Great Circle Associates Firewalls
(November 1993)

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Ethernet data encryptors
From: mjr @ TIS . COM
Date: Tue, 2 Nov 93 16:15:28 -0500
To: dep @ galileo . siemens . com, zeleznik @ cs . utah . edu
Cc: firewalls @ GreatCircle . COM

>See the Network Security System (NSS) from Semaphone Communications Corp.,
>I have literature from this company, and it looks very promising.  Handles
>numerous higher level protocols (e.g., TCP/IP, IPX, Apple, DECnet, etc.)
>and (I assume) it encrypts only the data portion (allowing intermediate
>networking to work unchanged), and only for selected srcs/dsts.  Seems to
>be lots of options.

	It's an impressive sounding system but the next release should
be more interesting. Last time I spoke with Semaphore, the encryptors
only worked host to host and could not work on a network to network
level. Also, the configuration/key management station was an expensive
486 machine running Oracle and OS/2...    They're planning on a future
release of the stuff that may handle network to network level encrypting
and will have better thruput, but my initial reaction to their system
was "Darn. They almost got it right."   It'd be really really useful
if you were in an environment where you don't trust your LAN itself and
need to encrypt between hosts locally or remotely. But - most of us want
network to network encryption, and, though the units themselves are
fairly cheap (a box that can handle 15 workstations is a few $k) the
darned 486 server costs much more than everything else combined. And
having OS/2 rammed down ones's throat is no fun, either. I gather they
are thinking of porting the management station to Windows NT.... :(


Indexed By Date Previous: SOCKS-compliant NCSA telnet for Macs?
From: ericm @ angst . MicroUnity . com (Eric Murray)
Next: Packet filtering/screening with SunLink ISDN anyone?
From: sten @ ergon . ch (Sten Gunterberg)
Indexed By Thread Previous: Re: Ethernet data encryptors
From: zeleznik @ cs . utah . edu (Mike Zeleznik)
Next: Re: Ethernet data encryptors
From: zeleznik @ cs . utah . edu (Mike Zeleznik)

Search Internet Search