|
March
2001
|
|
|
|
Where
should e3000 Internet security be established?
As balloting begins at the Interex Web site for HP 3000 enhancement requests, the top vote-getter among Web experts in the preliminary SIG-Web survey is IPSec, a security plan that does encryption at the IP level. The plan will get a place on the final SIB ballot that determines what HP may engineer for the 3000, but theres some debate about whether IPSec is the right encryption plan for the HP 3000. Advocates say IPSec is bundled with Windows 2000, and implementing it for the 3000 would save HP a lot of work. It is apparent that the best [security] solution lies at the IP transport layer, said AICS Research founder Wirt Atmar, where encryption can be performed without the knowledge of or requiring any code change to any of the [NS, Internet or ARPA] services. Security should be a process that is completely invisible to everything above it the various protocols (HTTP, FTP, Telnet, etc.), and even higher yet, the application programs. This is the simple and elegant solution. Not everybody agrees. Some 3000 networking experts point to IPSec itself being vague as a standard, one far from perfect in its current state, and note that the proper use of a gateway or VPN concatenator could serve the same function. But given its omnipresent nature, the Windows implementation is probably the one to shoot for, and the upcoming HIPAA regulations for healthcare companies are bound to press the HP 3000s security into question. Customers are asking for encryption all around for all the network services on the 3000 telnet, FTP, even VT. Supplying IPSec for the system may be a way to satisfy a lot of requests at once, so long as CSY can wire the technology into its often-revised networking stack for the system. Go vote at the Interex site (www.interex.org/advocacy) and help tell HP if IPSec has a future on MPE/iX. Copyright The 3000 NewsWire. All rights reserved |