|
|
|
|
|
Government Agency implements secure transfer of Management Information
For more information please contact info [at] nexor [dot] com (subject: Secure transfer of management information)
|
Over the summer, we worked with a new government customer to provide secure one-way data transfer capability to enable sharing of management information between domains of differing security classifications. A number of different types of data were catered for in this project including HP Operations Manager data, event data files, anti-virus updates, Windows updates, SQL updates and encrypted files. Our solution provided support for SSL connections, thus enabling use of HP Operations Manager. We provided technical advice, training, software development and implementation services alongside diode technology. The approach implemented is aligned with the CESG Design Pattern for Audit and Monitoring across security domains.
|
|
Final Trials of Nexor ISTAR Gateway
For more information please contact info [at] nexor [dot] com (subject: Nexor ISTAR Gateway)
|
The first Nexor ISTAR Gateways are due to ship early in 2012. Designed, trialled and accredited during Empire Challenge, this flexible, scalable and modular solution can incorporate any appropriate combination of guards, gateways and diodes configured to suit the traffic flows and assurance levels required. The first deployments will comprise a two-way solution with guaranteed one-way data flow in each direction with appropriate protocol and dirty word content filtering applied prior to information release by Nexor Real-Time Guardian. This solution is configured to carry streaming video and camera control information.
|
|
Enhancing Secure Information Infrastructure (ESII)
For more information please contact info [at] nexor [dot] com (subject: Enhancing ESII)
|
As an Associate member of the ESII consortium, we are currently contributing to a range of research tasks covering optimisation of communications and cross domain information sharing in the maritime and land arenas. Work will continue into 2012.
|
|
Commercial Product Assurance
For more information please contact colin [dot] robbins [at] nexor [dot] com (subject: Commercial Product Assurance)
|
Nexor has joined the Crypto Developer Forum Baseline Group, to participate in the development of security characteristics in support of the CESG Commercial Product Assurance (CPA) scheme. This activity is complementary to Nexor’s announcement relating to Common Criteria and our ongoing commitment to delivering assurable solutions.
|
|
News in Brief
|
-
Three further Nexor Sentinel 2 mailguards have been shipped for key NATO programmes
-
The Security Policy consultancy assignment for the European Defence Agency European Battlegroup Reference Architecture study has completed
-
The Information Exchange Requirements study for the European Defence Agency has also completed with recommendations for the next steps towards implementing an Information Exchange Gateway.
|
 |
|
|
|
|
|
Preventing Data Leakage to a Public Cloud
|
Public sector organisations across the world are looking to embrace cloud services with the objective of reducing overall IT spend through use of shared services. Within the UK public sector, cloud technology is considered "good" for Impact Level 0 (IL0) and IL1 level data (80% of data), but not suitable for the higher impact levels (20% of data). To facilitate adoption of the cloud, the risk that higher impact level data may leak needs to be managed. We have developed a proof-of-concept to show how a content-filtering proxy can intercept typical web application data, in this case Microsoft SharePoint data, and make a release decision. The concept applies equally well to other cloud applications and platforms.
|
|
A New Approach to Tracking Classified Documents
|
Nexor has undertaken a research programme, funded initially by the East Midlands Regional Development Agency and more recently by the Technology Strategy Board, to look at alternative approaches to preventing the loss of unstructured, sensitive data from a business. Using innovative sensors and fingerprints, combined with a four-layer approach, covering file discovery and analysis, data processing and reporting, Dinoto offers a powerful framework to track and report on the content of information flows, without compromising privacy or confidentiality.
|
|
|
|
|
|
|
|
Nexor Real-Time Guardian
|
Nexor Real-Time Guardian is a high performance data guard that provides assured transfer of information in real time. The product prevents sensitive information leakage and transfer of malicious data by performing deep inspection of the content. Its innovative framework is designed to handle multiple different protocols to support real time streaming of data and application specific filters to provide deep content checks. The product is delivered as a hardened appliance on standard COTS hardware and uses SELinux to enforce strict security policy controls. Management of the appliance is performed using the Nexor Commander management interface
|
|
Nexor Commander
For more information please contact info [at] nexor [dot] com (subject: Nexor Commander)
|
Nexor Commander allows administrators to remotely manage Nexor appliances using a simple, consistent and easy to use web based graphical user interface across all products. Whether managing a single or multiple instances of a product or even multiple different products, Nexor Commander gives the appropriately authenticated administrator control over the policy to be enforced.
|
|
CyberShield Secure™ Methodology
|
Nexor’s CyberShield Secure™ capability enables the creation of security critical software to reduce risk of software failure causing a security incident. The methodology comprises a complete approach to cyber security including a secure facility, expert software engineering resources and a robust, flexible methodology that is applicable to all stages of a development, a consultancy assignment or an implementation programme. We focus on establishing security objectives at the start of the project, undertaking appropriate threat modelling, creating counter-measures and ensuring effective threat monitoring and patching action.
|
|
|
|
|
|
|
|
Nexor Steers Virtual Task Force
For more information please contact colin [dot] robbins [at] nexor [dot] com (subject: Virtual Task Force)
|
Intellect and A|D|S have established a Virtual Task Force (VTF) to enhance security information sharing, incident and trend activity reporting and security educational awareness for the Advanced Technology & Manufacturing industry, feeding into the cyber security ‘hub’ referenced in the UK Governments Cyber Security Strategy. Nexor is a member of the steering group of the VTF and a participant in the pilot project.
|
|
Latest Cyber Champions News
|
Since the launch of Cyber Champions in June this year, Nexor has continued to support the initiative. Our CEO, Steve Kingan, is delighted that our young professionals have been mentoring in local schools and explains, “Whilst it is critical to educate kids to make sure they are safe online, it is also important for graduates to work in the community and develop themselves; becoming Cyber Champions gives them this opportunity.”
|
|
The IAAC Consumerisation Research
For more information please contact colin [dot] robbins [at] nexor [dot] com (subject: IAAC Consumerisation Research)
|
There are a number of major drivers (cloud, mobile devices, culture...) that are bringing about a sea change in use and availability of information collectively being referred to as consumerisation. Nexor is actively participating in the Information Assurance Advisory Council (IAAC) workshop programme focused on identifying what impact this sea change in the use of information will have on Information Assurance.
|
|
Twitter
|
Tweeters can follow @nexor to keep up to date with news and views more regularly. |
|
|
|
|
|
|
|
Early next year, we will be present at:
|
Security and Policing: 31st January to 2nd February 2012
We will be on Stand D9 at FIVE in Farnborough
|
|
|
