http://rtnews.globetechnology.com/servlet/RTGAMArticleHTMLTemplate/C/20020513/gtcenturion?tf=tgam%252Frealtime%252Ffullstory_Tech.html&cf=globetechnology/tech-config-neutral&slug=gtcenturion&date=20020513&archive=RTGAM&site=Technology By IAN JOHNSON Globe and Mail Update Monday, May 13 2002 Keith McNally says "divine intervention" led his company to team up with the Canadian military to build a new computer security device. "I would love to say we did it all ourselves, but the [military] engineers were the ones who were the key to making this all come together," Mr. McNally, president of Madison Systems Inc., said. "It really came about a bit by fluke, we were just in the right place at the right time while the same idea was turning through everyone's head." Several years ago, the Aurora, Ont.-based company developed the Centurion Network Security Switch RJ45/11 to protect network connections against hackers. But Mr. McNally, a security buff, had bigger plans for the company's next product, the Centurion II. He wanted to protect hard drives with a piece of virus- and hack-proof hardware so that even if network security was breached, there would be no way to steal or alter the files. While on a trip to the NORAD military base under Cheyenne Mountain in Colorado Springs, Colo., for another project in 1999, Mr. McNally happened to bring up his pet project in a conversation with some of the engineers and military brass. He was given a contact at Canada's Communications Security Establishment, the equivalent of the U.S. National Security Agency. "I kept banging on their door and getting put off, but finally they gave me an interview. An engineer said I had 15 minutes so I'd better make it quick, and when I showed him the diagrams and rough drafts, it turned into a three-and-a-half hour meeting," Mr. McNally said. The engineer showed him a patented prototype card that worked along similar lines to Madison's proposal, a concept device that had been developed for the military but never put into production. "It was disheartening, because we'd been working on something similar for more than a year. I asked if they'd sell the patent and he said no, but then he said a partnership of some sort might be possible," he said. The groups negotiated over the course of several months, and a deal was hammered out on April 4, 2000. Since then, Madison has been tweaking the technology to make it marketable, and tracking down hard-to-find components for full-scale manufacturing. "The card was so archaic when we first got it, the prototype board was about two feet long with wires and things all over it. Now we've miniaturized everything into a standard PCI or ISA card to fit any PC," Mr. McNally said. "Without word of a lie, it was just breadboarded in a single logic-type chip design, I've never seen anything like it," said software designer James Mitchell, head of Aurora-based Mitchell consulting and engineering, who has been helping Madison perfect the product. "But Madison took the basic idea and they've completely redesigned it." The result of Madison's efforts is the Centurion II. The card is basically a sophisticated I/O controller that oversees the operation of a PC or server's hard drives. It allows a user to set certain read and/or write functions in order to enable or disable file access, acting like a gatekeeper for the hard drive that is independent of the operating system, the company said. "The patent is for functions that give the capability to logically partition a drive in a way to create read-only access areas," Mr. Mitchell said. "With that advantage, you can secure data, which is especially important for machines connected to Internet ... it's a physical block between any command or block of data being sent from the outside to the hard drive." The Centurion II can lock entire IDE drives (a SCSI version is in development), or just certain parts areas of the drive on everything from PCs to Web servers, the company said. It can give selective access to specific directories, sub-directories or individual files. "When proper protocols and procedures are followed, the unit is dislocated from virae, hackers and overall intrusion or malicious code," Mr. McNally said. "The card is independent of everything running on the machine. We don't protect the operating system from attacks, we protect the hard drive's files themselves, so you can't alter them or reformat the drive or anything like that." The Canadian Department of National Defence still holds the patent for the technology, and Madison has the licence to further develop and commercialize it. In return, the DND will get a portion of the net income from Centurion II's sales. "We have added bells and whistles to give it the versatility that is needed for the average user or an administrator," Mr. McNally said. This includes password system to let authorized users log on to the computer, and a special key that administrators can plug into the card (along with a password) to alter its configuration, then remove so that nobody can play with the settings. "We purposely made it simple to operate so that anyone can use it - home users, businesses, government workers, anyone," Mr. Mitchell said. If someone tries to write to the drive, it creates a log file that tells where the request came from on the network, and it can be set up to notify an administrator by pager or e-mail. If they write to a drive that isn't fully locked, the log file tells administrators what was written where on the drive so they can go back and remove it if necessary. "The card locks out outside interaction with the hard drive altogether if you choose, and the background software listens to the card to warn of illegal access attempts," Mr. Mitchell said. The Centurion II will be officially launched at the Canadian Information Technology Security Symposium (CITSS) in Ottawa this week, and is expected to sell in the $350 range initially. Mr. McNally said the goal is to bring the price down to the $200 range when volumes increase. Windows 98 and NT software is available for Centurion II now, and versions that run with Windows XP and Linux are in development, Mr. Mitchell said. The company is negotiating reseller agreements, with a particular focus on the government market, but it is also selling the Centurion II on its Web site. - ISN is currently hosted by Attrition.org To unsubscribe email email@example.com with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue May 14 2002 - 03:58:47 PDT