An Israeli company has introduced a system that it says will ease the concerns of banks and other large organizations about the safety of Java and Active-X programs.
These highly touted innovations of Sun Microsystems Inc. and Microsoft Corp., respectively, can be used to enliven and update Internet services. But security flaws have given some system planners pause.
Security-7 Software Inc., a year-old company that just opened its U.S. office in Boston, said its SafeGate system will protect networks from Java and Active-X invasions.
Security-7 is not the first to attack the problem. For example, Finjan Software Ltd. of Israel and its Santa Clara, Calif., affiliate Finjan Inc. introduced SurfinCheck last April for Java and Active-X protection at computer network gateways.
SafeGate was designed for larger enterprises and "higher-performance" demands than Finjan versions, said Security-7 co-founder, president, and chief executive officer Asher Jospe.
He said many major financial and industrial companies would be sales prospects, with banks, investment firms, and insurance companies constituting "a key vertical market."
Two technology companies with U.S. financial clients, Edify Corp. and Fujitsu America, did SafeGate beta tests over the last month. Mr. Jospe said the system, unveiled this week at the Networld+Interop convention in Atlanta, will be ready for delivery at the end of October.
"SafeGate provides Edify with a high level of protection from unauthorized executables entering our network from the Internet," said Gus Serna, information systems manager for the banking Web site developer.
Java programming is suited to delivering little programs, called applets, over a public network like the Internet. Java's early proponents emphasized the security of applets, but they have been shown to be less than air tight.
Active-X, Microsoft's version of an "executable," is said to be far more vulnerable. In a highly publicized incident last winter, an organized group of computer hackers in Germany compromised Active-X by way of the Internet Explorer browser.
"Active-X was inherently extremely insecure," Mr. Jospe said. "Java is less insecure but can be maliciously used to do tremendous damage."
Even though Active-X components have to be digitally signed to assure their validity, they must still be subjected to security checks, Mr. Jospe said.
SafeGate accomplishes these monitoring and policing tasks centrally, giving system managers wide latitude to set policies and parameters "on the fly" for multiple network gateways, individual users and groups, or functions.
In conjunction with firewalls-Security-7 has a cooperative relationship with Checkpoint Software Technologies Ltd., maker of FireWall-1-the system monitors attempted violations and prevents any security breaches from penetrating the network.
"SafeGate works seamlessly with the firewall, is easy to install and use, and its sophisticated management and reporting features ensure maximum (central) control" over network security, said Mr. Serna of Edify.
Mr. Jospe said SafeGate is the first in a product line called Secure Executables Platform that will offer "the security enterprises need today while providing a clear migration path to the future."
SafeGate is available for Windows NT operating systems and will be for Unix-based systems by yearend, Security-7 said. Prices start at $1,990 for up to 25 workstations and rise in steps to $8,990 for any number above 250.
