Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
/

Start-up aims to shed light on network and firewall holes

Today's breaking news
Send to a friendFeedback

By Ellen Messmer
Network World, 04/23/01

SOMERSET, N.J. - A Lucent spinoff called Lumeta has begun offering managed services aimed at assessing network and firewall vulnerabilities.

While the market for security services is getting crowded, this start-up has a couple of things going for it. First, it is led by a technology development team that includes senior scientists Bill Cheswick and Avishai Wool, who are veterans in firewall and security research from their years at AT&T Bell Laboratories. And second, Lumeta has developed Unix-based technologies for network discovery and firewall analysis that the company says can audit networks more quickly and subtly than other services can.

The Network Discovery service can map out an internal network to see whether connected routers are authorized or whether there may be what Wool calls "rogue services" on the corporate network.

"We have one client that found adult Web services," he says. "And another found, to its surprise, that it was connected to a university in Asia."

Lumeta declined to name customers, except one - Microsoft.

The second of Lumeta's services, called Firewall Analyzer, looks at configurations on Check Point Firewall-1 systems and Cisco routers. In the fall, the service should be able to test Cisco PIX firewalls as well.

The service runs through vulnerabil-ity-assessment checks by trying out hundreds of millions of different routines, including checks of source and IP destinations, source port numbers and more.

It simulates "every possible packet that a firewall would ever see," Wool says.

Lumeta's checks permit the discovery of misconfigured firewalls within seconds by means of proprietary algorithms, he says. The company's approach does not involve network-penetration attempts, which is common among security auditing services.

"We uncover vulnerabilities no other tool has the time or ability to look for," Wool says. "One client had a rule to allow traffic into an internal server for netnews, but misconfigured the rule so that any hacker from the outside could attack the machine. The port number was correct, but they were doing source-port filtering in a way that unfortunately supported all kinds of attacks."

Lumeta competes against dozens of companies providing vulnerability-assessment services, such as Internet Security Systems and Securify. But it's impossible to tell how price-competitive Lumeta is because the company won't disclose prices.

Lumeta began in October and has 30 employees. The company has $5 million in funding from Lucent, Draper Fisher Jurvetson Gotham and others.

Lumeta: www.lumeta.com.

RELATED LINKS

Contact Senior Editor Ellen Messmer

Other recent articles by Messmer

Network World on Security
Sign up for our free e-mail newsletter.

Breaking security news


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.