When we talk about security here, we generally refer to corporate security and how to best implement it to protect a business. For 95 percent of companies, the standard advice applies.
But how do you deal with over 2,000 mobile users that don’t have desks, drive in armored vehicles and have to stay mindful of an attack, all the while trying to send secure communications and mission details?
Military operations often require a special kind of security that’s usually a step above that of a corporation. It also has to be one that can handle any kind of physical environment. We don’t often have to worry about –40 degree C weather, raging sand storms or artillery shells dropping from the sky. Very little of what is created for the IT industry is designed to be this tough.
Additionally, there is often little thought to security for rough and tumble environments. Think about it. How often does your cubicle dip below freezing? Do dust storms run rampant through your datacenter?
This isn’t the standard office environment but for the military and workers in extreme environments, this is business as usual. They don’t need to sacrifice the advantages that computers and networking afford because of conflict or the challenges presented by extreme climates.
Secure Computing and General Dynamics Canada don’t think so either.
Their combined efforts have created one of the toughest firewalls on the planet: MESHnet Rugged Firewall. Its compact, conduction cooled chassis (it can actually withstand temperatures from -40C to 55C) can run on military vehicle power. And its 15lb weight makes it portable if necessary. The best part is that it ensures security for the mobile unit with Secure Computing’s Sidewinder Firewall, all a single unit that looks the part.
As I spoke with Rick Bracken, Project Manager at General Dynamics, and Scott Montgomery, VP of Product Management at Secure Computing, it occurred to me that we’ve heard very little about truly securing mobile units.
Today’s militaries are well beyond trench warfare and radio communications that I remember dealing with. Signals are sent via the same kinds of networking environment that is used by the average business user. And it’s even more critical to ensure that these lines of communication remain open and secure. Unlike in the corporate world, a compromise in this environment could literally cost lives, and potentially, lose a war.
Not surprisingly, this product – initially designed for the British Ministry of Defense – conforms to the EAL4+ standard and meets MRPP (Medium Robustness Protection Profile). Installed onto the physical box is Sidewinder, which has the unique position of being the only firewall to incorporate both these standards.
I do love that this product is physically designed to meet the extreme challenges found in the kinds of environments faced by many of our troops. It can handle the rough and tumble terrain that many military vehicles face when roads are lacking. And because of its compact size, it can easily be deployed as is needed.
Even better, the firewall itself cannot be altered locally; only an administrator-level user can make changes. Additionally, there are no warnings displayed like software-based firewalls. It is either allowed or not. You can set rules based on role, rule/policy and/or at the application level.
It features four 10/100 ports: one is internal trusting; one is external trusting; one is DMZ and the last one is dedicated to management. This creates a very straightforward, yet advanced security appliance for an organization that requires simplicity when out on the field. No need to configure or reconfigure. Just plug it into the mobile vehicle’s power, plug in the cables as needed and you’re done.
But it’s also more than just a plain old firewall.
TrustedSource global reputation services are built-in. This means that based on monthly analysis of over 100 billion email messages, the firewall will learn which streams are legitimate sources of data and which ones are questionable.
Further, Sidewinder also has a built in IPS (based on a signature service) in addition to various “antis”: anti-spam, anti-spyware, anti-virus, and anti-fraud. And you can ensure that streams going through also are checked via URL filtering and SSL decryption. Normally, this would mean 5-6 different appliances, which would limit the space in a military vehicle, even by gargantuan Hummer standards. So by incorporating it all into one single, compact chassis, the device promotes better TCO and centralized administration.
So, what does this mean for corporations? Well, for some industries that operate in rugged, environmentally challenging places and need to ensure security compliance (say, oil rigs and major construction sites) this may be the answer.
Contact General Dynamics for pricing information and more details.
Article courtesy of Enterprise IT Planet