New product protects network borders

Hoping to capitalize on an increasing trend toward dedicated appliances, Mississauga, Ont.’s BorderWare Technologies Inc. has recently launched its BorderWare Firewall Server 6.5.

Features of this server include upgrades to its operating system, improved security with buffer and stack overflow protection, and an HTTP filter to protect against Code Red and similar worms, said Bill Simpson, BorderWare’s director of marketing. The main theme running through these upgrades, Simpson explained, is a push to capture enterprise clients.

“One key is that we’ve extended the number of network interfaces from three to six. Adding the additional interfaces means we can support larger enterprises that have more sophisticated requirements. That is, they may be protecting two or more internal networks from the Internet, instead of just one,” Simpson said.

Although buffer and stack overflow attacks require considerable skill to mount initially, once a hole is known even ‘script kiddies’ can exploit it, noted Simpson, who expects these threats to make Version 6.5’s permanent overflow protection an especially attractive feature.

“What we decided to do was to build into the firewall a compilation process for stack guard protection. So regardless of whether the particular applications or services that we run on the firewall should have a buffer of stack overflow vulnerability that we haven’t found, anybody exploiting it will get no return at all. That is, if they fire a buffer overflow attack at any one of the services, that service will just stop,” Simpson said.

According to Alan Freedman, research manager for servers and storage at IDC Canada in Toronto, firewall servers are a relatively new space that is growing, but not at the rates that were expected.

“People are still utilizing general purpose servers to do multiple workloads. However, [buyers] may start to think having a dedicated firewall server is a good idea, especially with the increased focus on security,” Freedman said.

With respect to security, Simpson said that S-Core – BorderWare’s own operating system, based on free Berkley Software Distribution (BSD) Unix and running on standard Intel-compatible architectures – is another key strength of the company’s new box. Especially compared to competitors like Checkpoint Software Technologies Ltd. that run on NT, he added.

“Our operating system is hardened over years and years of use and experience for use as a firewall platform. It’s not a general-purpose operating system like NT or Solaris, which the network administrator – who may of may not have the time and skills – has to harden themselves. The immediate advantage is that when they get our product it’s all wrapped up into one integrated system, it’s been secured and hardened and the vulnerabilities removed,” Simpson said.

Although Freedman said it’s possible to break into the enterprise market, it ultimately means fighting against the big appliance vendors like Sun Microsystems Inc.

“Even if you do have a new type of application or appliance server that you’re launching, chances are down the road it’s going to be duplicated by one of the major vendors. On the other hand, it seems that BorderWare would have an opportunity here because of the fact that, strictly speaking, there’s not a lot of competition in the firewall area,” Freedman said.

Despite heavyweight competition and a still-emerging market, Simpson believes that by zeroing in on security, BorderWare can still compete.

“We’re not selling the firewall because it’s red with flashing lights on front, or because it makes multi-coloured reports, or because we have a huge marketing budget that can blow away noise about everyone else. The things that we focused on are very fundamental, hardcore security issues and that’s the strength that we want to promote.”

BorderWare’s Firewall Server 6.5 is available now, and ranges in price from US$1,000 to US$11,000.