In this White Paper, we review the sophisticated techniques CyberGuard used to implement this same level of security in our next generation firewall product, and the resulting technical and operational benefits. Even of the firewall were to be compromised, no further network incursions would be possible. Likewise, a user seeking network connectivity can never gain access to the firewall’s management functions. A user who has been authenticated and authorized for administrative access can never leave the firewall and connect to the network. Together, MAC/MLS completely insulate the operating system layers used to inspect and transport packets from those that allow the firewall to be configured and managed. CyberGuard’s heritage in developing secure real-time operating systems for the US Department of Defense is evident today in our Mandatory Access Control (MAC) and Multi-Level Security (MLS) operating system technologies. Correctly implemented, this eliminates the risk that a service running on the hardened OS could be exploited by a hacker to obtain root level privilege and then “highjack” the firewall. #Firewall cyberguard reviews software#Clearly, this is not a “hardened OS” but really a “patched OS.” A true hardened OS is one in which the vendor has modified the kernel source code to enforce a security perimeter between the operating system, firewall software and network stack. Many vendors claim their network security products are built upon a “hardened OS.” What you will find in virtually all cases, is that the vendor simply turned off - or removed - unnecessary services, and then patched the OS for known vulnerabilities. What is a Secure Firewall Operating System? While industry experts may debate which firewall architecture provides the optimum level of security, few would disagree about the critical importance of a secure firewall Operating System. Henry MCP+I, MCSE, CCSA, CCSE, CFSA, CFSO, CISSP, CISM, CISA Senior Vice President CyberGuard CorpĪ CyberGuard Corporation White Paper September 2004Ĭopyright 2004 CyberGuard Corporation. Secure to the Core: The Next Generation Secure Operating System from CyberGuard Paul A.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |