[ISN] Air Force pact to protect phone lines

From: InfoSec News (isnat_private)
Date: Mon Mar 11 2002 - 00:56:55 PST

  • Next message: InfoSec News: "RE: [ISN] Digital Destruction Was Worst Imaginable"

    March 11, 2002
    The Air Force plans to announce a contract today to plug one of the
    most commonly overlooked gateways into networks: telephone lines.
    Under the contract, SecureLogix Corp. will deploy its Enterprise
    Telephony Management (ETM) Platform at Air Force bases worldwide.  
    According to Lee Sutterfield, president of SecureLogix, the platform
    and bundled application suite will give the Air Force:
    * An enterprisewide, real-time tool to protect the data network from 
      attacks via the telephone line.
    * Control over voice network usage and security policy enforcement. 
    * Reduced phone bills and other operational costs through better 
      management of usage.
    * The ability to characterize and quantify its operational needs for 
      the eventual secure migration to IP telephony.
    "The ETM platform provides new capabilities such as real-time
    situational awareness and enhanced operational responsiveness of the
    voice networks in a fashion similar to [what is] currently done for
    data networks," said an Air Force official who spoke on the condition
    of anonymity. "Current telephony management is reactive. We know or
    hear something's wrong when we start getting lots of complaints,
    people can't make calls to another base or area for some reason. The
    ETM platform will allow us to be proactive."
    "The Air Force is the first large enterprise to ever have these
    abilities," Sutterfield said, adding that the SecureLogix tool will
    also enable the service to address and control authorized and
    unauthorized modem use.
    "Phone security is still a serious concern," said John Girard, vice
    president and research director of the network research advisory
    services practice at Gartner Inc. "Everyone turned their attention to
    the Internet, which arguably is a more efficient and less expensive
    place to hack, but unauthorized system access via [dial-up] modems
    continues to happen and cannot be ignored. SecureLogix has a very
    scalable and distributable system to cope with finding unexpected
    modems and the PCs and servers connected to them."
    The SecureLogix system is a PBX- independent, centrally managed
    platform that IP-enables any private voice network so that security
    and management of the network can be improved. It uses intelligent
    communications appliances coupled with a suite of bundled applications
    'including the TeleWall Telecom Firewall, TeleAudit Usage Manager,
    and TeleView Infrastructure Manager - in a centrally managed
    architecture (see box).
    TRW Inc., the prime contractor on the project, awarded an initial $2.5
    million equipment purchase order to SecureLogix on behalf of the Air
    Force, said Dan Vaughn, manager of global information technology
    products for TRW. The initial purchase order is part of a larger task
    order awarded to TRW under the Unified Local-Area Network Architecture
    II contract.
    Vaughn said TRW will install and deploy the SecureLogix hardware and
    software and will also provide training at various Air Force
    The Air Force will be conducting a full-blown field service evaluation
    of the platform in May at the HQ Air Education and Training Command's
    Network Operations and Security Center and at four bases  Randolph,
    Lackland, Tyndall and Luke. Service officials expect to begin
    deploying the system during the summer, the Air Force official said.
    Sutterfield said that a single facility with several thousand phone
    users and up to 16 T1 lines can be fully configured and operational in
    about two days.
    The company is in ongoing discussions with about six other federal
    agencies and should be making some "fairly substantial announcements
    in the next few months," Sutterfield said, adding that the total value
    of the SecureLogix Air Force deal is $5.8 million.
    Closing doors
    Servers almost always have a dedicated modem connection for emergency
    remote access. Modems also serve as a primary point of maintenance
    access through copiers, fax machines or other network peripherals,
    said Lee Sutterfield, president of SecureLogix Corp.
    "That's a primary target for folks trying to get into the internal
    data network from the outside...and goes right around the firewall,"  
    he said.
    Using a technique known as "war dialing," which is a system designed
    to detect modems, hackers get in using the phone lines, set up bogus
    accounts and then back out the same way, Sutterfield said. Later, they
    use the false accounts to enter the system via the Internet.
    The TeleWall Telecom Firewall software can detect, log, alert and
    block unauthorized modem, fax, voice or video traffic. A single
    management server or client controls the centrally defined,
    rules-based security policies and can terminate unauthorized modem
    traffic and/or alert systems administrators in real time, he said.
    "The Air Force has spent considerable resources securing our data and
    voice networks," said an Air Force official. "However, an insider
    threat or unauthorized modem connection could open a 'back door' to
    our data networks."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Mar 11 2002 - 03:58:23 PST