IIJ Launches the IIJ Quarantine Network Solution; The Industry's First Total Quarantine Solution, from Detection to Isolation, Remediation, and Removal.
A quarantine network is a mechanism for automatically detecting PCs connected to a corporate LAN that are infected by viruses or worms, or that do not have the most recent security patches installed. The technology then forcibly isolates the problematic PCs and moves them onto a completely separate network where they cannot communicate with other PCs on a company's server. There, they can be treated and disinfected as needed.
Corporate network are becoming ubiquitous and now can often be accessed from anywhere at anytime, and while this increases convenience for the users, it also exposes the network to threats created by unsecured PCs. The Blaster worm epidemic in 2003 created widespread damage on corporate networks, and insufficient security measures have created many instances of information leaks, which makes security management of network PCs and measures for removing unsecured PCs from a corporate network an urgent priority.
The IIJ Quarantine Network Solution automatically acquires and inspects security information from PCs that are connected to the corporate network to ensure that they are running an operating system (OS) with all available security patches and the most up-to-date antivirus signature files for their antivirus software. Based on the results of this inspection, PCs not complying with company security policies are blocked from accessing corporate networks and are allowed access only to the quarantine network (treatment server etc.), thus removing ongoing threats from a company LAN and maintaining a high level of security.
IIJ has created two service types to meet the needs of different client network environments.
--Type A (Gateway Type): for companies with many office locations
A quarantine device is installed on the gateway at each of the customer's locations, and the connection from each location to the central network is the target of any action. This service uses the Net'Attest SecurityFilter quarantine equipment by Soliton Systems, which authenticates and inspects PCs connected to the company network and prevents access from PCs that violate security regulations.
--Type B (LAN Type): A high-end version for medium to large LANs
A dedicated quarantine server is installed on the customer's premises along with quarantine software in each network PC, and these two components work together to monitor the network at this location using DHCP (*1). This unique quarantine system--developed jointly with Net Care, Inc., an IIJ Group company, regularly inspects all PCs and isolates, removes, and treats non-complying PCs.
--Non-complying PCs are removed from the company network to ensure a high level of security
A high level of security is maintained on the company network in the Type A plan by existence of quarantine software and by authentication of IDs and passwords, and in the Type B plan by removal of PCs with unregistered MAC addresses (*2) or computers using improper fixed IP addresses.
--A total solution is implemented for inspection, isolation, remediation, and removal through IIJ's industry-first automated security patch detection function
Based on the inspection results on each PC in the Type A plan, the computer is automatically connected to a remediation network. In the Type B plan, a security patch of OS can be forcibly installed and remediation performed automatically.
--Quarantine functions can be introduced easily and without major changes to the existing network structure
The Type A plan only requires the installation of a quarantine device at the gateway, and the Type B plan requires replacement of the DHCP server, which provides PC quarantine functionality without extensive changes to the company network.
--Operation monitoring and policy database updates, 24 hours a day, 365 days a year
An expert engineer is on duty 24 hours a day 365 days a year at the IIJ Quarantine Center to monitor the quarantine devices and servers, which removes the burden of emergency recovery and policy database updates and allows the customer to focus on security policies.
(*1) DHCP(Dynamic Host Configuration Protocol): Dynamic assignment of an IP address to a PC upon starting, instead of assigning fixed private addresses to each PC (*2) MAC Address: Globally unique numbers assigned to Ethernet cards so that they can connect to a network IIJ will continue to develop new solutions for our customers to reduce the burden of network security. -- Inspection Targets -- Microsoft Windows OS information -- OS version, installed security patches, installed Windows Service Packs -- Compatible with the following OS: Windows98 Second Edition (Type A only), Windows2000 Professional, WindowsXP Professional/HomeEdition -- Antivirus Software Information -- Existence of antivirus software, antivirus engine and signature file version -- Compatible with the following applications: TrendMicro, Symantec, McAfee -- Fee Schedule (for 100 locations) Type A: Installation charges start at 3 million yen Monthly charges start at 27,000 yen per location Type B: Installation charges start at 3 million yen Monthly charges start at 1,000 yen per client * Fees will change based on the number of clients (Type A) and locations (Type B). In conjunction with this release, IIJ is offering a free trial service. ---------------------------------------------------------------------- Trial Service Summary --------------------- Trial Period: Approximately 2 months Service Description: Type A, trial service at 2 to 3 locations Type B, trial service for 1 to 2 clients ----------------------------------------------------------------------
Founded in 1992, Internet Initiative Japan Inc. (IIJ, NASDAQ: IIJI) is one of Japan's leading Internet-access and comprehensive network solutions providers. The company has built one of the largest Internet backbone networks in Japan, and between Japan and the United States. IIJ and its group of companies provide total network solutions that mainly cater to high-end corporate customers. The company's services include high-quality systems integration and security services, Internet access, hosting/housing, and content design.
About Soliton Systems K.K.
Soliton Systems is an industry pioneer and the first company to work with LAN and network OS in Japan. They have years of experience constructing large networks, and they also have a track record in network OS and protocol application development. More recently, Soliton Systems has focused on developing security products, starting with authentication applications, and broadband system construction and operation. Established in 1982, they have 627.8 million yen in capitalization and 14.1 billion yen in sales (as of March 2005)
About Net Care, Incorporated
Net Care, Inc., was established in February 1998 with Internet Initiative Japan Inc. (IIJ), CRC Solutions Corporation, and JGC Corporation as some of its major shareholders. Using the expertise accumulated in IIJ Group network support operations, Net Care is an outsourcing supplier providing call center operations and management, network support that includes failure response and supervision, help desk services, and a variety of network management solutions.
|Printer friendly Cite/link Email Feedback|
|Date:||Nov 8, 2005|
|Previous Article:||ESET's NOD32 Achieves 34th Consecutive Virus Bulletin 100% Award; NOD32 Is Recognized for Flawless Virus Protection; Performs Scans Five Times Faster...|
|Next Article:||Yamana Reports Net Earnings of $3.2 Million for the Third Quarter 2005.|