While firewalls are designed to keep outsiders from getting into corporate intranets, new security software coming out from a tiny Seattle start-up and Hewlett-Packard bolsters security by keeping track of employees, too.
Aventail today released beta versions of security software that it claims is more secure than the firewalls many companies use to shield corporate networks from the Internet. The company is funded in part by Internet investor and CyberCash chairman Dan Lynch.
Aventail based its Security Manager and AutoSocks 2.0 client software on the Internet Socks5 security standard, a protocol created by NEC researchers and endorsed by the Internet Engineering Task Force.
The Gartner Group has predicted that by 1998, all leading firewall vendors will have integrated Socks5 in their products.
Security Manager works with firewalls or routers but allows authentication based on user names, instead of relying on IP addresses as do firewalls, and boosts security by preventing direct connections between internal and external machines.
Security Manager also includes management features such as traffic monitoring for internal billing and security purposes; notifications of unauthorized or peculiar activity; activity logs; content filtering; and protocol filtering so that IS managers can block specific applications. Security Manager also uses Microsystems Software's Cyber Patrol filtering technology to let companies control which sites employees are able to visit.
The AutoSocks 2.0 client software, also based on Socks5, allows users to get through any firewall or server based on the Socks4 or Socks5 protocols. Without AutoSocks or a similar product, applications vendors would have to recompile their TCP/IP applications individually to be compatible with Socks-based software such as Security Manager. IBM Network Gateway, Netscape Proxy Server, and NEC's PrivateNet are all Socks4-based server products.
In a separate but similar announcement, HP unveiled a Web-based version of its Praesidium/Authorization Server, HP's enterprise security framework. The Authorization server lets administrators set up access rules for both Unix and NT applications. The HP product makes rules for each individual user that apply wherever they log in rather than having to define new controls for each computer the user touches.