- Email: [email protected]
ISS unveils 4-step security program
Abstracts of Recent Articles and Literature
Security Dynamics have introduced an Encrypted VPN Starter Kit, aimed at securing remote access user Ascend’s information. kit combines The SecureConnect with Security Dynamic’s SecurID identification and authentication technology. The bundled product allows companies to verify the identity of remote users, secure information travelling across the Internet and verify the identity of the intended recipient. Other competing VPN products include Newbridge Networks’TimeStep, which integrates a firewall with hardware-based encryption, and V-One Corp., which provides software-based products that integrateVPN with a firewall.The Encrypted VPN Starter Kit is bundled with an access router, server authentication software, security management software, a firewall control manager that provides authorized remote users with access, copies of Secure Access Personal Edition, and SecurID hardware tokens. Internet Week, September 29, 1997, p. 42. Privacy better than ‘Pretty Good’, Mario Apicella. PGP for Personal Privacy 5.0 from Pretty Good Privacy Inc. is the latest commercial version of the well-known cryptographic software. It runs on Microsoft Windows 95 and NT 4.0 and on the Apple Macintosh OS 7.5. It is easy to install and use PGP 5.0.The user interacts only with PGPtray, a menu that gives access to all the functions of PGP, and PGP-keys, a visual representation of all your electronic keys, which is one of the entries in the PGPtray menu. PGP 5.0 maintains the previous encryption scheme. It uses a public key - associated with your E-mail address to encrypt data and a private key to decrypt it. The product allows you to store your public key on a public-key server on the Internet. The copy on the key server can also be used to verify whether a public key that you receive has been altered. Every time you use your signature or decode an E-mail message, PGP requires you to type in the password associated with your private key Therefore, nobody can use your private key if you leave your PC unattended. LANTimes, October 13, 1997, p. 55. 1% unveils 4-step security program, Rutre2lYain. Internet Security Systems (ISS) has developed the Adaptive Security Management Model and a new security scanning system that supports enterprise
620
security. The Adaptive Security Management Model is a four-step process for maintaining security across all network devices and applications. The four-step process includes methods for detecting and responding to security problems, such as automated network scanning; user-defined automatic responses, such as alarms; around-the-clock intrusion detection; and automatic response to security threats, such as the termination of connections. To back up its security model, ISS unveiled a new version of its Windows NT-based network scanner Internet Scanner 5.0 that offers enhanced reporting capabilities as well as new NT and Unix network vulnerability checks. Znternet Week, October 6, 1997, p. 80. WorldSecure Server combats E-mail plagues, Greg Shipley. As messaging solutions come of age, mail administrators face the same problems LAN administrators have dealt with for years: security threats, usage policy violations and viral contamination. Worldtalk Corp. is introducing a mail tool to combat these obstacles. The company is not aiming its product, WorldSecure Server, as a replacement for any current messaging products, its aim is to augment them.The product resides between the network’s Simple Mail Transfer Protocol (SMTP) gateway and the Internet, serving as a type of E-mail firewall. Its strength lies in its ability to combine many features into a single management point. Windows mail administrators now have the tools to easily append to or quarantine messages, notify other administrators of violations via Email. Mail administrators also will welcome the server’s ability ro scan inbound and outbound mail for viruses. It quarantines infected mail for further inspection or kills it on the spot. Policy-based security at an E-mail level is WorldSecure Server’s most innovative feature. It lets you set up security-related rules on a per site or per user basis. WorldSecure Server addresses the issue of unsolicited junk mail, a problem that continues to plague organizations of all sizes. Network Computing, September 15, 1997, p. 48. PKI provides a base for secure transactions,]oe Paone. Developing a public-key infrastructure (PKI) within a company and establishing links with other companies’ PKIs are deemed vital for the successful realization of digital certificate technology for authenti-
Security Dynamics have introduced an Encrypted VPN Starter Kit, aimed at securing remote access user Ascend’s information. kit combines The SecureConnect with Security Dynamic’s SecurID identification and authentication technology. The bundled product allows companies to verify the identity of remote users, secure information travelling across the Internet and verify the identity of the intended recipient. Other competing VPN products include Newbridge Networks’TimeStep, which integrates a firewall with hardware-based encryption, and V-One Corp., which provides software-based products that integrateVPN with a firewall.The Encrypted VPN Starter Kit is bundled with an access router, server authentication software, security management software, a firewall control manager that provides authorized remote users with access, copies of Secure Access Personal Edition, and SecurID hardware tokens. Internet Week, September 29, 1997, p. 42. Privacy better than ‘Pretty Good’, Mario Apicella. PGP for Personal Privacy 5.0 from Pretty Good Privacy Inc. is the latest commercial version of the well-known cryptographic software. It runs on Microsoft Windows 95 and NT 4.0 and on the Apple Macintosh OS 7.5. It is easy to install and use PGP 5.0.The user interacts only with PGPtray, a menu that gives access to all the functions of PGP, and PGP-keys, a visual representation of all your electronic keys, which is one of the entries in the PGPtray menu. PGP 5.0 maintains the previous encryption scheme. It uses a public key - associated with your E-mail address to encrypt data and a private key to decrypt it. The product allows you to store your public key on a public-key server on the Internet. The copy on the key server can also be used to verify whether a public key that you receive has been altered. Every time you use your signature or decode an E-mail message, PGP requires you to type in the password associated with your private key Therefore, nobody can use your private key if you leave your PC unattended. LANTimes, October 13, 1997, p. 55. 1% unveils 4-step security program, Rutre2lYain. Internet Security Systems (ISS) has developed the Adaptive Security Management Model and a new security scanning system that supports enterprise
620
security. The Adaptive Security Management Model is a four-step process for maintaining security across all network devices and applications. The four-step process includes methods for detecting and responding to security problems, such as automated network scanning; user-defined automatic responses, such as alarms; around-the-clock intrusion detection; and automatic response to security threats, such as the termination of connections. To back up its security model, ISS unveiled a new version of its Windows NT-based network scanner Internet Scanner 5.0 that offers enhanced reporting capabilities as well as new NT and Unix network vulnerability checks. Znternet Week, October 6, 1997, p. 80. WorldSecure Server combats E-mail plagues, Greg Shipley. As messaging solutions come of age, mail administrators face the same problems LAN administrators have dealt with for years: security threats, usage policy violations and viral contamination. Worldtalk Corp. is introducing a mail tool to combat these obstacles. The company is not aiming its product, WorldSecure Server, as a replacement for any current messaging products, its aim is to augment them.The product resides between the network’s Simple Mail Transfer Protocol (SMTP) gateway and the Internet, serving as a type of E-mail firewall. Its strength lies in its ability to combine many features into a single management point. Windows mail administrators now have the tools to easily append to or quarantine messages, notify other administrators of violations via Email. Mail administrators also will welcome the server’s ability ro scan inbound and outbound mail for viruses. It quarantines infected mail for further inspection or kills it on the spot. Policy-based security at an E-mail level is WorldSecure Server’s most innovative feature. It lets you set up security-related rules on a per site or per user basis. WorldSecure Server addresses the issue of unsolicited junk mail, a problem that continues to plague organizations of all sizes. Network Computing, September 15, 1997, p. 48. PKI provides a base for secure transactions,]oe Paone. Developing a public-key infrastructure (PKI) within a company and establishing links with other companies’ PKIs are deemed vital for the successful realization of digital certificate technology for authenti-