Images Events Jobs Premium Services Media Kit Network Map E-mail Offers Vendor Solutions Webcasts
IT Management Webcasts:
The Role of Security in IT Service Management

Preparing for an IT Audit

More Webcasts

Search EarthWeb Network

Be a Commerce Partner
Computer Hardware
Domain registration
Send Text Messages
Prepaid Phone Card
Corporate Gifts
Computer Deals
PDA Phones & Cases
Online Shopping
Logo Design
Online Education
Home Improvement
Boat Donations

Linked Data Planet Conference & Expo

IT Management : Columns : Executive Tech: Who Will Build the First 'Application Proxy'?

Install What You Need with Windows Server 2008
Windows Server 2008 is Microsoft's most full-featured server operating system yet, so it's ironic that one of its most exciting new features is an install option that cuts out most of the other features. Paul Rubens explores why a Server Core installation makes a great deal of sense in many instances. »

Identify Hardware and Software That Meet Microsoft Standards
The "Certified for Windows. Server 2008" logo identifies hardware and software solutions that meet Microsoft standards for compatibility and best practices with the Windows Server 2008 operating system. »

Windows Server Catalog: Certified Hardware Devices
Search the Windows Server 2008 catalog to find solutions to deploy with confidence. »

Windows Server Catalog: Certfied Servers
Search the Windows Server 2008 catalog to find servers you can deploy with confidence. »

Download the Windows Server 2008 Trial
With Windows Server 2008 you can develop, deliver, and manage rich user experiences and applications, provide a secure network infrastructure, and increase technological efficiency and value within your organization. »

- ITSMWatch Newsletter -
Tech Focus: Security

Cybersecurity: Laws Only Go So Far

Mozilla Firefox vs. Internet Explorer: Which is Safer?

Is Your Blog Leaking Trade Secrets?

The Las Vegas Counterfeiting Story: Is Your Privacy Worth More Than a Poker Chip?

Stopping Spammers at The Point of Sale

Product Watch
PacketLogic - Packet Inspection Platform Provides Traffic Shaping and Filtering Features
VMware Infrastructure - Core Components for Data Center Virtualization
Small Business Publisher - Print Flyers, Letterheads, Envelopes and More
IOGEAR KVM - Includes Audio/Peripheral Sharing
Coverity Prevent / Coverity Thread Analyzer - Analyze Source Code For Defects, Security Vulnerabilities

more products >>

Datamation Definitions
data mining
grid computing
network appliance
FREE Tech Newsletters

Datasheet: OS Deployment with System Center Configuration Manager. Get a centralized, scalable & customizable way for IT administrators to deploy Client & Server operating systems quickly & cost-effectively.

Who Will Build the First 'Application Proxy'?
July 27, 2004
By Brian Livingston

Brian Livingston I've seen the future, and I want it installed on my network today.

This is the only problem: I'll have to find someone to mass-produce tomorrow's new, new thing first.

What I've seen is an internationally patented design for an innovative ''secure application proxy''. It's something that promises to immunize PCs against any threat that might come at them from the Internet or a LAN. It also would protect the LAN, in turn, from an individual compromised PC. But only three of these novel devices exist in the world, and not one of them is in my hands -- or yours.

A Kooky Idea or Magic Bullet?

This story goes back to a topic I wrote about in this space on April 5. I said then that a small, private company, Laboratory of Security Technology (LSTec) in Kiev, Ukraine, had invented an add-in board that promises to solve some of the most bothersome burdens that haunt PCs.

If the device can do what the company claims, it will:

  • Protect a PC against virus-type attacks across a network;
  • Stop buffer overruns and similar hacker tricks that can compromise a PC, and
  • Isolate a PC from the LAN it's connected to in the event that a virus or Trojan horse does manage to take control of the machine.

This is all pretty fantastical stuff. But I got a different perspective on the matter when two of the executives of LSTec flew halfway around the world to meet with me. (By the way, they also met with a few American venture capitalists, too).

How an Application Proxy Would Work

These officials -- CTO Aleksey Shevchenko and Acting COO Jeff Howley -- showed me schematics and independent technical reports backing up the claims for their device, which is code-named ''XB-1''. I still don't have an actual add-in board to torture-test, and I don't know exactly when I will, because you might actually get one before I do. I'll explain in a moment.

Meanwhile, here's LSTec's concept of how an application proxy operates:

  • Main CPU. Say a PC user starts an application on a machine that includes the add-in card (or a planned external device). The running code of the app is sucked into an on-board CPU and executes from there, not from the PC's own CPU;
  • Main Memory. The app, which is now running on the card, also makes use of the card's RAM instead of the memory installed in the PC, and
  • Flash Disk Drives. Finally, when the app thinks it's writing to the PC's hard disk, it's actually writing to a virtual hard disk composed of Flash memory on the card.

All of these redirections are designed for a single purpose. Applications on a machine protected by the XB-1 simply are not permitted to do things that no sensible enterprise technogist wants to allow them to do anyway.

Raising Better-Behaved PCs

This device -- this ''secure application proxy'' -- is said to stop dead some of the worst nightmares that system administrators have faced since computer viruses were first unleashed:

  • Intrusion prevention. Using behavior-based detection rather than signature definitions that need constant updating, the XB-1 is said to reject remote intrusions with little or no periodic downloading of revised instructions;
  • No buffer overruns. If a virus does manage to access a PC to attempt to write to memory in an illegitimate way, the XB-1 is there to prevent the PC's actual memory from being affected at all, and
  • No broadcast attacks. Finally, if a PC does get infected -- perhaps it's a laptop that was brought in from outside to re-connect with the corporate LAN -- the XB-1 immediately restricts machine-to-machine transmission of the virus or its commands. This protects the larger network from exposure.

Every running application, in other words, is put into a ''sandbox'' from which it can't harm other machines or be harmed by other machines. This concept has been developed in software for years. But the XB-1 seems to be integrating the idea into hardware in a way that promises a big payoff.

I know this all sounds pie-in-the-sky. But, at one time, so did the thought that pocket phones would eventually have more computing power than the mainframes of the day.

The inventors at LSTec -- who work in a country where top engineers earn $500 a month -- are sharp but not rich. They're looking for, say, an investment of $2 million in return for equity in their company. This, they explain, would enable them to stamp out thousands of the boards so corporate IT heads and the global press could try the things out as much as they like.

Howley is temporarily serving as COO for LSTec while also wearing the hat of president of his own enterprise management and planning firm, EMPlan Inc. He says LSTec hasn't even named anyone as its CEO yet, because an investor -- perhaps an American -- might want to assume that position himself or herself.

He offers up his e-mail address ( and invites serious players to ping him. I know some of my readers make deals on that scale every day. That's why I said that you might have one of these fascinating boards before I do. Money talks, and money might also solve our biggest security problems.

Brian Livingston is the editor of and the co-author of Windows Vista Secrets and 10 other books. Send story ideas to him via his contact page. To subscribe free and receive Executive Tech via e-mail, visit our signup page.

Add to your favorites
Add to your browser search box
IE 7 | Firefox 2.0 | Firefox 1.5.x
Receive news via our XML/RSS feed

Executive Tech Archives



Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Whitepapers and eBooks
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Microsoft Article: 7.0, Microsoft's Lucky Version?
Microsoft Article: Hyper-V--The Killer Feature in Windows Server 2008
Avaya Article: How to Feed Data into the Avaya Event Processor
Microsoft Article: Install What You Need with Windows Server 2008
HP eBook: Putting the Green into IT
Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency
Avaya Article: Setting Up a SIP A/S Development Environment
IBM Article: How Cool Is Your Data Center?
Microsoft Article: Managing Virtual Machines with Microsoft System Center
HP eBook: Storage Networking , Part 1
Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
Intel Video: Are Multi-core Processors Here to Stay?
On-Demand Webcast: Five Virtualization Trends to Watch
HP Video: Page Cost Calculator
Intel Video: APIs for Parallel Programming
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
Downloads and eKits
Sun Download: Solaris 8 Migration Assistant
Sybase Download: SQL Anywhere Developer Edition
Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
Red Gate Download: SQL Compare Pro 6
Iron Speed Designer Application Generator
Tutorials and Demos
How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology
eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors
IBM Article: Collaborating in the High-Performance Workplace
HP Demo: StorageWorks EVA4400
Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class
Microsoft How-to Article: Get Going with Silverlight and Windows Live