New York -- Just as department stores need guards
and video-monitoring equipment, Internet communications and commerce
require firewalls, encryption devices, and monitoring of downloadable
Click on our Sponsors to help Support SunWorld
Whether people are more likely to be victims of fraud by punching in
credit card numbers into a PC or sending out e-mail, rather than
speaking credit card numbers aloud to someone on the phone or mailing a
letter, is debatable. But there is a perception of lack of security
For example, while 62 percent of consumers believe that the
telephone is "safe and secure," only 28 percent believe that the World
Wide Web and online services are, according to a poll commissioned by
AT&T and carried out by Odyssey, a research firm in San Francisco. This
could account for the fact that while 39 percent of the 2,003 consumers
polled said they expect to make an online purchase next year, 58
percent said they would purchase goods by phone.
"There are two ways to look at the equation -- for people who have
made purchases online, they perceive it to be as reliable, comparably,
to anything else," said Michael Coates, a spokesman for Virtual
Vineyards in Palo Alto, CA. More than 90 percent of consumers who
purchase food and wine products listed at the Virtual Vineyards Web
site do so by typing in credit card numbers online rather than using
the 800 number listed on the site, Coated pointed out. "But for those
people not used to the Internet, security is an impediment."
To enhance security, Virtual Vineyards will incorporate the Verisign
authentication-certificate software into its site, based on Silicon
Graphics Inc. servers.
Security is also a major issue for consumers who would like to do
banking by PC, network administrators who need to protect intranets
from intruders on the Internet, and users who want to make sure e-mail
can be read only by the intended recipient.
For network managers or end users shopping around for security
products to protect intranets, e-mail, or transactions, there is a
growing market of products. Some products coming on to the market now
- PrivaSuite from Aliroo Ltd.
The package includes three programs:
PrivaMail, for encrypting all or parts of text sent by e-mail or other
transmission systems; PrivaSoft, for encrypting faxes, which are
descrambled by scanning them into a computer; and PrivaFile, for
encrypting and compressing files for archive security and e-mail. The
encryption uses a private/public key technique, which allows users to
send encrypted messages to anyone who has a public encryption address.
The receiver then uses a private key to open the file. The software
comes in 40-bit and 56-bit encryption versions, and a trial version can
be downloaded from the company's Web site. Single-user versions are
priced at $98, and corporate server-side versions are also available
with user management functions. Versions are available in English,
Portuguese, Spanish, German, Japanese, and Chinese.
- Private I from Open Systems Solutions Inc.
The product is an
add-on to Cisco Systems Inc.'s Private Internet Exchange (PIX) firewall
system. Private I integrates the PIX system logs to create audio,
screen, e-mail, and paging alerts as well as graphs and usage
statistics. Firewall reports can be issued as often as once a second.
The software also can produce ad-hoc query reports on system usage.
Different versions of the product work with the different versions of
PIX, which scales up to more than 16,000 simultaneous TCP/IP
connections. Pricing starts at $2,000 for the PIX-32 system, scaling up
to $7,500 for the PUIX-1638.
- Digipass from Vasco Data Security Inc.
Digipass is a system
based on "tokens" in which the client units look something like a small
electronic calculator. When users log on to a system or send or
receive information, they use the token, which generates a one-time,
unique password using a calculation that takes into account the time of
day. The calculations generated by the token are synchronized on the
server side. The system is designed for financial institutions as well
as corporations that want a more sophisticated authentication system
than what typical, unchanging passwords provide. Pricing starts at $50
per token, with volume discounts. Digipass is being introduced now in
U.S.; it has already been available in Europe, through Belgium-based
Lintel Security, a Vasco subsidiary.
- WebStalker-Pro for Windows NT from Haystack Labs Inc.
WebStalker, already out for Unix systems from Sun Microsystems Inc. and
IBM, is designed to supplement firewall software by monitoring all
activity at a Web site server, shutting down connections from
unauthorized users and issuing usage reports. The system also offers
management features such as automatic restart for servers that go
down. The product, available in the first quarter next year, is priced
- SurfinGate 1.0 from FinJan Software Ltd.
The software analyzes
applications downloaded from the Internet, such as Java applets or
ActiveX controls, at the gateway, before the applications pass through
to a company's intranet. Network management functions allow managers to
determine which departments or groups of users are allowed access to
different types of Internet downloadables. The product also comes with
a database of downloadable programs that are known to do damage.
Another product, SurfinShield, which monitors downloadables at the
desktop level, now features ActiveX control scanning abilities, in
addition to Java scanning. SurfinGate and the new version of
SurfinShield will be available in the first quarter of 1997.
SurfinShield is priced at $49 per user; pricing for SurfinGate starts
at $1,250, depending on the number of users.
--Marc Ferranti, IDG News Service, New York Bureau
Click on our Sponsors to help Support SunWorld
If you have technical problems with this magazine, contact