As reported last October, Stonesoft's CEO Ikka Hiidenheimo told Infosecurity that his researchers had discovered a new packet-based attack methodology that could bypass all known network security technologies.
The problem with AETs, he says, is that normal behaviour analysis technology does not work against the new packet-based attack vector, meaning that even multi-layered IT security technology does not solve the problem.
Five months down the security road and today, in describing its StoneGate Authentication Solution – SAS – as a dynamic security system, Stonesoft claims that, as well as using secure sockets layer (SSL) and VPN technologies, the platform can extend a highly secure IP session to remote, as well as local, users.
Citing the recent and widely reported hack of EMC/RSA's systems, Stonesoft adds that a number of RSA customers are now seeking out additional measures to ensure secure remote access to their networks. The SAS technology, claims the firm, can even be extended to support 'soft' (i.e., hardware-less) multi-authentication sessions into a cloud computing resource.
Marco Rottigni, Stonesoft's SSL VPN product manager, said that many of today's systems for secure remote access are built on an antiquated architecture.
"Fifteen years ago, tokens made sense, but that is not the case today. Mobile users need secure remote access anywhere, while IT needs a way to quickly and easily manage that access", he said.
Against this backdrop, he adds that the only way to achieve this is by combining multiple authentication methods in a dynamic solution, which is where Stonegate's SAS enters the frame.
In use, Stonesoft says that its SAS platform seamlessly integrates multiple authentication systems, including legacy token systems and text message one-time PIN services.
The audit logging system on SAS, meanwhile, supports geo-location data, which the firm claims helps to increase the IT department's awareness about remote access trends and threats.