>See the Network Security System (NSS) from Semaphone Communications Corp.,
>408-980-7750.
>
>I have literature from this company, and it looks very promising. Handles
>numerous higher level protocols (e.g., TCP/IP, IPX, Apple, DECnet, etc.)
>and (I assume) it encrypts only the data portion (allowing intermediate
>networking to work unchanged), and only for selected srcs/dsts. Seems to
>be lots of options.
It's an impressive sounding system but the next release should
be more interesting. Last time I spoke with Semaphore, the encryptors
only worked host to host and could not work on a network to network
level. Also, the configuration/key management station was an expensive
486 machine running Oracle and OS/2... They're planning on a future
release of the stuff that may handle network to network level encrypting
and will have better thruput, but my initial reaction to their system
was "Darn. They almost got it right." It'd be really really useful
if you were in an environment where you don't trust your LAN itself and
need to encrypt between hosts locally or remotely. But - most of us want
network to network encryption, and, though the units themselves are
fairly cheap (a box that can handle 15 workstations is a few $k) the
darned 486 server costs much more than everything else combined. And
having OS/2 rammed down ones's throat is no fun, either. I gather they
are thinking of porting the management station to Windows NT.... :(
mjr.
|
|
