3Com improves NIC security features

3Com Corp. this week will announce a new firmware add-on for its network interface cards that could be used to lock down servers and PCs to prevent hacks from outside or inside a company.

The network firm says the new NICs let network professionals secure networked PCs and servers by controlling exactly what can be done from a client PC or who can access certain servers. 3Com says the NICs can boost the speed of nodes that send encrypted data by off-loading encryption algorithms and other packet processing tasks from a PC's processor to the NIC.

A firewall enhancement will also be available on 3Com's 3CR990 10/100M bit/sec NIC with the on-board 3X reduced instruction set chip processor. The firewall technology will reside on the NICs as firmware. 3Com developed it with security software firm Secure Computing Corp.

On the client side, the NICs can be configured to prevent end users from sniffing packets or spoofing an IP address. The NICs can also prevent end users from sending fragmented packets - a technique used in some distributed denial-of-service attacks. The NICs can be configured to limit which network servers a PC can access.

In a server, the NICs can be configured to allow access only to certain users, such as an extranet business partner, based on IP address. Server NICs can be told not to send pings or fragmented packets, which can help stem distributed denial-of-service attacks if a server is taken over by hackers.

In order to set and distribute security policies across an organization, 3Com's Embedded Firewall Policy Server is required. The Windows NT/2000-based software lets users make standard security templates and distribute the settings to NICs across the network. The server is also required for retrofitting existing 3CR990 NICs with the firewall software and for upgrading the NICs as new versions are released.

As companies open their corporate firewalls to share resources with online business partners and extranet customers, securing resources inside the firewall becomes critical, according to John Harrison, product line manager for 3Com. Additionally, businesses must deal with the threat of network resource abuse by internal employees.

"There's a lot of contractors, temporary employees or even malicious insiders who can reek havoc on a corporate network," Harrison says.

In a 2000 survey of 643 U.S. organizations conducted by the Computer Security Institute (CSI) in San Francisco and the FBI, more than 70 percent of the companies said they had at least one incident of unauthorized network use by someone inside their networks. The CSI/FBI survey found that external hacking occurred in only 30 percent of the companies and that the average monetary damage done by external hackers cost companies an average of US$25,000, as opposed to the average cost of $1.8 million for internal system attacks.

The cost of a single desktop NIC firewall upgrade is $50. The Embedded Firewall Policy Server costs $1,000, and a single-client license for the server costs $200. The firewall upgrade and server software will be available in the third quarter. The 3CR990 PC and server NICs are available now, and cost $120 and $130 each.