Clavister Proudly Announces RFC3514 Compliance

[Mikael Olsson <mikael.olsson () clavister com>]

An innovative security initiative                  Örnsköldsvik, Sweden
--------------------------------                          April 1, 2003

Clavister AB is proud to present the world's first RFC3514 
compliant network firewall product. In a proactive move,
Clavister implemented the "IPRF" consistency check five
years ago, making its firewall software RFC3514 compliant
before the fact.

With the release of the innovative security initiative 
outlined in ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt ,
Clavister will rename this setting to "IPEvilFlag" and change
its configurable set from "Ignore", "Strip" and "Drop" to
"Drop" and "HALT" in the new feature release scheduled
for April 31.

"We foresee a huge demand for the added HALT functionality.
With it, a firewall administrator will be able to cause the
firewall's CPU to immediately halt and cease forwarding traffic 
when it sees evil IP datagrams", says Mikael Olsson, R&D Manager 
at Clavister. "At this point, the administrator can connect to
the in-kernel debugger via XMLRPC and fully examine the state
of the state table as well as the packet buffers, and carefully
consider whether the firewall should continue to execute or
simply keep it halted until the attack has blown past."

"This represents a great leap forward in security for IP networks.
We applaud Steve Bellovin's ingeniousness in engineering this
fundamental change to the IP protocol.", concludes John Vestberg,
Vice President, Security.


-- 
Mikael Olsson, Clavister AB
Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden
Phone: +46 (0)660 29 92 00   Mobile: +46 (0)70 26 222 05
Fax: +46 (0)660 122 50       WWW: http://www.clavister.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards