[ISN] Security vendors discuss new protocol

From: mea culpa (jerichoat_private)
Date: Wed Sep 23 1998 - 15:25:47 PDT

  • Next message: mea culpa: "[ISN] nCipher Sets New Standard (secure crypto accelerator card)"

    Forwarded From: phreak moi <hackereliteat_private>
    
    http://www.news.com/News/Alerts/0,34,11031,00.html#2briefz2
    
    Security vendors discuss protocol
    By Tim Clark                           
    Staff Writer, CNET News.com
    September 23, 1998, 12:30 p.m. PT      
                                           
    Major Internet security vendors are discussing a common application
    programming interface that will let antivirus software and scanning
    products that block hostile Java applets work easily with firewalls,
    routers, VPNs, and other security mechanisms. 
                                           
    "This will increase the interoperability of products located at border
    control points in IP networks," said Martin Hall, chief technology officer
    of Stardust Forums, a provider of technical information and training. Hall
    chaired the first meeting on the Common Content Inspection application
    programming interface (API). 
    
    For network managers, a standard application programming interface could
    reduce the complexity of determining what security products work together
    and deciding which ones to buy. For developers, it would simplify making
    their products work with other security offerings. Instead of writing to
    separate interfaces for each vendor's product, developers could write to
    the Common Content Inspection API. 
    
    The API is designed primarily so that "content screening" software like
    antivirus or software to block malicious Java applets and hostile ActiveX
    controls can work with firewalls, routers, proxy servers, and caching
    devices--so-called "perimeter" products that sit on the edge of a
    corporate network. 
                                           
    The effort originated with Stardust and Finjan, whose software block
    malicious applets. A first draft of the scope and goals of the effort, due
    October 15, is being written by representatives of Finjan, firewall leader
    Check Point, antivirus vendor Symantec, and virtual private networking
    firm Aventail
    
    But backing CCI would change how firms like Finjan and Check Point
    operate.  Check Point has published an API called "content vector
    protocol" or CVP that lets antivirus and applet-blockers interoperate with
    Check Point products. 
                                           
    Bradley Brown, Check Point director of business development, said the new
    effort could be a successor to CVP, which already has wide adoption among
    content-screening software vendors. 
    
    "It's an interesting effort--I think there's a glimmer of hope for it," he
    said. Finjan has a similar but smaller Java Security Alliance for firms
    that support its API. 
                                           
    "This broader effort benefits the entire industry," said Penny Leavy,
    Finjan's vice president of marketing.  "If the industry grows, we
    grow--you've got to look at the bigger picture." With a standard API,
    vendors can compete on the quality of their products. 
                                           
    About 30 firms participated in the first "birds of a feature" session last
    week in San Jose. They included IBM, Hewlett Packard, Cisco Systems,
    Novell, NEC, Hitachi, Axent, Trend Micro, firewall appliance firm
    Watchguard, firewall vendor Milkway, and JSB. 
    
    A number of other industry efforts exist, including a series vendor groups
    for firewalls, mobile code, and other security mechanisms overseen by
    International Computer Security Association. Those are primarily to set
    testing criteria for certification and don't compete with the standards
    effort. 
    
    The new content-oriented API parallels similar efforts on IP Multicasting
    multimedia over networks and WinSock for IP stacks. Stardust's Hall played
    key roles in both those efforts too. 
    
    Companies interested in joining the mailing list for the new API can sign
    up on Stardust's Web site. 
    
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:05:29 PDT