3COM: Beware the Inner Enemy

By eweek  |  Posted 2001-04-09

In order to protect enterprises from themselves, 3Com this week will announce a network interface card with firewall technology embedded directly on the chip.

As enterprise networks grow, theyre also opened up to more employees, contractors and partners, increasing the chance that security will be breached.

A recent government survey found that 70 percent of unauthorized network access in 2000 came from inside the network, up from 55 percent in 1999. While network firewalls bar unfriendly outsiders, the problem is: What happens to the ones inside?

Thats why John Harrison, a 3Com product line manager, believes firewall protection needs to be directly at the desktop.

"Everyones been focused on putting a bulletproof firewall at the front entrance, and its paid off — youve had less penetration by outsiders," Harrison said. "But theres been more by insiders, and its really them that are the weakest aspect of the companys network."

Enterprise architecture is changing. Partner relationship software has made it simpler to share network resources with partners and contractors for collaboration. Usually, a business will set up a separate server to deal with these relationships.

According to Harrison, a common intrusion scheme occurs when company A has a relationship with company B, while company B has a relationship with company C. If theyre all collaborating using the same systems, company C could very easily steal information from company A.

The 3Com solution, which uses technology developed by Secure Computing, is among the first to put security on a chip. Other firewall vendors, such as Check Point Software Technologies, install their products on the desktop computer.

Harrison said that makes the security vulnerable to typical operating system attacks. The recent Microsoft corporate attack was accomplished on PCs running individual firewall software, he said. 3Coms new NICs, scheduled to be available in the third quarter, will be able to control network traffic at the protocol layer, before it ever reaches the software on the PC.

For those businesses already using 3Com NICs, only a software upgrade is required to use the technology. So far, Harrison said, the widest interest in the cards is from Department of Defense offices.

Rocket Fuel