The Scoop on Network Security: EcoNet.com launches effective new weapon
NOTE: If you thought your network was “secure,” you'd better learn what that doesn't mean. This one is a little techie in nature, but worth plowing through for what you'll learn. To my knowledge, this story hasn't broken in the general or industry press. I'm claiming a “scoop,” whether I can prove it or not.
—M. A. “Ryan” Yuhas, Process Effectiveness Consultant
EcoNet.com in Dallas, Texas, has launched a highly cost-effective intrusion prevention system/subscription service that detects and stops network intruders in their tracks, and doesn't let them back in for another try. It's called EcoNet Sentinel, and it is a new invention that actually looks at an incoming cyber-attack and shuts it off at the same time.
Fears about the safety of our networks have likely contributed to the stale economy. Money that would be directed toward better utilization of the technology, has instead been diverted to beefing up security in an atmosphere of vulnerability. Many of us are spending a tremendous amount of energy and dollars to develop and implement Internet security solutions. For a mere two-hundred dollars a month, Sentinel offers a way to free that energy and money up-and use it to grow an organization and supporting infrastructure, instead of building fortifications.
Ask any CEO if their network is secure and they'll probably say, “Sure, my CIO has assured me we are secure.” What they don't know is that “secure” is a relative term, and that the average network is full of exploitable holes when it's hooked up to the Internet via a T1 line or other connection. Most networks have blocked outside traffic only later to find they must allow the traffic back in. If the network is connected to an Internet email server (port 25), allows the public access to webpages (port 80), allows FTP transactions (port 21), etc., those open ports mean it's no longer secure. In order for an organization to take advantage of the value of the Internet, it most certainly has to compromise security.
A hacker or cyber-terrorist can scan a system to see what ports are available to exploit, then take action to attack the network by either finding and downloading sensitive information, or by uploading and implanting viruses or Trojan code, among many other options. Other attacks can be made through email by individuals purposely or unwittingly sending Trojans and viruses via attachments.
Sentinel monitors the behavior of incoming traffic (e.g., someone conducting a scan for open ports), as well as looking for all known virus and Trojan code. In the event it detects abnormal traffic or hostile code, it will cut all current and future contact with that offending TCP/IP address. Should it be a false alarm, or a “friendly” inadvertently sending hostile code, it is easy enough to open their connection again, once you've pinpointed the problem and resolved it.
I know there are other companies who are developing systems similar to Sentinel, especially on the high end. Right now it's the only game in town, and holds a great deal of promise. It has the added advantage of being developed and marketed by a “dot com” that has handily survived the downturn. This is a profitable and stable company, with a product that should have some legs. With a price tag of two hundred dollars a month, the typical T1 user should consider this kind of protection to be a steal.
In the U.S. economy, we aren't about making widgets anymore. Our money will be made in the management of information-developing, warehousing, and maintaining data. When we're forced to spend money on security, it takes away from the money we should be spending to grow our economy. Sentinel represents a smart and cost-effective way to get more of our investment pointed in the right direction-forward.
© 2002 M. A. “Ryan” Yuhas
InterDimension Strategies Inc.