[108185] in Cypherpunks
[ISN] Network Turned Firewall (fwd)
daemon@ATHENA.MIT.EDU (jei@zor.hut.fi)
Mon Feb 8 06:53:56 1999
From: jei@zor.hut.fi
Date: Mon, 8 Feb 1999 13:39:24 +0200 (EET)
To: cypherpunks@toad.com
Reply-To: jei@zor.hut.fi
Amazing.
---------- Forwarded message ----------
Date: Sun, 7 Feb 1999 15:52:55 -0700 (MST)
From: mea culpa <jericho@dimensional.com>
To: InfoSec News <isn@repsec.com>
Subject: [ISN] Network Turned Firewall
http://www4.zdnet.com/intweek/stories/news/0,4164,2200208,00.html
Network Turned Firewall
By Charles Babcock
February 3, 1999 10:14 AM ET
There's a new security firm that would like to shut down your firewalls as
a step toward increasing your protection from intruders.
"Under our system, the network becomes the firewall," said Marketta
Silvera, president and chief executive officer of Pilot Network Services.
By imposing a watching and listening service over a company's wide area
network (WAN) traffic, including its Internet traffic, Pilot engineers
can watch for activity that signals someone probing to break into a server
or other network device.
Under Pilot's Corporate Partner Networking service, an organization's WAN
traffic is rerouted through one of Pilot's seven security centers, or
"Power Plants," where it is analyzed, 24 hours per day, largely through
automated systems. The analysis performs the same function as a firewall
at the perimeter of the company but continues looking at the traffic for
patterns of attempted intrusion, such as port scans (where the intruder
hunts for an open port on a server through which to enter) or commands to
change disk drives from parties that have no business attempting such a
command.
The analysis is carried out by Pilot's Heuristic Defense Infrastructure,
which can learn from known methods of intrusion and incorporate new ones
encountered while watchdogging all Pilot customers. Pilot developed the
system over five years to allow the service to provide a defense in depth,
said Michael Milliken, vice president.
The Power Plants are staffed with security experts who respond to alerts
and close a port on a server if an intruder has found one to use to invade
a system. Silvera said firewalls offer a limited solution to a problem
that is outgrowing their function. "You can't solve a moving problem with
a fixed software package," she said.
Pilot's system is intended to incorporate new attack information quickly
and erect a line of defense throughout Pilot's seven centers. All
customers then receive the resulting protection, rather than each
organization having to discover and implement it through in-house
security, she said.
"It's a form of a self-learning system. It's a much more comprehensive way
of addressing security needs," said Amy Sachrison, security analyst at the
Aberdeen Group.
Early customers of Corporate Partner Networking include: Newsweek, the
National Association of Security Dealers and GE Capital IT Solutions.
"We have a viable, secure foundation for electronic commerce with Pilot,"
said Len Carella, director of information technology at Newsweek.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
