Security

If you are as crazy about security as I am, then I would like to share with you a recent find. Our office acts as national coordinating counsel for product manufacturers, and we have undertaken enormous efforts to overhaul our computer infrastructure. At the core of this project, we focused on two key factors — stability and security.

At the forefront, we needed a robust firewall for our sacred data. We understood the inherent security risks with having an Internet connection in our office. This connection, if left open, provides a gateway for every individual using the Internet into our office data systems. In our profession, knowledge of this risk could equate to malpractice if our data were ever compromised.

Firewalls come in a variety of offerings. Some are software based, and some are what is commonly known as a turnkey appliance (a complete system with hardware, documentation and installed software). The firewall product we chose was a turnkey appliance manufactured by CyberGuard Corp. in Fort Lauderdale, Fla.

While CyberGuard might not be widely known, its products are extremely powerful, and are clearly targeted at the security conscious, as opposed to the mainstream public. Many security analysts consider CyberGuard’s products to be virtually hack-proof.

CyberGuard manufactures four products, including the LX (for small office/home office-satellite offices); the FS Server Message Block; the KS (for medium to large offices or enterprises); and the SL (for enterprise and data centers). The FS, KS and SL are the products of choice for a number of banks, data centers and Internet Service Providers.

We chose the FS for our office needs. This unit is configured in a 1U rack-mount appliance. This is an Intel-based product running on a hardened SCO UnixWare operating system (OS). The OS was revamped from the kernel level up to optimize security and performance, with multilevel security, which grants privileges based on user role and prevents unauthorized root access. The unit also comes with six 10/100 Ethernet ports, which provides a robust path for use of demilitarized zones. And the firewall is available in high-availability configurations and comes with unlimited licenses.
Cyberguard’s firewalls have earned the Common Criteria EAL4+. The Common Criteria Evaluation and Validation scheme promotes end-user confidence in and usage of evaluated technology security products.

Cyberguard FS comes bundled with built-in virtual private network (VPN) support as standard. The VPN is an Internet Protocol Security-compliant product, and CyberGuard’s version offers a number of cryptographic algorithms, including Advanced Encryption Standard and triple-Data Encryption Standard.

Installation was performed by a CyberGuard engineer at our premises, who worked in conjunction with our IT administrator. One key observation we made during this time was a need for an understanding of UNIX. CyberGuard offers educational programs with various levels of training.

Performance for the FS is reported at up to 200Mbps throughput, with up to 550,000 simultaneous connections. Our usage, however, never came close to pushing those limits.

The system provides protection via static packet filtering, dynamic packet filtering/stateful inspection and smart proxies. A proxy service acts as a separate gateway through which every transmission is evaluated. The proxy also prevents a direct connection between an internal and external network (except via VPN).

We also were impressed with the customization of the proxies to our specific needs. We found the ability to strip incoming mail of certain attachments beneficial.

Another key element was the firewall’s logging capabilities, in which the FS performed excellently. The product allows you to specify in detail which activities should be logged. A review of our log files has revealed that even our small office is being watched, probed and attacked.

Documentation is supplied in portable document format, which include manuals on installation, configuration and maintenance. The materials were thorough and easy to follow.

Disaster recovery with the firewall is seamless. If you had a hardware failure, a new system can be up and running upon replacement within an hour. This is accomplished through a file recorded onto a floppy disk that contains all of the parameters for the critical components of the FS. The key to this feature is ensuring that your floppy is kept current.

The firewall performed as promised and had a very transparent security protection scheme. Cyberguard FS has a track record of ensuring protection, which is something you will not find with the competition.

Price: $11,245

Reviewed by Jonathan Franklin, an attorney based in Miami. He can be reached at LOCinfo@jfpa.com.

Dec/Jan '03 Issue

PROS
It's reliable; there have been no reports of vulnerability. CyberGuard is customizable and creates activity logs.

CONS
One needs to be familiar with UNIX.

VERDICT
Law firms with an Internet connector should give it a look. I recommend it since there have been no reported or known vulnerabilities.

  | Home  | 

|  Issue Archive  |  Resources  |  About Us  |  Contact Us  |  Subscribe  |

|  Subscribers  |  Advertisers  |

Updated 11/25/02
© Law Office Computing Magazine
www.lawofficecomputing.com
(800) 394-2626