Information Security News mailing list archives
Air Force tests phone firewalls
From: InfoSec News <isn () C4I ORG>
Date: Fri, 11 Aug 2000 01:19:41 -0500
http://www.gcn.com/vol19_no22/com/2574-1.html Forwarded By: Todd Beebe <tb714 () freenet tlh fl us> August 7, 2000 A novelty for telephone networks, the technology gets a field test at two locations By William Jackson GCN Staff The Air Force is studying the use of telephone firewalls to improve security and management of its phone systems. We would like to have proactive, automated policy enforcement, said Capt. Mary Plies, chief of information warfare capabilities at the Air Force Information Warfare Battlelab in San Antonio. It is usually a smart idea to go automated any chance you get. Firewalls -- standard equipment on data networks still are a novelty for phone networks. To try out the concept, the Air Force Space Command is installing 50 TeleWall appliances from SecureLogix Corp. of San Antonio at Peterson and Schriever Air Force bases in Colorado. TeleWall will monitor all incoming and outgoing calls at the bases and enforce security policies set by administrators. The Space Command, headquartered in Golden, Colo., is sponsoring the test, but the lab will do the performance evaluation. We chose the sites because we wanted to make sure we had representative operational environments, Plies said. Peterson has an older infrastructure, and Schriever has gone all digital. Trial by fire The lab does not do formal product evaluations. We try to infuse new technology into the Air Force by doing quick turnarounds, Plies said. We see if it really works, see if it crashes when its in the field. The lab focuses on technologies rather than products, determining whether they are mature enough to be incorporated into Air Force systems. After collecting surveys from users in the field, the lab will report its findings and recommendations to the Air Force Requirements Oversight Council, which specifies program requirements. The Air Force has policies for telephone use, but enforcement is casual and confined to obvious violations such as hooking up a notebook computer to a fax line. The policies can be programmed into TeleWall, which automatically applies them to all calls routed through it. The appliance can terminate and log calls and notify a manager of violations. The logs give a comprehensive view of a distributed telephone system with private branch exchanges. TeleWall is the second product from SecureLogix. The first was TeleSweep Secure, a so-called war dialer that an administrator can use to survey a phone system for security holes such as unauthorized modems or receiver modems with weak passwords. About a quarter of SecureLogix employees have had experience at the Defense Information Warfare Center. The government is one of our largest potential client bases, said John B. Dickson, director of business development. TeleWalls sensor box interfaces with the telephone system on the trunk side of the PBX and enforces policies on incoming and outgoing calls. It supports analog, Integrated Services Digital Network primary-rate interface and T1 connections. A 10/100-Mbps Ethernet connection to a LAN, WAN or the Internet provides a link to a server. TeleWall server software runs under Microsoft Windows 98 or NT on a Pentium II or faster computer with at least 128M of RAM and 500M of free storage. The server can centrally control up to 27 appliances. Policy check The client software is the user interface where policy is defined and reports viewed. It requires a Pentium II or faster computer running Win98 or NT with at least 64M of RAM and 500M of storage. TeleWall differentiates between voice, fax and modem calls and applies policies accordingly. Policy can be set down to the individual phone numbereither caller or receiverand can block unauthorized calls. TeleWall notifies the manager of policy violations by e-mail and pager. The log usage reports can focus on individual numbers or locations of callers, time of day, type of call and numbers called. We will probably have the system just logging a lot of the time, Plies said. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Air Force tests phone firewalls InfoSec News (Aug 11)