What is the difference between a Guard and a Gateway?

Guards and gateways are full application layer proxies that connect to two or more networks.  They accept data passed on an inbound network interface, ‘process it’, and then pass data to the outbound network interface.   The difference between the two is in the ‘process it’ step.
Continue reading “What is the difference between a Guard and a Gateway?”

The Need for Network Segregation in Critical Infrastructure Systems

A recent article in the NY Times claims:

The vast majority of targeted computer attacks now start with a malicious e-mail sent to a company employee. Now evidence suggests that the same technique could be used to attack watersheds, power grids, oil refineries and nuclear plants.

This cannot be allowed to happen, here I explore the issue in a little more detail.

Continue reading “The Need for Network Segregation in Critical Infrastructure Systems”