Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Apple tops the $100B+ tech club
How to get the IRS' attention: Forge nearly $8 million in tax returns, steal identities
Microsoft details Windows 8 for ARM devices
Blogger exposes major Google Wallet security flaw
Web app lets enterprise set security, sharing for Google Apps users
Cloudscaling to offer OpenStack private cloud platform
Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
Microsoft details 'Windows on ARM' program
March debut of 'iPad 3' a sure bet, says analyst
Resume Makeover: How an Information Security Professional Can Target CSO Jobs
FBI unbolts Steve Jobs 1991 investigation file
Cisco boosted profit, sales in Q2 while cutting costs
Macs take on the enterprise
/

Start-up aims to shed light on network and firewall holes

Today's breaking news
Send to a friendFeedback

By Ellen Messmer
Network World, 04/23/01

SOMERSET, N.J. - A Lucent spinoff called Lumeta has begun offering managed services aimed at assessing network and firewall vulnerabilities.

While the market for security services is getting crowded, this start-up has a couple of things going for it. First, it is led by a technology development team that includes senior scientists Bill Cheswick and Avishai Wool, who are veterans in firewall and security research from their years at AT&T Bell Laboratories. And second, Lumeta has developed Unix-based technologies for network discovery and firewall analysis that the company says can audit networks more quickly and subtly than other services can.

The Network Discovery service can map out an internal network to see whether connected routers are authorized or whether there may be what Wool calls "rogue services" on the corporate network.

"We have one client that found adult Web services," he says. "And another found, to its surprise, that it was connected to a university in Asia."

Lumeta declined to name customers, except one - Microsoft.

The second of Lumeta's services, called Firewall Analyzer, looks at configurations on Check Point Firewall-1 systems and Cisco routers. In the fall, the service should be able to test Cisco PIX firewalls as well.

The service runs through vulnerabil-ity-assessment checks by trying out hundreds of millions of different routines, including checks of source and IP destinations, source port numbers and more.

It simulates "every possible packet that a firewall would ever see," Wool says.

Lumeta's checks permit the discovery of misconfigured firewalls within seconds by means of proprietary algorithms, he says. The company's approach does not involve network-penetration attempts, which is common among security auditing services.

"We uncover vulnerabilities no other tool has the time or ability to look for," Wool says. "One client had a rule to allow traffic into an internal server for netnews, but misconfigured the rule so that any hacker from the outside could attack the machine. The port number was correct, but they were doing source-port filtering in a way that unfortunately supported all kinds of attacks."

Lumeta competes against dozens of companies providing vulnerability-assessment services, such as Internet Security Systems and Securify. But it's impossible to tell how price-competitive Lumeta is because the company won't disclose prices.

Lumeta began in October and has 30 employees. The company has $5 million in funding from Lucent, Draper Fisher Jurvetson Gotham and others.

Lumeta: www.lumeta.com.

RELATED LINKS

Contact Senior Editor Ellen Messmer

Other recent articles by Messmer

Network World on Security
Sign up for our free e-mail newsletter.

Breaking security news


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.