August 31, 2004

As More Security Holes Are Announced, DeepNines Urges Market to Protect Routers

DALLAS, TEXAS - Late last week, Cisco Systems informed its customers of security holes in two of its access and authorization products, the Cisco Secure Access Control Server for Windows (Windows ACS) and Cisco Secure Access Control Server Solution Engine (Secure ACS). Denial-of-service exploitation of either of these two vulnerabilities could force a router shutdown/reboot or allow an attacker to gain unauthorized access to network devices controlled by the ACS. However, none of that will be a problem for companies whose routers and networks are protected by the DeepNines Security Platform.

Cisco says the two products are vulnerable when flooded with TCP connections on port 2002. In that scenario, the ACS is unable to process authentication requests and requires rebooting. Cisco also found that spoofing specific network addresses enables attackers to gain unauthorized access to the network. The DeepNines Security Platform monitors all traffic and TCP connections and keeps spoofed IP addresses out of the network. It protects the most critical entry point to an enterprise's network ­ the router.

"The DeepNines Security Platform sits invisibly in front of the router and blocks or quarantines all malicious, suspicious and anomalous traffic entering the network," says DeepNines President and COO Dan Jackson. "The DeepNines Security Platform protects the router and the network with intelligent monitoring and stops IP spoofing. As a result, there's no unauthorized entry through port 2002 ­ Our platform just doesn't fall for that kind of subtle subterfuge."

The DeepNines Security Platform has no MAC or IP address, meaning that it is invisible in its logical position in front of the router. From this location, DeepNines monitors all connections accessing the network. If a hacker tries to spoof an IP address, the system recognizes it and immediately stops the incoming conversation. Regardless of the type of router, external monitoring of traffic ­ using both signature-based and rate-based techniques ­ is an effective way to protect the router and the network on the other side of that router.

"Market-share is driving hacker decisions, whether it's these two Cisco vulnerabilities today, or a whole slew of new vulnerabilities tomorrow. The fact is, routers are vulnerable and not designed to fend off attacks," Jackson said. "As part of a layered approach to network security, the DeepNines Security Platform is designed to thwart attacks so routers and networks remain focused on what they were designed to do ­ route traffic. Our job is to ensure they stay clean and productive by letting the good guys in and keeping the bad guys out. It's that simple."

About Deep Nines Inc. DeepNines offers a scalable security platform for Global 2000 companies with a vertical market focus in education, government, telecommunications, energy and financial services. The DeepNines Security Edge PlatformT integrates intelligent firewall, intrusion prevention, best-of-breed secure content management, forensics and reporting. It operates outside the network infrastructure, improving organizations' security "deep into the nines." DeepNines' Security Edge Platform, the company's patent-pending security system, is a fully automated signature and behavior-based, intrusion prevention and traffic management system preventing known and unknown attacks from entering an organization's network. The Security Edge Platform runs on Solaris and Linux platforms from Sun Microsystems. To learn more about Deep Nines visit www.deepnines.com.