L-3 beefs up risk-assessment software
- By Colleen O'Hara
- May 16, 1999
L-3 Network Security Systems LLC earlier this month announced a new security product and an upgrade to its risk-assessment flagship software, which will help agencies identify network vulnerabilities and determine the effects these vulnerabilities could have on business operations, according to the company.Retriever 1.0, which is designed for local-area network and systems administrators, performs regular network scans, identifies critical network vulnerabilities and provides safeguard reports. Retriever also includes an automated scheduler so that administrators are notified when a new vulnerability appears on the network. Vulnerabilities include weak user-password policies, viruses and improper file permissions.
"What hasn't existed is a product that sits on the local-area network level that systems administrators can use," said Cress Carter, president of L-3 Network Security. "Retriever is the first security assessment tool designed for the [LAN] administrator. It identifies vulnerabilities at the network level, helps identify safeguards to put in place and makes sure what you think is protected is."
The new product includes the abilities to identify all components, services and systems on a network; to search for unauthorized modems connected to the network; to provide a list—upgraded frequently—of vulnerabilities associated with all network components and systems; and to present a selection of more than 2,000 safeguards and security practices to choose from to fix network vulnerabilities.
Retriever addresses users' demands, Carter said. "Users said, 'It has to be cheap and easy to use and has to be safe on my network,' " he said. Traditional network probes can cause network disruptions and are expensive, he added.
Retriever costs $500 a year per Class C address range scanned. L-3 Network Security also unveiled Expert 4.0, which is a new version of the company's flagship software that helps network managers pinpoint which business areas are the most at risk in the event the network is attacked or fails. Version 4.0 adds the business impact analysis capability.
The software helps managers relate the potential impact of a network vulnerability to the bottom line, Carter said. "Expert provides the links between the vulnerabilities and the business impact. It's the only software tool that does risk management on the network," he said, adding that the task is normally done by a security consultant.
In the military, confidentiality of data is a top priority, Carter said. "Expert can prioritize which vulnerabilities matter, what the security policy should be and what specific safeguards are needed."Expert provides a map of the network and also measures the costs associated with applying safeguards on the network. It analyzes external and internal threats, identifies which business operations are the most at risk and identifies which safeguards should be deployed first and which have the highest return on investment.
David Jarrell, technical director at the Federal Computer Incident Response Capability, said there is a need for these types of tools. "If everyone were using these tools and identifying these vulnerabilities and fixing them, we wouldn't have these problems today," he said. "If everyone were doing this, we wouldn't be in business." Agencies are looking for tools that are affordable because many are priced out of reach, Jarrell said.
Hughes Electronics has been using Expert for a number of years, said Bruce Middleton, senior security specialist in Hughes Electronics' Network Systems Division. Expert "produces reports that extract the technical jargon and give a CIO a report that can be [understood]," he said. Based on the reports, "a CIO can say, 'I will spend money or I will accept this risk. Then it is easier for me to get the funds to bring in what I need.' "
L-3 Network Security was founded in August 1998 and is a subsidiary of L-3 Communications Corp. However, L-3 Network Security has roots in the military, having received its initial technology—now known as the Expert product—from Trident Data Systems, which operates the Air Force's intrusion-detection system.
L-3 Network Security government users include the Air Force, the Army, the Coast Guard, the Federal Aviation Administration and the Navy. The company is in the process of beefing up its reseller channel and plans to add its products to the General Services Administration schedule.