Network Computingwww.networkcomputing.com

To protect sensitive end-user data traversing your network, the i140 uses RSA to encrypt the data you choose to protect both in your database and on your network. The i140 is placed on your network between the edge router and Web servers. In this strategic location, it encrypts data fields that you specified as sensitive before they are passed to the Web server. The same set of rules lets the i140 decrypt these fields on the way out of your network, making it ideal for public Web site use.

Defending the Soft Interior

A serial connection to a computer is required to configure the administrator account and IP address. After initial configuration and a reboot, you can choose to perform the rest of the setup via a CLI (command-line interface) or a Web interface.

Ingrian Networks uses smartcard technology from nCipher Corp. to store information about configuration and encryption keys. These cards also can be used to reconfigure this or any other i140 with the same setup if necessary. After configuration, you need to make changes to your applications and databases to use the encrypted form of the affected fields.

As with any database encryption scheme, you should encrypt only the fields that must be encrypted. Encrypted fields are less useful for maintenance routines than the unencrypted equivalent, and the more data you encrypt, the slower your system will respond.

For a Web site, you would configure the i140 to look in the HTML body for a custom tag you have associated with pages requiring information you want to protect, such as credit-card numbers. Next, you would modify the Web pages that use the credit-card number to wrap the field in this user-custom tag and tell the i140 that anything within the custom tag should be encrypted.

You can also tell the i140 to search for encrypted data in the Web page on its way out of your network and decrypt any encrypted data found. Such searching will increase your response time, however, because you're working the unit harder.

Finally, change the database definition to hold the encrypted version of the credit-card number. This last step is important: An encrypted version of any given field is much larger than the equivalent raw-data field. According to Ingrian, the equation you can use to calculate the amount of space required is twice the field size plus 65, which means a standard 16-digit credit-card number would require 97 characters. This is a significant increase in database size, but the cost of security is never free and disks are cheap.

If your users are sending information from the network out to a business partner, you can configure a second Ingrian i140 with the Content Encryption Service Engine to decrypt this data automatically so it goes to the partner unencrypted. This way the business partner doesn't require an Ingrian i140 to decipher your data: Whatever encryption mechanism you have in place can remain unchanged.

If you would prefer not to buy two i140s, you can configure your front-end i140 to do this translation. Ingrian discourages using a single box for both front-end and back-end applications, however, as it might hurt response times for your users.

Protection and Performance

The i140 is also an SSL accelerator. I tested its performance by generating 500 SSL TPS (transactions per second) using RadView Software's WebLoad. I sent 1-KB files, and it was able to handle 287 SSL TPS. When I sent 5-KB files, the i140 was able to maintain 267 SSL TPS.

Because the i140 is designed to let you share keys between multiple i140s, better performance levels can be achieved via load-balancing. The i140 offers rudimentary load-balancing, but you'll need a dedicated load-balancer if you are using more than one or two Web servers.

At the time of testing, Ingrian had no tools available to allow decryption of data from within stored procedures or major development environments. This should not be a problem if you encrypt only fields that hold truly sensitive data that your internal utilities won't use.

Ingrian has developed a product for a market that has many partial solutions but few complete ones. Given the rash of companies that have had to admit that customer information was stolen from their databases in the past couple of years, this is a much needed solution. And if attackers make it through your outer defenses, what better way to inform upper management that you've been hacked than to end with the pronouncement "... but the encrypted data won't do them any good."