Rubrik: World-wide News/Products & News

Cyberguard: Firewall/VPN Appliances Will Incorporate Linux-Based Operating Environment

"TSP" firewalls Offer the Most Granular Inspection Available With
79 Inspection Points

(02.09.04) - CyberGuard announced the details of its next generation of information security products - the "TSP" family of firewall/VPN appliances. Built on a new Linux-based secure operating environment (OE), the TSP family consists of the 1000, 3000, and 5000 series. The new appliance line represents the company's first "Total Stream Protection" (TSP) product. TSP appliances enable user and application-specific security policies so organizations can customize their information security rules and practices to the level of an individual user as well as by the various applications used throughout an enterprise and the specific needs of an organization.

"This is a major step forward in our strategy of becoming the leading worldwide information security provider," stated Pat Clawson, chairman and chief executive officer of CyberGuard Corporation. "Not only are we continuing to offer a secure operating environment, but operating on Linux opens the door to a wider customer base. As we move forward, Global Command Center(tm), our next generation central management solution, will serve as the control interface for all of our TSP components."

The TSP line continues CyberGuard's tradition of offering solutions that are invulnerable to attacks against the firewall OE. Mandatory access control (MAC) and multi-level security (MLS) technologies completely insulate the OE layers used to inspect and transport packets from those that allow the firewall to be configured and managed.

Immediately available as a secure operating environment upgrade for CyberGuard's existing Classic family of firewall appliances, TSP enhances CyberGuard's FS, KS, and SL appliances with broader application layer protection capabilities. Many of today's most damaging viruses, worms and vulnerabilities are introduced at the application level. That is where user data resides and it is a favorite target of the black hat community because the complexity of the various protocols in use makes it very difficult to protect. An exposed vulnerability at the application layer leaves an entire enterprise open to attack. London-based security firm mi2g estimates the economic impact of recent infections from application layer attacks including Sobig, MyDoom, Klez and Mimail to be more than 132 billion Dollar.

TSP extends CyberGuard's application layer security protection with a new innovative algorithm called "contextual aggregation" that is used to assemble packets into session-aware contexts. Contextualizing the communications stream enables TSP series appliances to identify and control the use of restricted commands and unauthorized use of applications and content. Once the entire message has been assembled, TSP inspects the data stream at all seven layers of the Open System Interconnection (OSI) networking model. CyberGuard's new TSP firewalls offer the most granular inspection available with 79 inspection points at the application layer and 30 inspection points at the packet-filtering layers.

"IT security officers are clamoring for application-aware solutions to mitigate the sophisticated nature of application-oriented attacks," explains Jason Wright, industry analyst and program leader for security technologies at Frost & Sullivan, an industry research firm. "CyberGuard's new version TSP series is a significant step in that direction. It blends positive security model 'known good' application behavior with 'known bad' signatures and 'acceptable use' policies to provide granular application-layer protection."

TSP series policies are highly customizable using a scheme best described as 'per everything.' Administrators can grant security access and privileges based on criteria such as user identity, user group, application, origination and destination. TSP Series appliances offer a number of new management features including robust alert options, advanced query functions for auditing reports and a Web-based user interface for remote management using reusable objects and a wizard-like configuration. (ma)

CyberGuard

Beethovenstraße 8-10, 60325 Frankfurt am Main

Kontakt: Matthew Walker

Tel. (069) 97554325, Fax (069) 97554100

E-Mail: mwalker@cyberguard.com

Media Contact: Caren Leigh (CyberGuard Europe Ltd)

Tel. (0044-1344) 382550

E-Mail: cleigh@cyberguard.co.uk

Web: www.cyberguard.com