Developer and User InformationResources:ISCS:
If you have ever thought about replacing your leased-line WAN with a VPN, read this first:
If you are not sure why you need to implement security between your offices, read this:
Training
docs:
Want to help develop ISCS?
|
ISCS is a new approach to managing network security. By providing a simple, scalable and affordable method to create compartmentalized, multi-layered, security-in-depth, it addresses the disappearing network perimeter and prevents escalation of privileges in the event of a security compromise. It produces a measured reduction in network security configuration time of over 90% with a corresponding reduction in exposure to human error.
The
proliferation of mobile and remote computing, collaborative
computing and new modes of cyber attack have turned traditional
security models inside out. . . One must assume the attacker
will be on the inside and build a security model which can
respond to this eventuality.
As a security products or services vendor, will a 90% reduction in the time to configure and manage your systems give you a competitive advantage? If so, keep reading! The flexibility and efficiency with reduced response time, cost and human error associated with ISCS may be important to you if you are:
Just what do you mean . . . Network Security?
[Previously], the network media and the computing devices
existed within a physically secure environment with few and
well protected interfaces to the world at large. [Now, with
mobile computing,] neither the wireless network media nor the
computing devices are in a physically secure environment.
Interfaces to the world at large are . . . in the tens of
thousands. ISCS administrators do not configure the security subsystems separately. They never write a single order dependent rule or complex security association. They describe the security environment in functional, practical, process oriented terms such as, "Sales needs access to Sales Data", "Marketing, Financial, Engineering and the outside Advertising Agency need access to the New Product Line data", "the 192.168.1.0/24 network should participate in the VPN", "the new acquisition's 10.1.1.0/24 network needs to NAT globally to 172.16.8.0/24 to avoid conflict with the existing 10.1.1.0/24 network" or "the credit card database servers should not be allowed to send packets any further than the e-commerce web server in the DMZ to prevent data theft over the Internet."
The problem with network security is not the lack of good
security tools; it is the management of those tools and the
exposure to human error. ISCS is available free of charge under the GPL license or for a fee under commercial licensing where the GPL license is an obstacle. End users may find it more advantageous to purchase ISCS enabled equipment from commercial vendors. What ISCS can do for you:ISCS is not the solution to every network security problem. ISCS does provide an affordable, flexible and safe solution to the following problems and issues:
If you face any of these issues, ISCS, in either its free or commercial build your own versions or as supplied in an ISCS enabled device from a commercial vendor, may be your ideal solution. What you can do for ISCS:ISCS is an enormous project. The many thousands of hours of labor have produced a product with efficiency and security exceeding proprietary products costing six figures yet it is free for all who may benefit from it. Nonetheless, the developers, testers and documenters need to eat! And they are more efficient if their work is not an interrupted hobby but a full time, concentrated compensated endeavor. Thus ISCS needs your direct support. ISCS is not a simple utility. It is not designed for small sites with a single firewall. The proprietary alternatives are VERY expensive. You can spend five and six figures on a proprietary network security management framework or you can support ISCS with 10% of the running cost overhead and far lower capital investment. We hope you will choose to use and support ISCS. SponsorsISCS developers, testers and documenters depend upon others -- corporations, governments, hardware and software vendors, service providers, telecommunications carriers and any other organization that can profit from ISCS technology -- to support the development effort with human and financial resources. Both are valuable. All financial and human resource contributions are managed through the Open Source Development Corporation in a manner which reduces conflict among potential competitors, deftly handles intellectual property rights and certifies the originality of all code. The details are explained in the OSDC web site. If you believe ISCS technology can be of value to you as an end user or security vendor or of value to one of your business associates, vendors or clients, please contact the OSDC sponsorship department. The speed and breadth of ISCS development depends directly on the labor, equipment and particularly monetary contributions of those who use ISCS to generate value for their organizations. VolunteersThe importance of volunteer effort to the ISCS project, from developers to testers, to documenters, cannot be overestimated. The value of volunteer effort on ISCS is rapidly approaching a half million US dollars. We can use volunteers with the following skills:
We provide free training on ISCS to regular volunteers as there is a significant learning curve. It is important that the needed investment in training makes sense to both the ISCS team and the potential volunteer. We thus request that regular volunteers commit to a minimum average of eight hours per week. Of course, the team is always open to reviewing and accepting bug fixes and enhancements submitted by anyone as long as they certify the code as original and agree to the OSDC licensing terms. All contributors retain the intellectual property rights to their contributions. However, to facilitate income generation in order to employ as many contributors as possible, alternate licensing is sometimes required. Therefore all contributors agree to grant OSDC an unlimited and unrestricted license to the use of their contribution. Because of the size and scope of ISCS, it is a tightly managed project with emphasis on documentation, proper process, communication, quality, fit and finish, security and peer review. SourceForge is used to coordinate all GPL development. If you have the time, the skills and a practical need for ISCS technology or just an academic interest in ISCS or one of its open projects, please consider becoming a regular volunteer to the team by contacting the Open Source Development Corporation. Illustrations and ExamplesPhoto Credits: All photos from stock.xchng Photographers: gt1633@nate.com www.imaginative.de jimdel@pleiadesgroup.com www.dwyer.de nick@colombweb.net hostmaster@777westel.hu marcia.rodrigues@netmadeira.com sunstreamgrafix@yahoo.com
|
Sponsorship InformationContact Sponsorship Department Current Sponsors:
I would like a live demonstration of ISCS
We are deeply grateful to SourceForge for their support! |