Secure Computing's Sidewinder Firewall Impervious to Critical UNIX Vulnerability.Business Editors and High Tech Writers SAN JOSE San Jose, city, United States San Jose (sănəzā`, săn hōzā`), city (1990 pop. 782,248), seat of Santa Clara co., W central Calif.; founded 1777, inc. 1850. , Calif.--(BUSINESS WIRE)--July 31, 2001 [pilcrow (paragraph sign)] Sidewinder's Patented Type Enforcement  This article or section is written like a personal reflection or and may require .Please [ improve this article] by rewriting this article or section in an . (TM) Architecture Thwarts Complete System Compromise Attack Detailed in CERT(R)Advisory CERT-2001-21 Secure Computing For the general concept, see . Secure Computing Corporation, or SCC, is a public company (NASDAQ: SCUR) that develops and sells computer security products, such as:
in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : SCUR), a leading provider of enterprise access control solutions, today announced that its Sidewinder sidewinder, common name for a rattlesnake, Crotalus cerastes, found in the deserts of the SW United States. This 2-ft (60-cm), pale yellow and pink snake is named for its curious method of locomotion. (TM) firewall and VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. gateway is not susceptible to the serious vulnerability that was reported in the recent CERT Advisory, CERT-2001-21. The Advisory reported that systems running versions of telnetd derived from BSD (Berkeley Software Distribution) The software distribution facility of the Computer Systems Research Group (CSRG) of the University of California at Berkeley. source code are vulnerable to an attack allowing unauthorized, complete, system access. Telnetd is an application commonly used for remote administration and is generally included in commercial UNIX operating systems. The telnetd vulnerability referenced is not applicable to Sidewinder as a result of disciplined security software design practices in combination with Secure Computing's patented Type Enforcement(TM) technology. Sidewinder's telnetd services are greatly restricted due to both known and theoretical vulnerabilities. This least privilege A basic principle in information security that holds that entities (people, processes, devices) should be assigned the fewest privileges consistent with their assigned duties and functions. design renders the attack described in the CERT-2001-21 Advisory useless. In addition, Sidewinder's operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. , SecureOS(TM), built on Secure's Type Enforcement technology, has further defenses against this attack that would trigger multiple security violations. Specifically, the attack first attempts to start a shell process. Sidewinder's embedded Type Enforcement security rules prevent telnetd from replicating itself and accessing the system shell programs. Even without this embedded, tamper proof rule in place, other Type Enforcement rules also defend against this attack. As an example, the new shell would need administrative privileges and those privileges are not available to the telnetd services. "Our competitors are rushing to develop and issue patches to address this vulnerability. Because Sidewinder integrates a secure operating system The term "secure operating system" is a misnomer. Relevant articles include:
Sidewinder's fundamental defense-in-depth architecture was first released to the market in 1995. Since that time, Sidewinder has demonstrated its superiority over competitors' react-and-patch security solutions, which have continuously exposed mission critical networks to the attack du jour. Sidewinder is the world's strongest firewall, and with its powerful VPN gateway delivers an impenetrable network shield without sacrificing ease of use, reliability and scalability. The strength of Sidewinder was further demonstrated recently when it was the first firewall accepted into evaluation against Common Criteria's highest Evaluation Assurance Level The Evaluation Assurance Level (EAL1 through EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. available for firewalls, EAL EAL English as an Additional Language EAL Evaluation Assurance Level EAL Eastern Airlines EAL Emergency Action Level EAL Environmental Analysis Laboratory EAL Evidence Analysis Library (American Dietetic Association) 4+ which included EAL5 components. Sidewinder's hybrid architecture combines stateful inspection, application filtering, IPSec-certified VPN and real-time intrusion alerts into one simple software package that runs on low-cost Intel(R) hardware. At the hardened core of Sidewinder is SecureOS, a performance-optimized, highly secure operating system built with Secure Computing's patented Type Enforcement technology. The result is uncompromised perimeter defense that is easy to deploy and manage across any enterprise. About Secure Computing Headquartered in San Jose, CA, Secure Computing Corporation (NASDAQ: SCUR) is a leading provider of enterprise access control solutions. Secure Computing software products and services control access to applications and networks based on user authentication and authorization to market-leading VPNs, firewalls, Web servers and embedded devices. Secure Computing's worldwide partners and customer base are counted among the Fortune 50 in financial services, healthcare, telecom, communications, manufacturing, technology and Internet service providers Internet service provider (ISP) Company that provides Internet connections and services to individuals and organizations. For a monthly fee, ISPs provide computer users with a connection to their site (see data transmission), as well as a log-in name and password. , as well as some of the largest agencies of the United States government. For more information, visit the Secure Computing Web site at www.securecomputing.com. All trademarks, trade names or service marks used or mentioned herein belong to their respective owners. This press release contains forward-looking statements relating to the statement that the Sidewinder firewall and VPN gateway is not susceptible to the serious vulnerability that was addressed in the recent CERT Advisory, CERT-2001-21, and such statement involves a number of risks and uncertainties. Among the important factors that could cause actual results to differ materially from those indicated by such forward-looking statements are technical difficulties, undetected software errors or bugs, delays in product development, changes in customer requirements and the risk factors detailed from time to time in Secure Computing's periodic reports and registration statements filed with the Securities and Exchange Commission. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion