Computers & Security, Vol. 77, No. 3

new applet or control as it is encountered. Network Computing, 15 April 1998, pp. 42-44.

PGP grows up, Dan Backman. PGP is now on its way to becoming an IETF standard, known as OpenPGE?

PGP is setting its sights on becoming an enterprise

security solution, but is it mature enough to take on

the responsibility of mission-critical messaging? The

conclusion of recent laboratory evaluations of the lat-

est release from Network Associates - the PGP

Desktop Suite - is that it incorporates strong features

of the enterprise, but it lacks effective certificate revo-

cation and places too much burden of certificate man- agement on the user. While PGP does add some

automation (like automatically searching for recipi-

ents’ certificates via LDAP when encrypting a mes-

sage) certificate management should be more trans-

parent. Also, there is no reason for implementing an

entirely new and separate PKI for secure messaging when an accepted one is already available. PGP also

suffers from various irritating incompatibilities, pri-

marily from its plug-ins to host E-mail clients. Network Associates delivers a well integrated PGP

solution. Unfortunately, PGP is not quite ready for

general enterprise use. Until its is finalized as an IETF

standard, PGP should be treated as a proprietary tech-

nology. Network Computing, 15 April 1998, pp. 54- 64.

Managers keep an eye on security, Anita Kurvk. Network managers appear to be very tolerant. Not

only do they evaluate, purchase, set-up and install net-

work components, but they deal with security as well.

The latest study from Zona Research, undertaken

with the Computer Security Institute, sheds light on

how network managers are coping. Managers are expected to provide access to information from inside

and outside the network; they are also being told to tighten the reins on information for fear of security

breaches. 58% of the survey’s respondents said they

expect their security budgets to increase in 1998, sig- nalling that the subject is considered significant. Two-

thirds of respondents said that their network informa-

tion is centrally managed, most likely indicating that

companies are interested in keeping tight control of data. The most popular security already in place is

anti-virus software, followed by access control, physi- cal security and firewalls. Low on this list were digital

signatures, single sign-on and biometrics. However, high on network managers’ purchase list for the 1998

are encryption, firewalls, and single sign-on. Network Magazine, March 1998, p. 22.

Kicking firewall tires, Char Sample. How do you

choose which firewall is best for your network?

Firewall selection depends largely on security policy.

The looser security policy is, the fewer controls are

needed on the firewall; likewise, a very tight security policy will require tighter controls on the firewall.An

inverse relationship exists between firewall throughput

and firewall security. Regardless of the technology, each of the commercial firewalls supports many of the

same features. The difference is in how these features

are implemented.The underlying firewall technologies

are packet filtering, state&l inspection and proxying.

Packet filtering examines the details of incoming IP

packets, and then, using established criteria, either

accepts or drops them.While packet filters look at the criteria in the packet header, state&l inspection exam-

ines sessions occurring between the client and the

server, intercepting packets at the network layer. Two

stateful inspection products receiving a lot of atten-

tion are Checkpoint Software’s Firewall-l and Cisco’s PIX. In direct contrast to filtering/ inspection tech-

nologies are proxying technologies. As the name

implies, proxy-based firewalls typically secure TCP connections by using an intermediary that accepts and creates the connection on behalf of the client. Trusted

Information System’s (TIS) Gauntlet Internet

Firewall, Raptor’s Eagle and Secure Computing’s

Sidewinder utilize the same proxying technology, but

differ in terns of OS and support and ease-of-use. They also differ with respect to vendor issues -

where vendor reputation and experience are relevant.

Finally there is the matter of interoperability. At the moment, firewalls do not work well with one anoth-

er, however there has been a movement toward inter-

operability with Virtual Private Networks and IPSec (IP Security) compliance. Network Magazine, March 1998, pp. 56- 60.

Forensic computing helps firms track high-tech fraud, Shailagh Murray. Rising computer crime and the dificulty in tracking it down have led to a boom

in the business of forensic computing. Firms are main-

223