| Vote for me in Wireless LAN (WLAN) Top Sites List |
Click
Here for International Mobile Rates Starting at $0.05 per minute from
Your Wireless Phone.
| Vote for me in Wireless LAN (WLAN) Top Sites List |
Click
Here for International Mobile Rates Starting at $0.05 per minute from
Your Wireless Phone.
Akonix 17 gateway manages security of instant-messaging, peer-to-peer programs.
Sam Costello, IDG News Service, Monday, June 10, 2002
Akonix Systems is announcing Monday a software technology designed to help companies identify and manage unapproved applications on their network that may cause security or compatibility problems. The Akonix L7 software platform identifies in particular "rogue" programs that are connected to the Internet and pose security risks, says Dmitry Shapiro, Akonix's chief strategy officer. Among the most notorious are popular instant-messaging and peer-to-peer applications.
These applications are identifiable as using "rogue protocols" because their communication methods are often undocumented, proprietary, or new, and are not yet incorporated into existing security products, making them hard for administrators to deal with, Shapiro says.
Akonix L7 tries to address that problem, however, by placing a gateway parallel to a company's firewall and intercepting, monitoring, auditing, logging, and enforcing policy on the communications sent by such protocols, he says. The gateway, which is a software application running on a standard Windows 2000 system, can be used to secure a variety of applications, though the first two classes covered are instant messaging and peer-to-peer, he says.
Akonix expects to ship its first product by the end of June. The first version will run only on Windows 2000, but Akonix plans to offer Linux support by the end of the year. The software will be sold by yearly subscription, based on the number of users in an organization and on the number of protocols covered. A one-year 50-user subscription will cost about $40 per user for one protocol, with additional protocols sold at a discount.
Akonix L7 lets companies apply their own policy to the content of instant messages, blocking messages that contain certain text, logging them, and performing other security functions, Shapiro says. File transfers sent through instant-messaging applications can be scanned for viruses as well, he adds.
The software modules in Akonix L7 are designed to specifically address a set of applications within a "rogue" category. The instant-messaging adapter set can monitor most major IM clients, including MSN Messenger, Yahoo Messenger, AOL Instant Messenger, ICQ, and more, Shapiro says. The peer-to-peer set covers a number of major peer-to-peer programs, he says.
All traffic sent by those applications is routed through the firewall to the gateway before it is sent out to the Internet, he says. At the gateway, policies are enforced, conversations are logged, and actions are taken, he says. The gateway can automatically discover what applications are being used on the network because the traffic flows through it, he says. User names and addresses are drawn out of the packets sent by the applications and stored in a central directory, so the program can track all the names and applications employed by each user, he says.
The software stops potentially sensitive instant messages from being sent across the Internet by appearing to be an instant-messaging server to the applications and rerouting messages sent to users within the network directly to their destination, Shapiro says. The software works in a similar way for users connecting to a network via a virtual private network, he says.
The software's strength in handling instant-messaging programs has pleased Kristoffer Stack, the vice president and director of network infrastructure at ING Furman Selz Asset Management, an investment banking firm in New York. IFSAM has been beta-testing the product for about two weeks, Stack says, adding that "it seems to be doing a great job."
IFSAM needed a product that could log, and sometimes block, instant-message conversations to ensure that the company complies with a set of as-yet-incomplete regulations governing the financial services industry, Stack says. Those regulations may require the logging of instant-message sessions between employees and people outside the company, he says.
"Until we heard of the Akonix product, we were not aware of a product that would allow us to log [IM conversations]," he says.
Stack also hopes to use Akonix L7 to block the use of peer-to-peer software within IFSAM. Peter Lindstrom, senior security strategies analyst at the Hurwitz Group, is also enthusiastic about the product. He says L7 could encourage the adoption of (and remove the fear of) new technologies, like instant messaging, in companies.
"[Instant messaging] has some potential for good business value," he says. "This is the controlled way to use a tool that can add value to [almost] any organization."