I believe this announcement is of interest to firewalls...
...there are some very interesting items below, including IBM setting
up their own CERT squad.
I apologise in advance if it has already been posted here and I just
haven't caught up with it.
> IBM Announces Security Software and Services to Protect the Enterprise
> September 28, 1995
> As part of its long-standing commitment to data security, IBM has
> announced enhancements, availability and pricing for a broad range of
> I/T security products and services designed to protect the enterprise
> from intrusion.
> The announcement includes:
> -- The launch of the Emergency Response Service , which provides expert
> incident management skills to clients during and after electronic
> security emergencies;
> -- A Customized Infiltration Tool Kit , to detect the most
> subtle weaknesses in a customer's Internet connection;
> -- Significant enhancements and price reductions on IBM's
> firewall product;
> -- The announcement for secure Web servers and browsers ;
> enhancements to IBM AntiVirus software to support Windows 95 **;
> -- The availability of a new release of RACF *, IBM's award-
> winning Resource Access Control Facility, which now provides
> password synchronization across your RACF managed systems;
> -- The announcement of Internet secure OS/400 *, the operating system
> for the world's most popular business computing system.
> Emergency Response Team Operational Worldwide
> In response to concerns about network infiltrations, IBM
> announced that its Emergency Response Service for commercial
> businesses is now operational for customers throughout the world.
> Chartered to provide swift, expert incident management skills to
> clients during and after electronic security emergencies, the
> emergency response team specializes in electronic disasters that
> affect data processing capabilities, and is available to
> customers on a subscription basis via IBM's Integrated Systems
> Solutions Corporation (ISSC)*.
> This global service periodically checks customers' networks
> and can act as an extension of clients' I/T staffs. In the event
> of a network break-in, the team helps customers detect, isolate,
> contain and recover from unauthorized network infiltration. They
> are on call 24 hours a day, seven days a week around the world.
> IBM team members, who have extensive incident management
> experience, develop an understanding of customers' networks and
> system architectures, as well as how their firewalls are
> configured and maintained.
> Customized Weakness Detection Kit
> IBM's Customized Infiltration Tool Kit, a sophisticated set
> of tools to detect security weaknesses in clients' Internet
> connections, is available today. With these tools, IBM can probe
> the subtlest weaknesses that the most sophisticated hackers might
> try to exploit.
> These tools exercise network connections that go beyond the
> capabilities of most existing tools on the market and are
> customized to match clients' specific network configurations.
> The Customized Infiltration Tool Kit is part of IBM's I/T Security
> Consulting offering, and was developed in conjunction with IBM
> Research's Global Security Analysis Labs in New York and Zurich.
> Advanced Firewall Security ***
> As part of these security announcements, IBM announces a
> new release and a price reduction for its firewall, the Internet
> Connection Secured Network Gateway*, to promote its wider
> availability and advance the state of security on the Internet.
> Formerly known as the NetSP Secured Network Gateway, the Internet
> Connection Secure Network Gateway will be available to the public
> on October 27.
> The firewall now supports AIX 4.1.3, and operates with the
> popular RISC System/6000* workstation. It contains an encrypted
> IP tunnel that encodes data from one firewall to another using
> DES, the Data Encryption Standard invented by IBM more than 20
> years ago, and Commercial Data Masking Facility (CDMF), an
> exportable encryption technology used outside of North America.
> The IP tunnel and key distribution is one of the first that is
> based on the latest IETF specifications, providing the most
> advanced technology for firewalls currently available.
> The Internet Connection Secured Network Gateway also includes remote
> administration and an alarm capability that allows a user to set
> alerts that are triggered when certain errors or other security
> violations occur.
> Secure Web Servers and Browsers ***
> IBM is also announcing the IBM Internet Connection Secure
> Web Servers for the OS/2* and AIX* platforms and IBM's Internet
> Connection Secure WebExplorer for OS/2 Warp. Using the industry
> standard protocols Secure HyperText Transfer Protocol (S-HTTP)
> and Secure Sockets Layer (SSL)**, these secure Web servers and
> browser will be commercially available on December 8. IBM
> Internet Connection Secure Servers provide several security
> methods for conducting commerce over the Internet, including
> public key data encryption technology.
> Anti-Virus Software and Services
> IBM also announced that its IBM AntiVirus software will be
> available for the Windows 95 platform in November. IBM AntiVirus
> software provides comprehensive virus detection, removal and
> protection for over 6,000 known computer viruses, and is widely
> available on the OS/2*, DOS**, Windows**, and NetWare**
> platforms for $49.
> IBM AntiVirus scans memory, hard disks, floppy drives and
> network servers for thousands of viruses, including polymorphic
> viruses that change to avoid detection, and viruses previously
> considered impossible to discover. To uncover unknown viruses,
> the software contains heuristics that attempt to find viruses by
> watching for behavior that is characteristic of viruses. IBM's
> anti-virus software products are available on the Internet via
> IBM's AntiVirus home page at http://www.brs.ibm.com/ibmav.html.
> RACF 2.2 Debuts
> IBM's acclaimed Resource Access Control Facility (RACF) for
> MVS will debut Version 2.2 this week on September 29. RACF is a
> versatile, effective security tool that protects MVS system
> resources from inadvertent damage and deliberate misuse of data.
> New features for RACF 2.2 include password synchronization and
> the ability to administer multiple remote RACF databases with a
> single command, without logging onto the remote systems. RACF
> 2.2 also features a "remove ID" utility that eliminates security
> problems created by old, unneeded user ID's, and has expanded its
> support for OpenEdition MVS by providing security checking and
> auditing for the XPG4 environment. RACF 2.2 also provides
> enhancements to its PassTicket support, an alternative to RACF
> passwords. With RACF 2.2 you can now use unique PassTicket keys
> for different RACF users and groups who need access to the same
> secured application.
> These new features build upon support provided in RACF 2.1,
> such as RACF's sysplex data sharing support which uses the
> System/390 parallel sysplex services to cache RACF data. RACF
> also uses these services to transmit selected administrative
> commands to peer RACF systems. The administrator can send these
> commands from one system to take effect on all systems enabled
> for sysplex communication.
> IBM has previously announced its intention to enhance RACF
> for VM by providing support for the OpenEdition POSIX and Shared
> File System features of VM/ESA.
> Internet Secure OS/400
> IBM's AS/400 operating system, OS/400, offers a fully integrated
> set of security features that have been evaluated to meet the U.S.
> Government C2 security criteria. OS/400 Version 2 Release 3 is
> scheduled to receive the C2 rating at the National Security Conference
> in October. Subsequent releases of OS/400 have been designed to meet
> C2 and IBM intends to continue to participate in the government
> evaluation process. Included in the C2 evaluation was the AS/400
> relational database DB2/400, which is integrated into the operating
> system, and utilizes the same security mechanisms as OS/400. This
> ensures the integrity of information stored in OS/400, as well as the
> security of user access to AS/400 computing resources, providing
> customers with unmatched security for midrange system computing.
> IBM's AS/400 provides full individual accountability via a
> centralized identification and authentication built into the
> system. Users are uniquely identified by a one-way DES encrypted
> Since all sharable data is contained in encapsulated
> objects, discretionary access control is maintained by each
> object manager using a system-wide access algorithm. Access to
> objects may be controlled through public, private, or adopted
> authorities and may be managed through user groups and common
> object authorization lists.
> Additionally, AS/400 provides a highly configurable set of
> auditing capabilities selectable to individual users, objects, or
> Hardware and software encryption/decryption capabilities
> supporting data confidentiality, non-repudiation, authentication,
> and data integrity are also available on AS/400.
> These announcements complement a wide range of I/T
> security offerings already available from IBM -- from encryption
> hardware and software, access control products, firewalls and
> security management and administration, to DCE security services,
> IBM Global Network security services and implementation services.
> Additional information on these offerings can be found through
> the IBM I/T Security home page, at http://www.ibm.com/Security.
> IBM's security products support the security component of
> the Open Blueprint. A white paper with information about
> security in the Open Blueprint is available for reference on the
> Internet at: http://www.torolab.ibm.com/openblue/openblue.html.
> For more information about other IBM products and services,
> see the IBM home page on the World Wide Web, located at
> * Indicates trademark or registered trademark of International
> Business Machines.
> ** Indicates trademark or registered trademark of the
> respective companies.
> *** Editor's Note: For more information on IBM's advanced
> firewall security and Internet Connection Secure Web Servers and
> Browsers, please refer to the accompanying press release.