Re: Internet Tunnel Question

• To: www-security@ns2.rutgers.edu
• Subject: Re: Internet Tunnel Question
• From: William C Curtiss <wcurtiss@grouper.hcsc.com>
• Date: Thu, 7 Dec 95 10:49:32 EST
• Cc: "Daniel W. Woycke" <woycke@smiley.mitre.org>, mckenney@smiley.mitre.org, "Prince, Cheryl" <cprince@mfi.com>

--- On Wed, 6 Dec 1995 11:50:50 -0500  "Daniel W. Woycke" <woycke@mitre.org> wrote:

>>On Tue, 5 Dec 1995, Prince, Cheryl wrote:
>>
>>> Digital recently released a new (?) way of using the public Internet 
	... Cheryl's note deleted.
>
>Actually there a a great number of products that do encrypted tunnels >over the Internet.  Here is some info from a co-worker of mine.  The >main difference in some of these services (ANS, Digital) is the degree >to which they manage your Virtual Private Network (VPN).
>
>The main issue I see with going with a service provider is that they >then become part of your security architecture.  If a service provider >empolyee becomes compromised, then your net may become compromised.  It >is in the best interest of the service provider to make sure that this >doesn't happen.
>
>Date: Mon, 14 Aug 95 13:40:33 EDT
>Mime-Version: 1.0
>To: firewalls@GreatCircle.COM
>From: mckenney@smiley.mitre.org (Brian W. McKenney)
>Subject: Firewall-to-Firewall Encryption Products (Survey Update)
>Cc: mckenney@smiley.mitre.org
>Sender: firewalls-owner@GreatCircle.COM
>Precedence: bulk
>X-Mdf: Mail for woycke sent to  woycke@smiley.mitre.org
>
>
>The following products are able to encrypt network traffic based on
>source and destination address of IP packets.  Some are also able to >encrypt based on the type of network service (TCP port number).  As a >result, sites can create a Virtual Private Network (VPN) on the >Internet.  Note that one would need two boxes in order to provide for >site-to-site encryption over the Internet.
>
>++If your product is missing, please let me know.
>
>Survey Date:  14 AUGUST 1995
>
>
>Firewall VPN Products are (in alphabetical order):
>
	... long list of vendors deleted

Harris Computer Systems' CyberGuard Firewall also has an encrypted private network capability. What seperates ours from other implimentations, is that we have defined an API so that the user (OK, administrator) may replace the encryption algorithm if they wish (we currently offer DES and are working on others).

Our entry would be as follows:
---------------------------

Harris Computer Systems' CyberGuard Firewall
  - Supports software DES and user replaceable encryption modules. 
Web URL:  http://www.hcsc.com
---------------------------
>
>   -Brian
>
>Respectfully,
>
>Brian W. McKenney
>Network Security Engineering
>The MITRE Corporation   Mail Stop:  Z-202
>7525 Colshire Drive
>McLean,  VA  22102
>Voice:  703-883-5463
>Fax:  703-883-1397
>E-Mail:  mckenney@mitre.org
>
>-----
>Thank You,
>
>Daniel W. Woycke, Senior INFOSEC Engineer       (703) 883-1362
>Network Security Engineering
>NIDR & Firewall Applications
>The MITRE Corporation

• Previous: RE: cgi communication
• Next: Re: WWW lists?
• Index(es):
  • Index
  • Thread