[ news_security_news ]
DeepNines Urges Companies To Protect Routers
SecurityProNews
Staff Writer
2004-08-31
 Insider Reports RSS Feed
Cisco Systems Announces New Vulnerabilities, But DeepNines' Security Platform Provides Protection Invisibly in Front of the Router.
Late last week, Cisco Systems informed its customers of security holes in two of its access and authorization products, the Cisco Secure Access Control Server for Windows (Windows ACS) and Cisco Secure Access Control Server Solution Engine (Secure ACS). Denial-of-service exploitation of either of these two vulnerabilities could force a router shutdown/reboot or allow an attacker to gain unauthorized access to network devices controlled by the ACS. However, none of that will be a problem for companies whose routers and networks are protected by the DeepNines Security Platform.
Cisco says the two products are vulnerable when flooded with TCP connections on port 2002. In that scenario, the ACS is unable to process authentication requests and requires rebooting. Cisco also found that spoofing specific network addresses enables attackers to gain unauthorized access to the network. The DeepNines Security Platform monitors all traffic and TCP connections and keeps spoofed IP addresses out of the network. It protects the most critical entry point to an enterprise's network -- the router.
"The DeepNines Security Platform sits invisibly in front of the router and blocks or quarantines all malicious, suspicious and anomalous traffic entering the network," says DeepNines President and COO Dan Jackson. "The DeepNines Security Platform protects the router and the network with intelligent monitoring and stops IP spoofing. As a result, there's no unauthorized entry through port 2002 -- Our platform just doesn't fall for that kind of subtle subterfuge."
The DeepNines Security Platform has no MAC or IP address, meaning that it is invisible in its logical position in front of the router. From this location, DeepNines monitors all connections accessing the network. If a hacker tries to spoof an IP address, the system recognizes it and immediately stops the incoming conversation. Regardless of the type of router, external monitoring of traffic -- using both signature-based and rate-based techniques -- is an effective way to protect the router and the network on the other side of that router.
"Market-share is driving hacker decisions, whether it's these two Cisco vulnerabilities today, or a whole slew of new vulnerabilities tomorrow. The fact is, routers are vulnerable and not designed to fend off attacks," Jackson said. "As part of a layered approach to network security, the DeepNines Security Platform is designed to thwart attacks so routers and networks remain focused on what they were designed to do -- route traffic. Our job is to ensure they stay clean and productive by letting the good guys in and keeping the bad guys out. It's that simple."
About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
