Company type | Division |
---|---|
Industry | Security software and services |
Founded | 1984 Minneapolis, Minnesota, U.S. (spun off from Honeywell) | (as Secure Computing Technology Center)
Fate | Acquired by McAfee |
Headquarters | San Jose, California, U.S. |
Key people | Dan Ryan (president and CEO) Richard Scott (chairman) |
Products | Security appliances and hosted services |
Revenue | $237.9 million USD (2007) |
Number of employees | ~1000 (2007) |
Parent | McAfee |
Website | www |
Secure Computing Corporation (SCC) was a public company that developed and sold computer security appliances and hosted services to protect users and data. McAfee acquired the company in 2008.
The company also developed filtering systems used by governments such as Iran and Saudi Arabia that blocks their citizens from accessing information on the Internet. [1] [2]
In 1984, a research group called the Secure Computing Technology Center (SCTC) was formed at Honeywell in Minneapolis, Minnesota. The centerpiece of SCTC was its work on security-evaluated operating systems for the NSA. This work included the Secure Ada Target (SAT) and the Logical Coprocessing Kernel (LOCK), both designed to meet the stringent A1 level of the Trusted Computer Systems Evaluation Criteria (TCSEC).
Over the next several years, Secure Computing morphed from a small defense contractor into a commercial product vendor, largely because the investment community was much less interested in purchasing security goods from defense contractors than from commercial product vendors, especially vendors in the growing Internet space.
Secure Computing became a publicly traded company in 1995. Following the pattern of other Internet-related startups, the stock price tripled its first day: it opened at $16 a share and closed at $48. The price peaked around $64 in the next several weeks and then collapsed over the following year or so. It ranged between roughly $3 and $20 afterward until the company was purchased by McAfee.
The company headquarters were moved to San Jose, California, in 1998, though the bulk of the workforce remained in the Twin Cities. The Roseville employees completed a move to St. Paul, Minnesota, in February 2006. Several other sites now exist, largely the result of mergers.
Secure Computing consisted of several merged units, one of the oldest being Enigma Logic, Inc., which was started around 1982. Bob Bosen, the founder, claims to have created the first security token to provide challenge–response authentication. Bosen published a computer game for the TRS-80 home computer in 1979, called 80 Space Raiders, that used a simple challenge–response mechanism for copy protection. People who used the mechanism encouraged him to repackage it for remote authentication. Bosen started Enigma Logic to do so, and filed for patents in 1982–83; a patent was issued in the United Kingdom in 1986. Ultimately, the "challenge" portion of the challenge–response was eliminated to produce a one-time password token similar to the SecurID product. Enigma Logic merged with Secure Computing Corporation in 1996.
Secure Computing acquired the SmartFilter product line by purchasing Webster Network Strategies, the producer of the WebTrack product, in 1996. [3] The acquisition included the domain name webster.com, which was eventually sold to the publishers of Webster's Dictionary .
Shortly after acquiring the Webster/SmartFilter product, Secure Computing merged with Border Network Technologies, a Canadian company selling the Borderware firewall. Border Network Technologies boasted an excellent product and a highly developed set of sales channels; some said that the sales channels were a major inducement for the merger. Although the plan was to completely merge the Borderware product with Sidewinder, and to offer a single product to existing users of both products, this never quite succeeded. In 1998, the Borderware business unit was sold to a new company, Borderware Technologies Inc., formed by one of the original Borderware founders.
By this time, the mergers had yielded a highly distributed company with offices in Minnesota, Florida, California, and two or three in Ontario. This proved unwieldy, and the company scaled back to offices in Minnesota and California.
In 2002, the company took over the Gauntlet Firewall product from Network Associates.
In 2003, Secure Computing acquired N2H2, the makers of the Bess web filtering package. There has been some consolidation of Bess and SmartFilter, and Bess is now referred to as "Smartfilter, Bess edition" in company literature.
An acquisition of CyberGuard was announced in August 2005 and approved in January 2006. (A year earlier, CyberGuard had attempted to acquire Secure Computing, but the proposal had been rejected). This was the largest merger by Secure Computing at the time and resulted in the addition of several product lines, including three classes of firewalls, content and protocol filtering systems, and an enterprise-wide management system for controlling all of those products. Several offices were also added, including CyberGuard's main facility in Deerfield Beach, Florida, as well as the Webwasher development office in Paderborn, Germany, and a SnapGear development office in Brisbane, Australia.
In 2006, the company merged with Atlanta-based CipherTrust, a developer of email security solutions. The merger was announced in July 2006 and completed in August 2006.
On July 30, 2008, Secure Computing announced its intention to sell the SafeWord authentication product line to Aladdin Knowledge Systems, leaving the company with a business focused on web/mail security and firewalls. The sale was concluded later that year.
On September 22, 2008, McAfee announced its intention to acquire Secure Computing. The acquisition was completed not long afterwards, and the combined company formed the world's largest dedicated security company at the time.
TrustedSource, a reputation system that Secure Computing obtained as part of the CipherTrust acquisition, was a key technology for the company, enabling all product lines with global intelligence capability based on behavioral analysis of traffic patterns from all of company's email, web and firewall devices and hosted services, as well as those of numerous OEM partners. TrustedSource derived real-time reputation scores of IPs, URLs, domains, and mail/web content based on a variety of data mining/analysis techniques, such as Support Vector Machine, Random forest, and Term-Frequency Inverse-Document Frequency (TFIDF) classifiers.
The company's flagship web security product line was the Secure Web appliance (formerly known as Webwasher). It provided Anti-Malware protection, TrustedSource reputation-enabled URL filtering controls, content caching, and SSL scanning capabilities.
In June 2008, Secure Computing launched Secure Web Protection Service, an in-the-cloud hosted web security service that provided a similar set of features to the Secure Web appliance, without requiring any on-premises equipment or software.
The company's flagship email security product line was the Secure Mail appliance (formerly known as IronMail). It provided TrustedSource reputation-enabled anti-spam, data-leakage protection (DLP), encryption and anti-malware capabilities.[ opinion ]
The company's flagship firewall product, formerly known as Sidewinder, [4] was renamed McAfee Firewall Enterprise; McAfee sold Sidewinder to Forcepoint in January 2016. [5] Over the years, Secure Computing (and its antecedent organizations) has offered the following major lines of firewall products:
The Sidewinder firewall incorporated technical features of the high-assurance LOCK system, including Type enforcement, a technology later applied in SELinux. However, interaction between Secure Computing and the open source community was spotty due to the company's ownership of patents related to Type enforcement. The Sidewinder never really tried to achieve an A1 TCSEC rating, but it did earn an EAL-4+ Common Criteria rating.
Along with Sidewinder, Gauntlet had been one of the earliest application layer firewalls; both had developed a large customer base in the United States Department of Defense. Gauntlet was originally developed by Trusted Information Systems (TIS) as a commercial version of the TIS Firewall Toolkit, an early open source firewall package developed under a DARPA contract.
The OpenNet Initiative studied filtering software used by governments to block access by their citizens and found Secure Computing's SmartFilter program heavily used by both the Iranian and Saudi governments. [1] [2] According to Secure Computing, any use of its software in Iran is without its consent—U.S. sanctions prohibit American companies from any dealings with Iran—and in 2005 the company said it is actively working to stop its illegal use. [2] [6] [7]
In response to the company, Jonathan Zittrain, co-director of Harvard Law School's Berkman Center for Internet and Society, stated, "[T]he fact remains that the software has been in use for an extended period of time there. And we've seen Secure Computing software turn up in more than just Iran. We've seen it in Saudi Arabia as well." [2]
In 2001 The New York Times reported that Secure Computing was one of ten companies competing for the Saudi government's contract for software to block its citizens' access to websites it deemed offensive. [8] The company already had a deal with the Saudis that was due to expire in 2003. In its defense, Secure Computing has always stated that it cannot control how customers use a product once it has been sold. [2] [8] According to the OpenNet Initiative's 2007 report, the Saudi government's censorship "most extensively covers religious and social content, though sites relating to opposition groups and regional political and human rights issues are also targeted." [9]
The governments of the United Arab Emirates, Oman, Sudan, and Tunisia also actively use SmartFilter. The Tunisian government goes so far as to redirect blocked pages to a fake Error 404 page, to hide the fact that blocking software is being used. [10] The Tunisian Government is generally recognized as having a poor record when it comes to the right of free expression.
McAfee Corp., formerly known as McAfee Associates, Inc. from 1987 to 1997 and 2004 to 2014, Network Associates Inc. from 1997 to 2004, and Intel Security Group from 2014 to 2017, is an American global computer security software company headquartered in San Jose, California.
CipherTrust was an anti-spam email software company based in Alpharetta, Georgia, although they had offices around the world. The company was co-founded by Jay Chaudhry and Lawrence Hughes. Chaudhry was CEO and chairman of the Board of SecureIT until it was acquired by VeriSign in August 1998.
Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.
An application firewall is a form of firewall that controls input/output or system calls of an application or service. It operates by monitoring and blocking communications based on a configured policy, generally with predefined rule sets to choose from. The two primary categories of application firewalls are network-based and host-based.
Check Point is an American-Israeli multinational provider of software and combined hardware and software products for IT security, including network security, endpoint security, cloud security, mobile security, data security and security management.
Trusted Information Systems (TIS) was a computer security research and development company during the 1980s and 1990s, performing computer and communications (information) security research for organizations such as NSA, DARPA, ARL, AFRL, SPAWAR, and others.
Barracuda Networks, Inc. is a company providing security, networking and storage products based on network appliances and cloud services. The company's security products include products for protection against email, web surfing, web hackers and instant messaging threats such as spam, spyware, trojans, and viruses. The company's networking and storage products include web filtering, load balancing, application delivery controllers, message archiving, NG firewalls, backup services and data protection.
VPN-1 is a firewall and VPN product developed by Check Point Software Technologies Ltd.
A virtual security appliance is a computer appliance that runs inside virtual environments. It is called an appliance because it is pre-packaged with a hardened operating system and a security application and runs on a virtualized hardware. The hardware is virtualized using hypervisor technology delivered by companies such as VMware, Citrix and Microsoft. The security application may vary depending on the particular network security vendor. Some vendors such as Reflex Systems have chosen to deliver Intrusion Prevention technology as a Virtualized Appliance, or as a multifunctional server vulnerability shield delivered by Blue Lane. The type of security technology is irrelevant when it comes to the definition of a Virtual Security Appliance and is more relevant when it comes to the performance levels achieved when deploying various types of security as a virtual security appliance. Other issues include visibility into the hypervisor and the virtual network that runs inside.
Cyberhound Pty Ltd, is an Australian-owned provider of internet and email security, filtering and management solutions founded in Brisbane by John Oxnam, Justin Cook and Trent Davis in 1999. It is a privately held company. CyberHound's head office is located in Fortitude Valley, Queensland, Australia. The company provides products for internet compliance, management and security.
eSoft was a Colorado-based company, that ceased operations in December 2013 and specializing in integrated security solutions including secure content management and unified threat management appliances. Privately held eSoft, based in the foothills of Broomfield, Colorado, has developed the award-winning InstaGate and ThreatWall security appliances, as well as modular software bundles called ThreatPaks that provide Email and Web security.
Blue Coat Systems, Inc., was a company that provided hardware, software, and services designed for cybersecurity and network management. In 2016, it was acquired by and folded into Symantec. In 2019 was, as part of Symantec Enterprise division, sold to Broadcom.
A virtual firewall (VF) is a network firewall service or appliance running entirely within a virtualized environment and which provides the usual packet filtering and monitoring provided via a physical network firewall. The VF can be realized as a traditional software firewall on a guest virtual machine already running, a purpose-built virtual security appliance designed with virtual network security in mind, a virtual switch with additional security capabilities, or a managed kernel process running within the host hypervisor.
In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.
Stonesoft Corporation was a public company that developed and sold network security solutions based in Helsinki, Finland. It was publicly owned until 2013 when it was acquired by Intel's subsidiary McAfee.
M86 Security was a privately owned Internet threat protection company that specialized in Web and email security products and content filtering appliances. The company's international headquarters were located in Basingstoke, with development centers located in California, Israel and New Zealand.
The following outline is provided as an overview of and topical guide to computer security:
Endian Firewall is an open-source router, firewall and gateway security Linux distribution developed by the South Tyrolean company Endian. The product is available as either free software, commercial software with guaranteed support services, or as a hardware appliance.
Forcepoint is an American multinational corporation software company headquartered in Austin, Texas, that develops computer security software and data protection, cloud access security broker, firewall and cross-domain solutions.
A secure access service edge (SASE) is technology used to deliver wide area network (WAN) and security controls as a cloud computing service directly to the source of connection rather than a data center. It uses cloud and edge computing technologies to reduce the latency that results from backhauling all WAN traffic over long distances to one or a few corporate data centers, due to the increased movement off-premises of dispersed users and their applications. This also helps organizations support dispersed users and their devices with digital transformation and application modernization initiatives.