Developer and User Information
If you have ever thought about replacing your leased-line WAN with a VPN, read this first:
If you are not sure why you need to implement security between your offices, read this:
Want to help develop ISCS?
ISCS is a new approach to managing network security. By providing a simple, scalable and affordable method to create compartmentalized, multi-layered, security-in-depth, it addresses the disappearing network perimeter and prevents escalation of privileges in the event of a security compromise. It produces a measured reduction in network security configuration time of over 90% with a corresponding reduction in exposure to human error.
As an end user, will a 90% reduction in network security management overhead with fewer mistakes help you handle new security issues due to
As a security products or services vendor, will a 90% reduction in the time to configure and manage your systems give you a competitive advantage?
If so, keep reading!
The flexibility and efficiency with reduced response time, cost and human error associated with ISCS may be important to you if you are:
Just what do you mean . . . Network Security?
ISCS uses the term network security to refer to user authentication, access control, data encryption and authentication, routing, layer 2 device management and simple PKI management all managed as a single, automated, fully integrated, secure communications system. Additional planned subsystems include application proxies, IDS/IPS, Anti-Virus and Content Management.
ISCS administrators do not configure the security subsystems separately. They never write a single order dependent rule or complex security association. They describe the security environment in functional, practical, process oriented terms such as, "Sales needs access to Sales Data", "Marketing, Financial, Engineering and the outside Advertising Agency need access to the New Product Line data", "the 192.168.1.0/24 network should participate in the VPN", "the new acquisition's 10.1.1.0/24 network needs to NAT globally to 172.16.8.0/24 to avoid conflict with the existing 10.1.1.0/24 network" or "the credit card database servers should not be allowed to send packets any further than the e-commerce web server in the DMZ to prevent data theft over the Internet."
ISCS then resolves any conflicts between the subsystems and automatically creates and distributes all the rules and configurations for everything from proxy ARP to firewall to VPN to routing to NAT to certificate management. Fast, efficient and no human error.
ISCS is available free of charge under the GPL license or for a fee under commercial licensing where the GPL license is an obstacle. End users may find it more advantageous to purchase ISCS enabled equipment from commercial vendors.
ISCS is not the solution to every network security problem.
ISCS does provide an affordable, flexible and safe solution to the following problems and issues:
If you face any of these issues, ISCS, in either its free or commercial build your own versions or as supplied in an ISCS enabled device from a commercial vendor, may be your ideal solution.
ISCS is an enormous project. The many thousands of hours of labor have produced a product with efficiency and security exceeding proprietary products costing six figures yet it is free for all who may benefit from it.
Nonetheless, the developers, testers and documenters need to eat! And they are more efficient if their work is not an interrupted hobby but a full time, concentrated compensated endeavor.
Thus ISCS needs your direct support. ISCS is not a simple utility. It is not designed for small sites with a single firewall. The proprietary alternatives are VERY expensive. You can spend five and six figures on a proprietary network security management framework or you can support ISCS with 10% of the running cost overhead and far lower capital investment. We hope you will choose to use and support ISCS.
ISCS developers, testers and documenters depend upon others -- corporations, governments, hardware and software vendors, service providers, telecommunications carriers and any other organization that can profit from ISCS technology -- to support the development effort with human and financial resources. Both are valuable.
All financial and human resource contributions are managed through the Open Source Development Corporation in a manner which reduces conflict among potential competitors, deftly handles intellectual property rights and certifies the originality of all code. The details are explained in the OSDC web site.
If you believe ISCS technology can be of value to you as an end user or security vendor or of value to one of your business associates, vendors or clients, please contact the OSDC sponsorship department. The speed and breadth of ISCS development depends directly on the labor, equipment and particularly monetary contributions of those who use ISCS to generate value for their organizations.
The importance of volunteer effort to the ISCS project, from developers to testers, to documenters, cannot be overestimated. The value of volunteer effort on ISCS is rapidly approaching a half million US dollars.
We can use volunteers with the following skills:
We provide free training on ISCS to regular volunteers as there is a significant learning curve. It is important that the needed investment in training makes sense to both the ISCS team and the potential volunteer. We thus request that regular volunteers commit to a minimum average of eight hours per week. Of course, the team is always open to reviewing and accepting bug fixes and enhancements submitted by anyone as long as they certify the code as original and agree to the OSDC licensing terms.
All contributors retain the intellectual property rights to their contributions. However, to facilitate income generation in order to employ as many contributors as possible, alternate licensing is sometimes required. Therefore all contributors agree to grant OSDC an unlimited and unrestricted license to the use of their contribution.
Because of the size and scope of ISCS, it is a tightly managed project with emphasis on documentation, proper process, communication, quality, fit and finish, security and peer review. SourceForge is used to coordinate all GPL development.
If you have the time, the skills and a practical need for ISCS technology or just an academic interest in ISCS or one of its open projects, please consider becoming a regular volunteer to the team by contacting the Open Source Development Corporation.
All photos from stock.xchng
We are deeply grateful to SourceForge for their support!