New Network Systems security router enables exchange of confidential information over private and public networks, including Internet.MINNEAPOLIS--(BUSINESS WIRE)--Nov. 14, 1994--Network Systems Corp. Monday introduced the first network security product that enables organizations to exchange information in total confidentiality across all types of private and public access data networks, including the Internet. With data protection assured, network managers are free to take advantage of the most cost-effective networks available for transferring sensitive information. The bullet-proof security and unprecedented flexibility provided by Network Systems' new Security Router are made possible by the company's latest security software -- its Data Privacy Facility (DPF DPF Digital Photo Frame DPF Diesel Particulate Filter DPF Departamento de PolĂcia Federal (Federal Police Agency - Brazil) DPF Drug Policy Foundation DPF Duang Prateep Foundation (Thailand) ). DPF employs two significant innovations in approach: -- First, security is tightly integrated in the network router; and -- Second, data is encrypted on a packet-by-packet basis. "Network Systems' Security Router with DPF clearly offers the deepest set of security features for internetworking technology today," said Nick Lippis, president, Strategic Networks Consulting. "Security is too often the most overlooked element of a robust mission-critical network," said Glenn Gabriel Ben-Yosef, senior consultant at the Yankee Group (the Yankee Group, Boston, MA, www.yankeegroup.com) A major market research, analysis and consulting firm founded in 1970 by Howard Anderson. It provides general consulting and strategic planning in the computer and communications field. . "Network Systems, in its Security Router with DPF, provides a completely different level of security for LANs reminiscent of the bullet-proof security model found on mainframes. Yet, Network Systems' security model is transparent to the end user, providing protection while maintaining ease of use," he said. Previous security techniques have relied on encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. hardware installed at each end of a point-to-point link or on software encryption programs, both of which limit security's reach. Neither method, for example, has been capable of security data on multi-access networks such as Frame Relay A high-speed packet switching protocol used in wide area networks (WANs). Providing a granular service of up to DS3 speed (45 Mbps), it has become popular for LAN to LAN connections across remote distances, and services are offered by most major carriers. , ATM, X.25 or SMDS (Switched Multimegabit Data Service) A high-speed, switched data communications service offered by the local telephone companies for interconnecting LANs in different locations. It was introduced in 1992 and became generally available nationwide by 1995. . Encrypting routers, on the other hand, can exchange protected data with other routers anywhere -- on any type of network. Also, the Security Router with DPF permits users to select specific data for encryption or compression -- based on address, application type or transmitting interface -- and gain additional efficiencies. The entire selected packet is encrypted and transmitted using a standard IP header containing the network addresses of the DPF routers. In addition, with security built into the routers, data protection becomes automatic and transparent to users. And, Network Systems' Security Router with DPF virtually eliminates the need for human intervention: -- No modification of existing computers and routers is required; -- Key management is handled automatically by the routers; and -- In the event of an equipment failure, the routers automatically select backup devices See backup storage. and continue the communications session. Since the Security Router combines the functions of a router with the functions of an encryption device, customers gain total data protection at reduced cost. The Security Router's data compression data compression Process of reducing the amount of data needed for storage or transmission of a given piece of information (text, graphics, video, sound, etc.), typically by use of encoding techniques. capabilities also improve network efficiency. By encrypting complete packets, and transmitting them inside IP packets, the customer takes full advantage of the strengths of standard network media. Although DPF scrambles information in the packet, it does nothing to alter its ability to be sent over any standard IP network -- local area, metropolitan area and point-to-point or fast-packet wide area networks, including the Internet. Relying on IP packets to carry encrypted data offers a number of advantages. Foremost is the flexibility to create a "virtual private link" over any type of network -- point-to-point, Ethernet, Frame Relay, ATM or the Internet. Also, DPF capitalizes on the robust, self-healing, characteristics of IP networks to ensure high reliability. And, with IP likely to be favored in emerging technologies, customers of Network Systems' DPF can look to it as a long-term solution. DPF provides the means to defeat traffic analysis. Since the entire original packet is encrypted, the addresses of the communicating computers are also encrypted. The encrypted packets are transmitted in IP packets which are addressed between DPF routers. Outside observers would only see two routers communicating; they would not know that this was actually the two end computers communicating. "Data security is fast becoming a hot-button as companies come to rely on networks to handle business transactions," said Ted Doty, program manager, Network Systems' security products. "DPF answers the growing need for ironclad ironclad, mid-19th-century wooden warship protected from gunfire by iron armor. The success of the ironclad when first employed by the French in the Crimean War sparked a naval armor and armaments race between France and Great Britain. data privacy. Plus, it opens up a whole new world of networking possibilities. Organizations can now provide improved service and gain significant cost savings without compromising the security of their most proprietary information." "For nearly two decades, Network Systems has been the premier supplier of secure, high performance networking equipment," said William R. Franta, Network Systems' vice president, routers/switch business unit, and chief technical officer. "DPF is a further example of our pioneering efforts to address the critical need for data security." Test units of the Security Router with DPF will ship Dec. 1. In addition to supporting Ethernet, FDDI (Fiber Distributed Data Interface) Often pronounced "fiddy," it was a LAN and MAN access method that had its heyday in the mid-1990s. FDDI was an ANSI standard token passing network that transmitted 100 Mbps over optical fiber up to 10 kilometers. and T1/E1 WANS, the Security Router provides bridging and IP, IPX (Internetwork Packet EXchange) The network layer protocol in the NetWare operating system. Similar to the IP layer in TCP/IP, it contains a network address and allows messages to be routed to a different network or subnet. , DECnet and AppleTalk routing. The security Router directly supports Frame Relay, SMDS and X.25 and, through a cellifier, it also supports ATM. The new product offers benefits across a variety of networks including: -- Point-to-point links. DPF offers bulletproof Refers to extremely stable hardware and/or software that cannot be brought down no matter what unusual conditions arise. See industrial strength. bulletproof - Used of an algorithm or implementation considered extremely robust; lossage-resistant; capable of correctly security -- and eliminates the need for costly encryption devices at each end of the link. -- Multipoint links, such as Frame Relay, or multi-access networks, including public internets. DPF provides the first commercially available security solution for these networks, enabling customers to create "virtual private networks" over which data may flow with complete confidentiality. Organizations gain privacy without the cost of leased lines A private communications channel leased from a common carrier. Most digital lines require four wires (two pairs) for full-duplex transmission. (communications, networking) leased line . -- Shared links. DPF allows two or more companies to share high-capacity communications connections while keeping the information of each strictly confidential. This allows them to take advantage of higher capacity links than they could justify alone -- without sacrificing data security. DPF encrypts data using any of three strong encryption An encryption method that uses a very large number as its cryptographic key. The larger the key, the longer it takes to unlawfully break the code. Today, 256 bits is considered strong encryption. As computers become faster, the length of the key must be increased. standards: the International Data Encryption Algorithm (algorithm, cryptography) International Data Encryption Algorithm - (IDEA) A conventional encryption algorithm, written by Xuejia Lai and James Massey, in 1992. It is a block cipher, considered to be the best and most secure available, and operates on 64-bit blocks with a (IDEA), recognized as the world's strongest commercial encryption method; the Data Encryption Standard See DES. Data Encryption Standard - (DES) The NBS's popular, standard encryption algorithm. It is a product cipher that operates on 64-bit blocks of data, using a 56-bit key. It is defined in FIPS 46-1 (1988) (which supersedes FIPS 46 (1977)). (DES), a proven U.S.-standard; and NSC NSC abbr. National Security Council Noun 1. NSC - a committee in the executive branch of government that advises the president on foreign and military and national security; supervises the Central Intelligence Agency 1, a high speed, proprietary algorithm suitable for encryption at Ethernet speeds. Engineered for high performance -- with IDEA encryption, for example, DPF can protect a full duplex (Computers) arranged so that the information may be transmitted in both directions simultaneously; - of communications channels between computers; contrasted with -- Authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. to automatically verify that data is coming from the correct source and going to the right destination; -- Digital signatures to prevent data modification in transit; -- Replay prevention to block the presentation of old transactions again at a later date; and -- Key authentication Key authentication is a problem that arises when using public key cryptography. It is the process of assuring that the public key of "person A" held by "person B" does in fact belong to "person A". to ensure that future transmission won't be compromised if an encryption key is disclosed. Data compression is another high-value feature of the Security Router with DPF. Its ability to squeeze more data onto existing bandwidth -- text throughput is almost doubled -- improves network efficiency and delays the need for costly upgrades. Minneapolis-based Network Systems Corp., provides comprehensive solutions for successfully implementing high performance enterprise networks. CONTACT: Network Systems Corp.
Paul Payack, 612/424-1555
Ted Doty, 301/596-2271
|
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion