Sunday, July 29, 2007

Nevis Networks Develops Identity-Based Cloaking Technology

Nevis Networks announced a new secure "Cloaking" capability that enables security administrators to completely mask key network resources from specific users and user groups. The goal is to make network servers and application resources "invisible" to unauthorized users, thereby preventing unauthorized users from launching a range of malicious attacks, including denial of service (DoS), password cracking, and probing for open ports and vulnerabilities.

Nevis said its new cloaking technology is built on the foundation of its LANenforcer identity-based security appliance, which associates network packets with unique user IDs and the user's group affiliation. This allows cloaking and access policies to be defined in simple, easy to manage rules aligned with organizational group definitions. Access policies can be designed to be extremely granular down to a particular application, or specific server.

For example, a user within an organization's engineering department can be prevented from sending/receiving traffic to or from an HR application server. Unlike other access control technologies, it doesn't matter where the engineering user accesses the network from, or how the LAN is segmented, or what workstation he uses. The policy for his role is enforced everywhere in the network. Unauthorized packets are dropped before ever reaching their destination, removing the need for mission critical servers and applications to defend themselves from potential intruders, who can still overwhelm systems with attack attempts.

See also