Turning net security inside out

A string of vendors are releasing products to the channel which they claim target a more pro-active security approach that customers will need in 2004.

Scott Ferguson, regional director at security software specialist Check Point in Australia, said the Israeli company had released a new offering - dubbed InterSpect - which provided a twist on the traditional firewall concept.

"InterSpect is not a firewall because it's almost the antithesis of a firewall. Firewalls work by blocking everything," he said.

The product was made available locally Wednesday, 21 January, via distributors such as LAN Systems and Express Data but a full channel program won't be rolled out until the end of the month, he said.

Ferguson said that Check Point's internal network security gateway, on the other hand, allowed things to come in, quarantining packets that met certain criteria before trashing them. It also allowed segmentation of the network by physical means, such as by IP address or by user, for example.

"We compare the packet to previously-received packets," he said. "It's a more systematic approach than building a big brick wall and just disabling everything."

Another advantage, he said, was that resellers could buy the whole thing in one go instead of buying a software application and then a server from Sun or Dell or some other vendor.

He said he believed InterSpect could be an early representative of a new approach to developing security products and technologies this year.

"We think this is a watershed and could enable the use of web-based services in a much more secure and open fashion," Ferguson said.

Meanwhile, Chy Chuawiwat, MD at Clearswift Asia-Pacific, claims companies this year will be asking how to "enable the good stuff" as well as blocking the "bad stuff".
Security products until now have largely taken a prohibitive approach to the internet. That is, anything risky gets refused entry.

Chuawiwat said security vendors - including Clearswift - that prove successful this year will attempt to do just that in the face of increasingly complex malware.

Simply deploying a firewall and anti-virus software would not be the answer. What was needed was a pro-active multi-layered approach that sought out specified file types, executables, spyware or malicious code, he said.

Email rights and encryption will be big issues in 2004, Chuawiwat said.

"Deviously-minded types could have a field-day with the new encryption systems and 'rights-managed' software being introduced by Microsoft and other vendors if companies do not put in place new policies next year," he said.

He said some rights-managed software enables documents and emails to be encrypted for all recipients. However, to open such material, users might only need an easily-obtained ID such as a .NET passport.

Then, such documents or emails are controlled externally and the company can't check them for which it is legally responsible. Such items could contain virtually anything forbidden by the company or by Australian law, Chuawiwat points out.

"This year, the emphasis will change," he said.

Clearswift had recently released products in its Mimesweeper and Enterprisesuite ranges which enable companies to prevent encrypted material from unauthorised individuals entering or leaving the company, he said.