RSS
  NetLOCK Secures The Enterprise By Christopher Smith Peer-to-peer network encryption is becoming more popular, but only a few of the offerings on the market can handle the rigorous diversity that most networks require. What good is encrypting network traffic when you have multiple, unprotected resources because of a lack of encryption support for your network's diverse operating systems? NetLOCK 1.3 from NetLock offers not only a highly manageable multiprotocol network layer encryption but also the support to handle communication among network resources. Need to communicate via IPX, AppleTalk or IP? NetLOCK supports Apple Computer MacOS, Digital Equipment Corp. Unix, Hewlett-Packard Co. HP-UX, IBM Corp. AIX and OS/2, Microsoft DOS/Windows 3.11, Windows95, Windows NT 3.51 and 4.0, Novell NetWare, The Santa Cruz Operation SCO OpenServer and UnixWare, Silicon Graphics Irix and SunSoft Solaris 2.4/2.5 platforms. In Network Computing's Syracuse University lab, I tested a beta of NetLOCK 1.31 on Windows95, NT 4.0 and Solaris, encrypting IP communications. I was astonished at the universality of the encryption management for large environments. NetLOCK offers four de facto, industry-standard encryption algorithms that encrypt data at the network layer: Data Encryption Standard (DES), Triple DES, RC2 and RC4. It also includes a Hughes proprietary algorithm, called CXOR, which the vendor says is less secure but quicker and specifically designed for more traffic-intensive environments. Keying the Locks The NetLOCK model consists of the agent and the manager. The agent, a client resident service, handles encryption on individual nodes. Through version 2.0 of the Simple Network Management Protocol (SNMPv2), the manager lets a network administrator adjust encryp tion settings on any NetLOCK-protected machine on the network. The manager holds a profile for each client; even if the clien t is currently detached from the network, the configuration is readily available. Besides a few key pieces of security information, which safeguard against intrusive node configuration management, installation requires little configuration, saving most of the work for the management console. All three platforms required a slightly different agent for the particular operating system. For Windows95, a VxD (virtual device driver) slides into the network adapter's protocol stack to encapsulate the incoming and outgoing traffic. The Windows NT agent worked similarly, using a separate adapter instance (which appears to be a network adapter that is bound on top of the original Ethernet adapter driver), as well as a running service. Our Solaris test machine also used a shim device to encrypt IP traffic, along with a daemon running in the background. Additionally, each agent individually requests a digitally signed public key certificate from the manager during initial configuration, which lets the agent auth enticate other NetLOCK agents when initiating communication. I configured the key's lifetime to regenerate after a set interval, making it harder to crack.
By Jim Weider WinPharaoh 1.2 Pyramids Network Alalysis By Bruce Boardman Tektronix Phaser 560 Beams Up Your Printing By David Harvey Updated August 8, 1997 
|
Best of the Web
Data deduplication: Declawing the clones
Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.
Compression, Encryption, Deduplication, and Replication: Strange Bedfellows
One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.
WAN Optimization Whitelists and Blacklists
Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.
WAN Optimization as a Managed Service: It's Not About the Cost
This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.
