BAE SYSTEMS innovation protects web-based systems from new cyber threat
21 Mar 2002
BAE Systems, in partnership with QinetiQ, has developed a firewall product which offers protection against a new vulnerability discovered in the SNMP V1 internet standard protocol, which could allow cyber attackers to gain control of, or take down, commercial and military networks.
The SNMP protocol is employed in software-based systems such as servers, routers and printers - more than 200 vendors' products and millions of devices are therefore at risk.
The Oulu University Secure Programming Group from Finland discovered the vulnerability in V1 of SNMP and alerted the international Computer Emergency Response Team (CERT) which has been working with a wide range of parties to produce a fix. While some businesses have already produced patches, many other suppliers are still in the process of developing fixes and making them available.
BAE Systems Communications & Defence Infrastructure at Portsmouth, United Kingdom, can now offer its MIDASS firewall to protect systems against external attacks attempting to exploit this and similar vulnerabilities
MIDASS has been specifically designed to support the secure management of multiple networks operating at different security levels. Its exacting specification, reflecting demanding military requirements, ensures that only traffic approved by a security policy can transit the firewall.
The recently discovered SNMP vulnerability is exactly the type of attack MIDASS is designed to detect, preventing attackers from transiting onto the network while still allowing full remote management of network elements
NEWSLETTER
|
Join the GlobalSecurity.org mailing list |
|
|