Susan Smith has worked as an editor and writer in the technology industry for over 16 years. As an editor she has been responsible for the launch of a number of technology trade publications, both in print and online. Currently, Susan is the Editor of GISCafe and AECCafe, as well as those sites’ … More »
LGS Innovations Has Proactive Strategy to Fight Network Attacks
August 18th, 2016 by Susan Smith
Network attacks of all kinds are on the rise, and it is imperative that organizations deploy a proactive, defense-in-depth strategy that addresses all layers of the network.
LGS Innovations recognizes the importance of network-level software integrity as a component of the larger network security ecosystem. With a dedication to the evolution of enterprise support born from extensive experience deploying secure, mission-critical switching solutions, LGS Innovations offers CodeGuardian™: a solution that hardens network devices at both the software source code and binary executable levels to enhance overall network security.
Through a partnership with Alcatel-Lucent Enterprise (ALE), worldwide enterprise communications organization, the LGS CodeGuardian solution has been applied to ALE’s OmniSwitch family of products, to harden these network devices at both the software source code and binary executable levels within. David Lau, software engineer manager, Product, Solutions and Applications, said the company has a long heritage with Bell Labs. They recently purchased Axios, a traditional networking group.
Spectrum management has become a priority for the company as radio frequency becomes more of an issue. Bluetooth and wireless is in big demand with the government. LGS allows the Department of Defense to see what’s going on the spectrum.
LGS’ Code Guardian can look at source code and correct it, diversity it. Each agency can have different codes and make it hard to hack.
Secure Mobile-to-Mobile internet security protocol is encrypted and moving so that it’s hard to trace and to hack, intercept, or listen in on.
GISCafe Voice: When you say the CodeGuardian solution has been hardened, what exactly is meant by that?
For CodeGuardian, “hardening” refers to reducing the attack surface of a system. The CodeGuardian Independent Verification and Validation process finds and fixes software bugs that could be exploited by an attacker, reducing that attack surface. In addition, the software diversification procedure adds a layer of defense by rearranging the software map, making code reuse attacks that depend on known code instruction addresses much more difficult.
GISCafe Voice: Where does GIS factor into the development of this tool?
CodeGuardian is a service to enhance security of software through a multistage analysis procedure and layering of defensive techniques. Although the service can be applied to most software products, the targeted products are those that don’t have other layers of defenses already available. While your desktop PC can run antivirus and malware protection/cleanup programs, other devices in your network don’t have that capability. Devices such as routers, switches, NAS devices, Industrial Control Systems, SCADA Systems, IoT Devices, … the list is continually growing. These devices all having computing power and can be compromised. Most often they are compromised through software vulnerabilities inherent to the device. The CodeGuardian service analyzes the software to greatly reduce and eliminate those software vulnerabilities. By reducing vulnerabilities in the network components, CodeGuardian makes GIS (as well as other systems), more secure.
GISCafe Voice: Does the solution shut down the network or does it enable it to keep running while it blocks the breach?
The CodeGuardian service reduces the chances of a breach by making software/products more secure by removing the vulnerabilities that attackers could exploit. CodeGuardian does not replace an IPS or IDS, it further enhances security by ensuring that devices are not vulnerable before they are placed into the network. CodeGuardian is part of a defense in depth strategy for network security.
GISCafe Voice: How much time/revenue is saved by an organization having the CodeGuardian in place?
According to statistics from the Ponemon Institute, it takes on average of 46 days and $973,130 to resolve a malicious attack. CodeGuardian is not a stand-alone solution to cyber-attacks, rather, it adds a layer to the defense in depth strategy to devices that would ordinarily not be protected from these type of attacks. CodeGuardian works in conjunction with other best cyber security practices such as account management, anti-virus software, firewalls, etc.
GISCafe Voice: Is the response to embedded malware the same as for example other vulnerabilities, or does the solution respond differently to each type of assault?
Malware can take different forms. Some malware can be introduced through vulnerabilities on a running target. CodeGuardian addresses this form of malware through the Independent Verification and Validation to remove the vulnerabilities. Other forms of malware can be inserted by manipulating the binary images to change the functionality. CodeGuardian addresses this form of malware by protecting the supply chain. CodeGuardian maintains chain-of-custody from software analysis, through building of binary images, QA testing, and secure delivery to end customers defeating man in the middle attacks where software is compromised before delivery to the customer.