Flexibility should come as standard in Information Exchange Gateways

19 May

In my role as a Solution Architect regular readers of this blog will know that this year I’ve been heavily involved in Information Exchange Gateways. I was recently over in Brussels at the European Defence Agency (EDA) headquarters to deliver a final presentation on the IEG work we have done for them. Possibly the biggest challenge that came up in the meeting was around the flexibility required in enabling secure information exchange.

Information Exchange Gateway presentation for EDAAlong with my colleague Neville Smikle, Head of Operations at Nexor, and our German partners at CSC, I was presenting to the member nations of the EDA. We were outlining the IEG Demonstrator that had been developed for them and looking at the issues that had been overcome in its development.

From my experience with this project and the others I’ve been working on recently, each scenario where an organisation wants to set up an information exchange gateway to enable secure sharing of information, ends up with specific factors that they require and these vary from project to project.

Some variations we’ve seen are:

  • Protocol variations – for example, different protocols used for simple file exchange;
  • Content inspection – the level and depth of content inspection expected;
  • Node protection – for example, the number of different anti-virus engines or types of Intrusion Detection/Prevention Systems in use;
  • Quarantine – how data that does not meet the security policy is to be handled;
  • Cost trade-offs – virtualisation can be used to reduce size, weight and power consumption, but for some customers this can introduce unacceptable hypervisor risks into the system;
  • Management integration – whether there is a need to integrate the IEG into a wider protective monitoring environment;
  • Accreditation – we have seen differences in the accreditation approach and the emphasis, or otherwise, placed on product evaluations (more on this particular aspect another day);
  • Through life support – differing approaches to system longevity, scalability, and adoption of newly discovered security vulnerabilities;
  • Rapid reconfiguration – to meet different deployment requirements, there is often a need for rapid reconfiguration of the system to adopt different protocols and security policies.

As such it is very hard to define an exhaustive list of exactly what is needed to implement an IEG – every situation is different, so it is vital that when you are looking at how to build a solution that you have flexibility to meet these different needs.

I’ve briefly covered the issue of flexibility here. The other big challenge that we discussed in Brussels was around getting solutions accredited, so I’ll tackle that in my next post.

In the meantime, if you want to find out more about IEGs and what the hot topics are with them at the moment then take a read of the new Nexor white paper “Information Exchange Gateways: The Evolving Story”.

I’d be interested to hear what your experiences have been, so please get in touch.

Please join the discussion, we welcome your views...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: