January 21, 2004

Cyberguard releases firewall on a PCI card

You ever have an idea, you know its right, but it just doesn't work out the way you like?

Well, for those who know me know I invented the Firecard (now called GGBlade) over 5 years ago. It was the first completely embedded security device on a PCI card, and was heading to be a network card replacement, designed to be a security deployment platform of different technologies to help the infosec field. (With the ultimate goal to become an integrated chip to be placed on any network endpoint, including cellphones and PDA.) Even before the "bladeserver" idea was coming to market... I was designing a kewl foundation for "security blades".

To this day I have cards running firewalls, IPSec VPN tunnels, vulnerability scanners and even an few IDS sensors. (Although none of them are running the outdated version of Gateway Guardian that hasn't been updated/patched since I left. I now use a more customized version until the current dev team at NetMaster releases some updates to all the vulnerable packages... which I hear is supposed to be RSN.)

One of the things I was designing before I left was the ability to dynamically reprogram cards in the network to do different tasks. Imagine... scheduled reprogramming to dynamically shift FireCards to act as vulnerability scanners, completing their scanning/testing tasks and then becoming IDS sensors. All automatically. Before an attack, to reprogram itself to rescan hosts... finding vulnerability and resetting its IDS configuration to continue to watch for those attacks, all while updating the main firewall to prevent the attack from occuring. Ya I was designing kewl stuff. And one of my goals was to basically make these cards act like security endpoint clusters, working together in a meshed network to provide a more integrated and intelligent secure defensive posture. (I always wanted to beowulf cluster these things. I always gave Alan crap when he wanted to make a SETI package for FireCard... all the while secretly wanting to make a cluster of these to do similar things *lol*. Guess the professional side of me won over :) )

Anyways, it seems Cyberguard has announced that they now have a network card doing just that. Its not using the dynamic reprogramming I was designing.. but it is a full fledged network card with complete security functionality. We have seen firewalls on a card come out since we launched FireCard at Comdex years ago... but this is one I actually think might work. And since its running Linux... it wouldn't be too hard to port some of my old ideas and research to it.

Course.. I left this field of research for a reason... and have no interest in doing this myself. But if you are curious into hacking similar functionality into these cards, it wouldn't be too hard.

Have fun.

Posted by SilverStr at January 21, 2004 09:36 AM | TrackBack
Comments

Actually it was updated January 5th. I installed and updated my card last night and the process was quite painless.

Posted by: Arcterex at January 21, 2004 12:38 PM

Wow. Kewl to hear there is a release. Wonder why they never emailed the world about it.

*sigh*

Posted by: SilverStr at January 21, 2004 04:42 PM

Ayup.

Posted by: Arcterex at January 21, 2004 11:21 PM

Duh... was going to say, .... I don't know how often I run the management console... maybe once every 3 months? twice a year maybe?

Posted by: Arcterex at January 21, 2004 11:22 PM

Dana - http://safetynet.netmaster.com/support/updates.shtml was updated before Jan 8.

Why didn't you guys set up advisory system?

Posted by: Wim at January 22, 2004 12:39 AM

You are asking the wrong guy. I have no clue why the advisory system wasn't reactivated. To be honest, last time I knew, there was a customer list and all new announcements were supposed to be sent to it.

Guess they didn't feel customers needed to know about the security updates. The update is buried on their site... unless you knew where to look... you wouldn't know. Especially since most people would be tired of doing update checks for over a year without anything coming down... human nature would probably cause the user to stop checking. You would think then would want to advertise it on the front page. Oh well. Not my problem.

Posted by: SilverStr at January 22, 2004 08:08 AM