Security vendors discuss interface

The new common API would let antivirus software and scanning products that block hostile Java applets work easily with security mechanisms.

2 min read
Major Internet security vendors are discussing a common application programming interface that will let antivirus software and scanning products that block hostile Java applets work easily with firewalls, routers, VPNs, and other security mechanisms.

"This will increase the interoperability of products located at border control points in IP networks," said Martin Hall, chief technology officer of Stardust Forums, a provider of technical information and training. Hall chaired the first meeting on the Common Content Inspection application programming interface (API).

For network managers, a standard application programming interface could reduce the complexity of determining what security products work together and deciding which ones to buy. For developers, it would simplify making their products work with other security offerings. Instead of writing to separate interfaces for each vendor's product, developers could write to the Common Content Inspection API.

The API is designed primarily so that "content screening" software like antivirus or software to block malicious Java applets and hostile ActiveX controls can work with firewalls, routers, proxy servers, and caching devices--so-called "perimeter" products that sit on the edge of a corporate network.

The effort originated with Stardust and Finjan, whose software block malicious applets. A first draft of the scope and goals of the effort, due October 15, is being written by representatives of Finjan, firewall leader Check Point, antivirus vendor Symantec, and virtual private networking firm Aventail

But backing CCI would change how firms like Finjan and Check Point operate. Check Point has published an API called "content vector protocol" or CVP that lets antivirus and applet-blockers interoperate with Check Point products.

Bradley Brown, Check Point director of business development, said the new effort could be a successor to CVP, which already has wide adoption among content-screening software vendors.

"It's an interesting effort--I think there's a glimmer of hope for it," he said. Finjan has a similar but smaller Java Security Alliance for firms that support its API.

"This broader effort benefits the entire industry," said Penny Leavy, Finjan's vice president of marketing. "If the industry grows, we grow--you've got to look at the bigger picture." With a standard API, vendors can compete on the quality of their products.

About 30 firms participated in the first "birds of a feature" session last week in San Jose. They included IBM, Hewlett Packard, Cisco Systems, Novell, NEC, Hitachi, Axent, Trend Micro, firewall appliance firm Watchguard, firewall vendor Milkway, and JSB.

A number of other industry efforts exist, including a series vendor groups for firewalls, mobile code, and other security mechanisms overseen by International Computer Security Association. Those are primarily to set testing criteria for certification and don't compete with the standards effort.

The new content-oriented API parallels similar efforts on IP Multicasting multimedia over networks and WinSock for IP stacks. Stardust's Hall played key roles in both those efforts too.

Companies interested in joining the mailing list for the new API can sign up on Stardust's Web site.