Deploying Information Exchange Gateway solutions

With the current interest in Information Exchange Gateways (IEGs), I wanted to update you on the work that we have been doing with the European Defence Agency over the last year or so. Continue reading “Deploying Information Exchange Gateway solutions” →

The 12 Themes of 2014

Rather than bring you the 12 Days of Christmas, we’ve done the 12 themes of 2014 instead! A look back at what has been making the headlines in the world of Information Security (and beyond) this year. Take a moment to relive the year…… Continue reading “The 12 Themes of 2014” →

Guards are not Air Gaps

“An air gap is a network security measure that consists of ensuring that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an unsecured local area network.” (Wikipedia)

Note the emphasis in the word physically.

A number of forums have discussed whether data diodes are equivalent to air gaps in one direction, including a number of articles on this blog. In reality you can argue it both ways.

Continue reading “Guards are not Air Gaps” →

No, Shellshock does not defeat SELinux

A week is a long time in Cyber Security.

These past few weeks you may have heard about the latest ‘big vulnerability’, dubbed ShellShock. If you haven’t, or want more information on it, I direct you to the best authority I know: Wikipedia.

Continue reading “No, Shellshock does not defeat SELinux” →

Building the Guard

Okay. We’ve analysed the problem, we’ve produced an excellent design, and we’ve got our security approach nailed down. It’s time to get our hands dirty and actually build it.
Continue reading “Building the Guard” →

Nexor Directory Guardian

As readers of this blog will know, NEXOR have recently moved offices. Part of the culture of the new building is a less clutter. The journey involved opening many cupboards and draws that had not seen the light of day for a long time… until now…
Continue reading “Nexor Directory Guardian” →

What is the difference between a Guard and a Gateway?

Guards and gateways are full application layer proxies that connect to two or more networks. They accept data passed on an inbound network interface, ‘process it’, and then pass data to the outbound network interface. The difference between the two is in the ‘process it’ step.
Continue reading “What is the difference between a Guard and a Gateway?” →

Observations on the Forrester Report — Strategy Deep Dive: Define Your Data

The Forrester report Strategy Deep Dive: Define Your Data (free download, registration required) has an in-depth look at the topic of data classification and defines a framework for data protection, but appears to lack in detail on the “defending the data” step.

Continue reading “Observations on the Forrester Report — Strategy Deep Dive: Define Your Data” →