[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference noted::seal

Title:SEAL
Moderator:GALVIA::SMITH
Created:Mon Mar 21 1994
Last Modified:Fri Jun 06 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:1989
Total number of notes:8209

1758.0. "Java applet protection for AVFW" by LEMAN::16.44.48.222::denges::wenger () Mon Feb 03 1997 03:21

28Jan97 USA: INTERNET SECURITY GETS TIGHTER - FINJAN
SOFTWARE TO ENHANCE JAVA APPLET PROTECTION FOR ALTAVISTA
FIREWALL. 

Booth 400, RSA data security conference, San Francisco San Francisco, Jan. 
28 /prnewswire/ Finjan software, the leading provider of independent 
Java(tm) security solutions, today announced intentions to work with 
Digital Equipment Corporation on enhancing Internet security. The goal is 
to integrate Finjan's Surfingate(tm) patent pending technology, which scans 
and examines Java applet byte code at the enterprise gateway level, with 
Digital�s Altavista(tm) Firewall technology, which scans and examines 
TCP/IP Packets. Together, the two kinds of security checks would offer 
powerful protection to Internet and intranet users accessing the growing 
realm of on-line information, and the move strengthens the level of 
security available to corporate security managers. "Finjan's patent pending 
Surfingate technology protects Internet and Intranet users from the various 
threats generated by hostile applets, and we look forward to working with a 
recognized leader such as Digital," said Shlomo Touboul, CEO of Finjan 
software. "together, Surfingate and the Altavista Firewall can enhance the 
performance of Internet security solutions by optimizing their 
complementary security technologies."
In today's world of Internet downloadables, Mini-applications like Java 
applets enter network computers temporarily when users access Java-enabled 
web sites or use Web browsers such as Netscape Navigator(tm) 3.0. According 
To a recent Infoworld survey, one out of every three sites on the web is 
Java-enabled, and it is estimated there are more than 20 million people 
using Java-enabled web browsers such as Internet Explorer(tm) and Netscape 
Navigator. While
this downloadable computing greatly expands on-line services, it also opens 
new security holes by automatically allowing unchecked applets into the 
network without any warning, announcement, or even opportunity for users to 
refuse them. Firewalls such as the Altavista Firewall can block Java 
applets, but only Surfingate technology specializes in Java applet attacks 
that can bypass built-in security systems like the Java security manager. 
Surfingate protects intranet and Internet users from automatically 
downloaded hostile Java applets that carry out malicious attacks, including 
industrial espionage, e-mail fraud, resource theft, or unnoticed alteration 
of information, among many other problematic and counterproductive 
activities. Surfingate closely examines all Java applet content with patent 
pending scanning
technology, assigns an applet security profile, and allows users to choose 
what applet activities are allowed or denied accordingly. Surfingate 
technology benefits:

- intelligently scans and analyzes all downloadable content, whether signed 
or unsigned
- protects entire corporate network from undesired applets at the gcat 
gateway level, before a security risk can reach the intranet 
- manages a hierarchical multi-level security policy for departments, 
groups and individual users within the corporate entity
- allows internet/intranet users more access to on-line services by 
providing private applet security.

Finjan Software Ltd. is the leading provider of multi-layer security 
solutions for the new world of Internet/intranet downloadables. Finjan 
solutions protect enterprise and stand-alone computer resources from the 
potential risks of downloadables such as Java applets. Surfingate patent 
Pending technology is available at Finjan�s web site, 
http://www.finjan.com.
T.RTitleUserPersonal
Name		DateLines
1758.1is this good?ANNECY::HOTCHKISSMon Feb 03 1997 03:3920
    Is this meant to be good news or just news?
    Whilst I can see the apparent usefulness and hence the attention it
    should bring to the product offer,it seems that a closer analysis would
    reveal something different.Why?
    	-is Java filtering enough?ActiveX and a proper mail filter should
    all be in the bundle
    	-can this ever keep up with the possible bugs and attacks?IF it can
    then there is something wrong with the Java environment.If it can't
    then it is flash in the pan.
    	-in the old days,'patented' meant good.These days,patented means
    just the opposite.Invent and spread is the word,not patented.
    
    However,amusing to see that AVF is reduced to IP packet filtering
    according to this article.
    
    Incidentally,all the arguments applying to mail filtering and where to
    apply it,equally apply to Java.
    There we are - never expected me to have the same opinion as everyone
    else did you?
    :-)
1758.2... ftp ?EEMELI::EINAMOMon Feb 03 1997 12:4514
Is the anyway to do virus scanning over FTP connection

Cuystomer is askinf AVFW to do visus scan for every IP paket as they pass the
firewall. If indication of virus is detected the cancel the session.

He also alked can we set session login on for telnet/ftp session so
he can set trace for some user or ip adress and then log EVERY IP packet
to examine lated the fole session.

java and active X protection was also on his list

MARKO
1758.3viruswallSNOFS1::stylia.sno.dec.com::snov14::stylianouaTue Feb 04 1997 17:133
I think InterScan's Viruswall can do this.

AS
1758.4InterScan's ViruswallGALVIA::KEATINGWed Feb 05 1997 05:535
InterScan's Viruswall NT versions supports email virus checking.
The version on Sun supports ftp, http and email  virus checking.


Sarah
1758.5QUICHE::PITTAlph a ha is better than no VAX!Wed Feb 05 1997 08:399
    
    I'm sceptical.  I don't believe you can do a decent virus scan unless
    you hold all the data in the same place at the same time.  With mail
    this is fine, because all transfers are "store and forward";  with WWW,
    ftp, etc, this is not the case ...
    
    Just my personal opinion ...
    
    T
1758.6EEMELI::EINAMOThu Feb 06 1997 02:2310
>>InterScan's Viruswall NT versions supports email virus checking.
>>The version on Sun supports ftp, http and email  virus checking.

I think the issue here is ... when will AVFW support ftp, http and email  virus
checking ... !!

I hope soon because we are loosing business here

MARKO
1758.7OSTV03::MAKITANSTAAFLThu Feb 06 1997 04:0113
>>InterScan's Viruswall NT versions supports email virus checking.
>>The version on Sun supports ftp, http and email  virus checking.

I'm very intersted in HOW these producs to check virus...
Do those decode base64/uuencode/binhex/pc-zip/gnuzip/compress,
then check for DOS/Windows/Windows95/WindowsNT/68K Mac/PowerMac/VMS
/All variant of UNIX etc.?
How about for the Application level virus like "MS-Word macro virus"?
( Frankly speaking, I can't believe those are effective. ) 

----
Maki Watanabe		Internet Solution Center, SI, DEC-Japan
Email: [email protected]
1758.8firewall star warsIJSAPL::VANHULSTThu Feb 06 1997 04:3934
    
    
    Firewall evolution ...........
    
    	- protection of proxy
    	- protection of scanning virus (Mimesweepers/Viruswall)
    	- protection by strong authentication (Secure Dynamics)
    	- protection by integration of IP-tunneling
    	- protection by scanning Javascript
    	- protection of ActiveX
    	- protection of authenication by SSL 
    	- protection by blacklist 
    	- execution autorisation 
    	- collecting logging information
    	- implementing triggers/alarms
    	- ........
    
    and what else will be added to this pile of protection and building  
    a kind of false feeling of being protected
    just a race leading to nowwhere ? just  increase of complexity / 
    overhead /effecting response time / effecting availability /
    high cost of investment / hardly to support it ?
     
    Is this not similar with the SDI/Starwars process and we are building 
    a massive protection screen not able to stop a new created litlle virus
    getting through and will wipe something out in the peaceful Intranet ? 
    
    what are we doing wrong ?   
    
    eeh what ?... Oh, I should understand that this is good business .... 
    
    Yes good point, I will shut up .... sorry of the interrupt :-)   
    
    	Henk
1758.9game over?ANNECY::HOTCHKISSWed Feb 12 1997 08:259
    henk,
        The firewall game is nearly over,hence the mad scramble to add
    functions which of of little use.AS soon as Checkpoints code is put
    into Cisco routers,it will be over for certain.This does not mean that
    the network security game is over though.I expect the whole issue to
    shift to relatively open nets with strong on-network security and very
    little intersystem trust with the firewall being a commodity no-brainer
    rather like a cheapo doorlock.
    MY 2C