I am looking for information on commercial off-the-shelf (COTS) encryption
products that can be used to provide firewall-to-firewall encryption
(node-to-node). The device would encrypt based on source/destination
address and if possible by network service (port).
One of our customers has a network of firewalls and they would like to
protect their network traffic over the Internet (firewall-to-firewall) but
still be able to communicate with the outside world. The firewall
configuration is the same at each of the nodes. At the present time, a
user must go through a challenge/response sequence at each firewall. The
customer is exploring security technologies that could eliminate the need
for a challenge/response dialogue at each firewall.
Inbound connections (e.g., TELNET, FTP, dial-in) from a user that is not
behind a node firewall would still be required to go through a
challenge/response dialogue (strong authentication) at the firewall.
I am aware of the following products that are available or plan to be
available to perform this functionality.
1. swIPe (publicly available, however I am looking for COTS products)
2. TIS Gauntlet (available in next release, est. May time frame)
3. UUNET Technologies LANGuardian
4. ANS Interlock
5. MorningStar Technologies, Inc. EXPRESS Router
6. Hughes NetLOCK
7. Motorola Network Encryption System (NES)
8. Cisco/Cylink (future)
If there are other products, could you please send me e-mail or fax me the
information.
I am not looking for information on secure E-Mail, FTP, etc. software packages.
I can post a summary if people are interested.
-Brian
Respectfully,
Brian W. McKenney Mail Stop: Z-202
The MITRE Corporation 7525 Colshire Drive
McLean, VA 22102
Voice: 703-883-5463 Fax: 703-883-1397
Follow-Ups:
|
|
