure hardware security imposed on acquirer bank (payment gateway) platforms. The system is scaleable to meet the needs of small merchants and multi-national corporates SET handling numerous transactions second. per Connected externally to the host via an servers ethernet connection, multiple modules may be employed to increase the speed of the transactions. Significant performance improvements in transaction processing are achieved as the server application offloads the
processing
to
for further information, contact: Dave Morrow, Racal Security and Payments on: +44 1344 388000; Email: DaveMorrow@compuserve/e. corn.
Network Associates contract
gets
Barbara Gengler Network Associates has been awarded a contract by the US Government’s Defense Advanced Research Projects Agency (DARPA) to develop new ‘adaptive’ authentication tools and techniques to secure highspeed networks. Funded as part of DARPA’s Next Generation Internet (NGI) Initiative, the new technology will automatically adjust the level of assurance needed to provide integrity and data authentication, based on several dynamically assessed conditions, such as perceived risk and All network load. mechanisms will be available each time a security alert
5
7999
Ne fwork Security
Tool centralizes firewall configuration
Fraud on the Internet reduced
cryptographic WebSentrv.
In an attempt to simplify the task of managing security, Cisco has announced a new tool to centralize firewall configuration, reports PCWeek. The Cisco Security Manager tool, which will be introduced as part of Cisco’s new VPN strategy, is the first security piece delivered as part of the Cisco Assure policy networking initiative.
Racal Security and Payments’ new WebSentry security modules offer system integrators a costeffective solution to provide the cryptographic functionality necessery to support the Secure Electronic Transaction (SET) standard for both merchant and acquirer bank (payment gateway) applications. Reducing risk of fraud for Internet transactions, WebSentry modules use the latest techniques in cryptography to provide a flexible means of purchasing goods and services over public networks. This enabling technology will allow the financial institutions to meet the worldwide E-commerce demand that, according to recent estimates, is expected to reach E6.14 billion by the Year 2003, representing 2.5% of all retail purchases.
WebSentry is housed in a tamperresistant and tamper-evident case. In addition, no plaintext keys are exposed outside the tamper-resistant circuity and within the case is housed batterybacked tamper protected memory. Operation, module management and access control are under smartcard and PIN protection. WebSentry modules also use smartcard components to form Local Master Keys (LMK) that are used to protect certain cryptographic keys when outside the circuitry.
As part of this initiative, Cisco intends to create applications that enable administrators to define network policies such as security that will, in turn, automatically configure the Cisco hardware on the network. The Windows NT-based Cisco Security Manager eliminates the need to configure each firewall individually, making the task of installing and managing a large number of firewalls much simpler and faster. The first release of the software will work with Cisco’s Pix firewalls, although Cisco intends to extend its reach to manage its Internet Operating System (10s) firewall, VPN offering and NetRanger intrusion detection system. Centralized configuration of the Pix firewalls has been a weak spot for Cisco. The product enables administrators to define a network security policy graphically and includes consistency-checking mechanisms to ensure that policies have their intended effects. Different security policies can be defined for different groups and implemented on the appropriate firewalls. The software also performs auditing and can create reports based on device performance.
0 1999 Elsevier Science
Ltd
Racal’s offering, claims the company, provides the necessary infrastructure to accommodate the widest range of throughput requirements of merchants and acquirer banks in a SET environment. WebSentry also the meets mandatory requirements of highly secure hardware security imposed on acquirer bank (payment gateway) platforms. The system is scaleable to meet the needs of small merchants and multi-national corporates SET handling numerous transactions second. per Connected externally to the host via an servers ethernet connection, multiple modules may be employed to increase the speed of the transactions. Significant performance improvements in transaction processing are achieved as the server application offloads the
processing
to
for further information, contact: Dave Morrow, Racal Security and Payments on: +44 1344 388000; Email: DaveMorrow@compuserve/e. corn.
Network Associates contract
gets
Barbara Gengler Network Associates has been awarded a contract by the US Government’s Defense Advanced Research Projects Agency (DARPA) to develop new ‘adaptive’ authentication tools and techniques to secure highspeed networks. Funded as part of DARPA’s Next Generation Internet (NGI) Initiative, the new technology will automatically adjust the level of assurance needed to provide integrity and data authentication, based on several dynamically assessed conditions, such as perceived risk and All network load. mechanisms will be available each time a security alert
5