DOCSLIB.ORG

Cloud Computing Security Modeling and Analysis Based on a Self-Cleansing Intrusion Tolerance Technique

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cloud Computing Security Modeling and Analysis Based on a Self-Cleansing Intrusion Tolerance Technique Journal of Information Assurance and Security. ISSN 1554-1010 Volume 11 (2016) pp. 273-282 c MIR Labs, www.mirlabs.net/jias/index.html Cloud Computing Security Modeling and Analysis based on a Self-Cleansing Intrusion Tolerance Technique Iman EL MIR1, Dong Seong Kim2 and Abdelkrim HAQIQ3 1Computer, Networks, Mobility and Modeling laboratory FST, Hassan 1st University, Settat, Morocco [email protected] 2Department of Computer Science and Software Engineering University of Canterbury, New Zealand [email protected] 3Computer, Networks, Mobility and Modeling laboratory FST, Hassan 1st University, Settat, Morocco e-NGN Research Group, Africa and Middle East [email protected] Abstract: Nobody can deny that Cloud computing, a rapidly to perform their applications and services. Users are able developing information technology, has attired the concern of to provision cloud computing resources without requiring the whole world. However, this emergent technology is Internet- human interaction, mostly done though a web-based self- based computing, allows on demand network access to a shared service portal. However, Cloud computing provides to enter- resources, software and information where it becomes an im- prises and,to its legitimate users on demand network access portant security issue. Consequently, we must have a clear un- to applications and shared pool of computing resources with- derstanding of potential security benefits and risks associated out installation, it delivers three fundamental service models with cloud computing. Since security is increasingly the princi- [1], such as Software as a Service(SaaS), Platform as a Ser- pal concern in the conception and implementation of software vice(PaaS) and, Infrastructure as a Service(IaaS). systems, it is very important that the security mechanisms are designed so as to protect the computer systems against cyber • IaaS : the cloud providers deliver computation process- attacks. An Intrusion Tolerance Systems play a crucial role in ing, storage, networks and computing resources. Hence, maintaining the service continuity and enhancing the security the consumer can deploy and run an arbitrary applica- compared with the traditional security. In this paper, we pro- tion, which is able to support operating systems and ap- pose to combine a preventive maintenance with existing intru- plications. For instance, VMware and HP are IaaS ven- sion tolerance system to improve the system security. We use a dors. Semi-Markov Process to model the system behavior. We quan- • PaaS : is a cloud computing model that delivers applica- titatively analyze the system security using the measures such tions over the Internet on-demand. It used to reduce to as system availability, Mean Time To Security Failure and cost. customer organizations the costs which can be invested The numerical analysis is presented to show the feasibility of the on infrastructure when they are developing software ap- proposed approach. An Intrusion-Tolerant System (ITS) aims plications. Microsoft windows, Google AppEngine are to maintain a useful level of operational capability throughout some examples. ongoing cyber-attacks. The applications that are part of an ITS, especially those that provide critical services for the sys- • SaaS : is a software distribution model that providers to tems mission therefore, must survive the failures and unwanted users the possibility to access into applications through changes in the system caused by malicious acts of intruders. a single interface. So, they should just require Internet Keywords: Intrusion Tolerance, Preventive Maintenance, System connection and web browser. As an example of SaaS Availability, Cloud Computing vendors, we can list Amazon, Yahoo and Google. Cloud computing attracts different users owing to its high re- I. Introduction sources elasticity and scalability which offers important sav- ings in terms of investment and manpower. The massive us- Cloud computing is an emerging technology that allows the age of cloud resources in different domain such as data stor- central remote servers to be connected to Internet in order age, operating system, cooling has many data security and MIR Labs, USA Cloud Computing Security Modeling and Analysis based on a Self-Cleansing Intrusion Tolerance Technique 274 protection challenges. It involves potential cyber-security are described and a detailed comparison has been made in risks. For this reason, the security of network systems has re- section IV. The proposed stochastic model is presented in ceived considerable attention. The traditional security mech- section V. Section VI presents numerical analysis and dis- anisms such as firewalls and Intrusion Detection Systems cusses the limitations of the proposed approach as well as (IDS) monitor the events occurring in a computer network suggesting further research. Finally, section VII is devoted and analyze them to protect the network from malicious in- to the conclusion. cidents. IDS can detect the intrusions spreading in the net- work. But these technologies are still ineffective against un- II. Related Work known and undetected attacks and cannot guarantee that a system is absolutely intruded. To improve such limitations, Most current information systems that provide useful ser- intrusion tolerance techniques have been proposed. Intrusion vices to their legitimate users are connected to the Internet, tolerance was introduced by Fraga et al. [2]. Its main objec- and it is not obvious to successfully protect such systems tive [3] is not about how to defend or detect the intrusion, but against all threats. In this context, various researches have how to tolerate the intrusion. An intrusion tolerance system been performed on intrusion tolerance and, multiple intru- has to provide services to legitimate users of a network even sion tolerant architectures have been proposed in order to if there are attacks in the network. Bloom et al. [4] suggested guarantee high quality of services and to enhance the secu- two classes of intrusion tolerance and mitigation techniques rity. Some well-known intrusion tolerance systems are Scal- namely fault tolerance and quality of service. Fault tolerance able Intrusion-Tolerant Architecture (SITAR), Malicious and can be applied at three levels: hardware level, software level, Accidental Fault Tolerance for Internet Applications (MAF- or system level. knowing that Fault tolerance is a property TIA) [9], Self-Cleansing Intrusion Tolerance (SCIT). that provides the survivability to a system to continue op- SITAR is a framework of an intrusion tolerant architec- erating properly in the presence of malicious attacks in the ture [10], was developed as a part of the DARPA funded system and Quality of service is an important issue for intru- program called OASIS (Organically Assumed and Surviv- sion tolerance system. In order to devise an effective intru- able Information Systems). It maintains services in order to sion tolerance system, one has to first think about to provide protect COTS (Commercial Off The Shelf) servers from ex- services without degradation of quality of traffic. Hence, the ternal attacks by detecting intrusions and reconfiguring of the tolerance mechanism should be able to provide a good qual- compromised servers. MAFTIA [11] was developed in the ity of services without being interested by the attacks if they OASIS program as European project. Its architecture con- are happening in a system or not. tains several layers based on conceptual models, mechanisms A virtualization-based Intrusion Tolerant System (ITS) can and protocols for achieving tolerance. provide uninterrupted services without being seriously af- Madan et al. [12] modeled the SITAR as Semi-Markov Pro- fected by various system deficiencies and different attack in- cess (SMP) model to evaluate different security attributes of tensity [5]. The Self-Cleansing Intrusion Tolerance (SCIT) the SITAR system such as availability, integrity, and confi- uses a typical virtualization-based intrusion tolerance sys- dentiality. They suggested that the attacker behavior can be tem through its proactive recovery approach. SCIT maintains described by identifying several general probability distribu- service availability through periodic recovery and allows re- tion functions. They used a steady-state analysis to obtain moving and minimizing the effects of malicious attacks. The dependability measures such as availability and, a transient effectiveness of SCIT in terms the security and performance analysis with absorbing states to calculate security measures has been verified in the domains such as Web service sys- such as MTTSF. tems [6], DNS systems [7], and firewall systems [8]. Lim et al. [13] presented a new virtualization-based server Previous intrusion tolerance techniques have focused on cluster system using three schemes namely, simplified rota- proactive recovery approaches. In this paper, we propose tion process to minimize system overhead, exposure time ad- to use a preventive maintenance technique in addition to the justment to prevent the degradation of system performance, proactive recovery approach. For instance, if Denial of Ser- and spare server insertion to deal with heavy incoming pack- vice vulnerabilities are identified by an attacker, the attacker ets. These proposed schemes are evaluated for ubiquitous sends a large amount of data in order to violate the availabil- computing systems in order to enhance the security and to ity of the target the network. If a preventive
Load more

Recommended publications
  • July Edition
    July Edition From the Technical Coordinator From the Section Emergency Coordinator From the Affiliated Club Coordinator From the Public Information Coordinator From the Section Traffic Manager Out and About From the Educational Outreach ARES Training Update From the Official Observer Coordinator Handbook Give Away DMR Fun Things To Do, Classes & Hamfests Too Weather Underground Stations Club Corner Final.. Final.. From the Technical Coordinator Jeff Kopcak – K8JTK TC [email protected] Hey Gang, Around the time of Dayton, the FBI asked everyone to reboot their routers. Why would they do that? Over the last two years more than 500,000 consumer and small business routers in 54 countries have become infected with a piece of malware called “VPNFilter.” This sophisticated malware is thought to be the work of a government and somewhat targeted with many of the infected routers located in Ukraine. Security researchers are still trying to determine what exactly VPNFilter was built to do. So far, it is known to eavesdrop on Internet traffic grabbing logon credentials and looking for specific types of traffic such as SCADA, a networking protocol controlling power plants, chemical plants, and industrial systems. Actively, it can “brick” the infected device. Src: Cisco’s Talos Intelligence Group Blog Bricking is a term to mean ‘render the device completely unusable’ and being as useful as a brick. In addition to these threats, this malware can survive a reboot. Wait, didn’t the FBI ask all of us to reboot our routers? Won’t that clear the infection? No. In order for this malware to figure out what it needs to do, it reaches out to a command-and-control server.
    [Show full text]
  • A Survey on Network Firewall Solutions
    A Survey on Network Firewall Solutions Nahid Kausar Shaikh Poonam Dhawale Asst. Prof., Department of Information Technology Asst. Prof., Department of Information Technology A.P. Shah Institute of Technology, A.P. Shah Institute of Technology, Thane, Maharashtra, India Thane, Maharashtra, India [email protected] [email protected] Shruti Agrawal Asst. Prof., Department of Computer Engineering A.P. Shah Institute of Technology, Thane, Maharashtra, India [email protected] Abstract — Today, as the number of online users increasing be a hardware device or a software program running on a rapidly resulting in complex networks and increase in network computer. Independent of the type of firewall, it must have at threats. Firewalls are an essential part of any information least two networks interfaces. One of its interfaces is connected security system being the first defense line against security to the private network and other is connected to the public attacks. Firewall is one of the most important parts of the network. network system which provides security in both the direction. It monitors both incoming and outgoing traffic and the specified Classification of the network firewall can be based on action. Firewalls can be categorized on the basis of usage and different parameters. features. There are a number of paid solutions present in the market but are expensive. As a result, Free or open source 1.1.1 Classification based on Firewall Usage firewall solutions can alternative to the paid solutions. Pfsense is 1.1.2 Classification based on Firewall Features free or open source firewall based on Free-BSD. Endian Firewall Community (EFW) is also free, open source network firewall 1.1.1 Classification based on Firewall Usage which is based on Linux.
    [Show full text]
  • Kansalaisen Mikrotuen Palomuurijärjestelmä
    Opinnäytetyö (AMK) Tietojenkäsittelyn koulutusohjelma Tietoliikenne 2012 Tero Mäkelä KANSALAISEN MIKROTUEN PALOMUURIJÄRJESTELMÄ OPINNÄYTETYÖ (AMK) | TIIVISTELMÄ Turun ammattikorkeakoulu Tietojenkäsittelyn koulutusohjelma | Tietoliikenne Marraskuu 2012 | 59 sivua Esko Vainikka Tero Mäkelä KANSALAISEN MIKROTUEN PALOMUURIJÄRJESTELMÄ Opinnäytetyön tavoitteena on luoda Kansalaisen mikrotuelle palomuurijärjestelmä, jolla saadaan jaettua asiakas- ja työntekijälaitteet omiin verkkoihin. Rajatussa asiakasverkossa laitteet voidaan huoltaa turvallisesti vaikuttamatta muiden laitteiden tietoturvallisuuteen haitallisesti. Lisäksi luodaan palomuurijärjestelmän käyttöohjeet. Palomuurijärjestelmän luomisprosessia tarkastellaan järjestelmäkehityksen elinkaarimallin avulla. Palomuurin ja RAID-tekniikoiden toiminta pyritään selvittämään perusominaisuuksien ja toimintaperiaatteiden osalta. Järjestelmän alkuunpanossa selvitetään palomuurin vaatimusmäärittelyt, jonka jälkeen hankitaan tarvittavat laitekomponentit ja selvitetään Kansalaisen mikrotuen verkon rakenne. Tämän jälkeen suoritetaan palomuurijärjestelmien vertailu, jonka perusteella valitaan käyttöön tuleva palomuurijärjestelmä. Lopuksi järjestelmä asennetaan ja asetetaan asetukset vaatimusmäärittelyn mukaisesti. Järjestelmä saatiin otettua käyttöön useista järjestelmän asennuksen aikana syntyneistä vastoinkäymisistä huolimatta. Järjestelmä saatiin vastaamaan vaatimusmäärittelyjä muuten, paitsi välityspalvelimen osalta. ASIASANAT: Palomuurit, RAID, Kansalaisen mikrotuki, pfSense BACHELOR´S THESIS |
    [Show full text]
  • Cross-Site Request Forgery Attacks Against Linksys Wireless Routers Ryan L
    Purdue University Purdue e-Pubs College of Technology Masters Theses College of Technology Theses and Projects 5-7-2010 Cross-Site Request Forgery Attacks Against Linksys Wireless Routers Ryan L. Poyar Purdue University - Main Campus, [email protected] Follow this and additional works at: http://docs.lib.purdue.edu/techmasters Poyar, Ryan L., "Cross-Site Request Forgery Attacks Against Linksys Wireless Routers" (2010). College of Technology Masters Theses. Paper 20. http://docs.lib.purdue.edu/techmasters/20 This document has been made available through Purdue e-Pubs, a service of the Purdue University Libraries. Please contact [email protected] for additional information. CROSS-SITE REQUEST FORGERY ATTACKS AGAINST LINKSYS WIRELESS ROUTERS A Thesis Submitted to the Faculty of Purdue University by Ryan Lewis Poyar In Partial Fulfillment of the Requirements for the Degree of Master of Science May 2010 Purdue University West Lafayette, Indiana ii To my family for always encouraging me to be better at whatever I do and for being there for me. Also to all of the amazing people that I have met at Purdue University, without whom, I probably would not have been able to get through this thesis. iii ACKNOWLEDGMENTS The author would like to thank his committee for taking him on in lieu of not having taken the thesis preparation course and being on a short time frame. Their patience and guidance was invaluable. Also, to his professors and other faculty who mentored him throughout the thesis. Finally, to all of his friends and colleagues who not only were great resources to bounce ideas off of, but who also supported him through the difficult times.
    [Show full text]
  • Savernova Network ID PRO TECTSTA R™ ™ AW ARD Protectstar 2008
    Savernova Network ID PRO TECTSTA R™ ™ AW ARD PROTECTsTAR 2008 ProtectStar™ Comparison Test 2008 Internet Security Suites TABLE OF CONTENTS: Page 2 Table of Contents Page 3 A.) Tested Products and Versions B.) Background Information C.) General Explanation of the Test Procedures Page 4 D.) Evaluation Criteria Page 5 E.) Test: SECURITY THE FIREWALL – external protection THE FIREWALL – internal protection MALWARE DETECTION SECURITY RECOMMENDATIONS FROM PROTECTSTAR™ Page 9 F.) Test: USER-FRIENDLINESS Page 12 G.) Test: PERFORMANCE Page 14 H.) Test: PRICE/EQUIPMENT RATIO Page 15 I.) CONCLUSION Page 16 K.) CONCLUSION II (recommendations) Page 17 Comments, Criticism and Donations Contact & Copyright 2 PRO TECTSTA R™ ™ AW ARD PROTECTsTAR 2008 A.) Tested Products and Versions Manufacturer Product Name Setup file size Release (version) Agnitum OutpostPro Security Suite 2008 30,4 MB 6.0.2225.232.0465 Avira Premium Security Suite 2008 18,8 MB 7.06.00.168 BitDefender Internet Security 2008 41,8 MB n/a BullGuard BullGuard 8.0 30,4 MB n/a ESET Smart Security 3.0 18.0 MB 3.0.621 F-Secure Internet Security 2008 81,9 MB n/a G DATA Internet Security 2008 201,8 MB 18.0.7295.201 Kaspersky Internet Security 7.0 28,9 MB 7.0.1.321 McAfee Internet Security 2008 38,7 MB n/a Microsoft Live OneCare 2.0 n/a 2.0.2500.14 Panda Internet Security 2008 50,0 MB 12.00.00 Symantec Norton Internet Security 2008 61,5 MB n/a Trend Micro Internet Security 2008 88,3 MB 16.00.1645 n/a = no details available as not shown in program itself B.) Background Information available.
    [Show full text]
  • Computer Security 37 8.1 Vulnerabilities
    Contents 1 Antivirus software 1 1.1 History ................................................ 1 1.1.1 1949-1980 period (pre-antivirus days) ............................ 1 1.1.2 1980-1990 period (early days) ................................ 2 1.1.3 1990-2000 period (emergence of the antivirus industry) ................... 2 1.1.4 2000-2005 period ...................................... 3 1.1.5 2005 to present ........................................ 3 1.2 Identification methods ........................................ 4 1.2.1 Signature-based detection .................................. 4 1.2.2 Heuristics ........................................... 4 1.2.3 Rootkit detection ....................................... 5 1.2.4 Real-time protection ..................................... 5 1.3 Issues of concern ........................................... 5 1.3.1 Unexpected renewal costs ................................... 5 1.3.2 Rogue security applications .................................. 5 1.3.3 Problems caused by false positives .............................. 5 1.3.4 System and interoperability related issues ........................... 6 1.3.5 Effectiveness ......................................... 6 1.3.6 New viruses .......................................... 6 1.3.7 Rootkits ............................................ 6 1.3.8 Damaged files ......................................... 6 1.3.9 Firmware issues ........................................ 7 1.4 Performance and other drawbacks .................................. 7 1.5 Alternative solutions
    [Show full text]
  • Microsoft Security Intelligence Report Volume 6 July Through December 2008
    Microsoft Security Intelligence Report Volume 6 July through December 2008 Microsoft Security Intelligence Report Microsoft Security Intelligence Report The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copy- rights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Copyright © 2009 Microsoft Corporation. All rights reserved. Microsoft, the Microsoft logo, ActiveX, BitLocker, Forefront, Hotmail, Internet Explorer, MSN, OneCare, Outlook, the Security Shield logo, SmartScreen, Windows, the Windows Logo, Windows Live, Windows Media, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corpora- tion in the United States and/or other countries.
    [Show full text]
  • User's Manual
    User’s Manual © 2002 Zone Labs, Inc. All Rights Reserved. TrueVector, ZoneAlarm, Zone Labs, the Zone Labs logo and Zone Labs Integrity are either registered trademarks or trademarks of Zone Labs, Inc. Cooperative Enforcement and Policy Lifecycle Management are service marks of Zone Labs, Inc. All other trademarks are the property of their respective owners. Zone Labs Inc., 1060 Howard Street, San Francisco, CA 94103. USA. ZoneAlarm Pro 3.0 User’s Manual—Page 2 of 138 © Copyright Zone Labs, Inc. 2002 1 Introduction ................................................................ 9 Welcome to ZoneAlarm Pro 3.0................................................................................... 9 How this guide is organized........................................................................................ 9 2 How ZoneAlarm Pro protects you .......................... 11 Firewall protection...................................................................................................... 11 What’s a firewall? .........................................................................................................11 What are ports?............................................................................................................11 What is a protocol? .......................................................................................................12 How does it work? ........................................................................................................12 What is a Zone? ...........................................................................................................12
    [Show full text]
  • Comparative Analysis of Iptables and Shorewall
    COMPARATIVE ANALYSIS O F IPTABLES AND SHOREWA LL Muhammad Zeeshan Ahmad This thesis is presented as a part of Degree of Bachelor of Science in Electrical Engineering Supervisor: Raja M. Khurram Shahzad School of Engineering Internet: www.bth.se/ing Blekinge Institute of Technology Phone: +46 455 38 50 00 371 79 Karlskrona, Sweden Fax: +46 455 38 50 57 “Start by doing what's necessary, then what's possible; and suddenly you are doing the impossible.” Saint Francis ii Abstract The use of internet has increased over the past years. Many users may not have good intentions. Some people use the internet to gain access to the unauthorized information. Although absolute security of information is not possible for any network connected to the Internet however, firewalls make an important contribution to the network security. A firewall is a barrier placed between the network and the outside world to prevent the unwanted and potentially damaging intrusion of the network. This thesis compares the performance of Linux packet filtering firewalls, i.e. iptables and shorewall. The firewall performance testing helps in selecting the right firewall as needed. In addition, it highlights the strength and weakness of each firewall. Both firewalls were tested by using the identical parameters. During the experiments, recommended benchmarking methodology for firewall performance testing is taken into account as described in RFC 3511. The comparison process includes experiments which are performed by using different tools. To validate the effectiveness of firewalls, several performance metrics such as throughput, latency, connection establishment and teardown rate, HTTP transfer rate and system resource consumption are used.
    [Show full text]
  • Firewall Free
    FREE FIREWALL PDF Andy McNab | 576 pages | 05 Dec 2011 | Transworld Publishers Ltd | 9780552163552 | English | London, United Kingdom What is a Firewall and Why Do I Need One? It inspects incoming and outgoing traffic using a set of rules Firewall identify and Firewall threats. Firewalls are used in both Firewall and enterprise settings, and many devices come with one built-in, including Mac, Windows, and Linux computers. They are widely considered an essential component of network security. Firewalls are important because they have had Firewall huge influence on modern security techniques and are still Firewall used. They first emerged in the early days of the internet, Firewall networks needed new security methods that could handle increasing complexity. Firewalls have since become the foundation of network security in the client-server model — the central architecture of modern computing. Most devices use firewalls — or Firewall related tools — to inspect traffic and mitigate threats. Firewalls are used in both Firewall and consumer settings. Modern organizations incorporate Firewall into Firewall security information and event management Firewall strategy along with other cybersecurity devices. They may be installed at an organization's network perimeter to guard against external threats, or within the network to create segmentation and guard against insider threats. In addition to immediate threat Firewall, firewalls perform important logging and audit functions. They keep a record of events, which can be used by administrators to identify patterns and improve rule sets. Rules should be updated regularly Firewall keep up with ever-evolving cybersecurity threats. Vendors discover Firewall threats and develop patches to cover them as soon as possible.
    [Show full text]
  • Cyber Security Considerations and Techniques
    Cyber Security: Considerations and Techniques for Network-Based Protection Contents An Industry Whitepaper Executive Summary ................................... 1 Introduction to Cyber Security ...................... 2 Secure Pipes – the CSP as Cyber Protector ..... 2 Executive Summary Network Layers – Private and Public ............ 2 The term cyber security describes a wide range of Cyber Security Threat Considerations ............. 4 issues and solutions related to protecting Botnets – A Landscape of Threats ............... 4 communications service providers (CSPs), residential subscribers and business customers from malicious Zombies ........................................... 4 Internet activity and harmful content. Examples of Phishing Scams ................................... 4 cyber security threats include: Malware ........................................... 5 Illegal and harmful web content DDoS Attacks ..................................... 5 Phishing scams Outbound Spam .................................. 6 Malware infections and scanning activity The Negative Impact of Botnets .............. 6 Distributed Denial of Service (DDoS) attacks Outbound spam Harmful Web Content .............................. 7 Botnets Cyber Security Threat Mitigation Techniques .... 8 While CSPs are stuck with the cost of transporting ‘bad Secure Pipes with Network Policy Control ...... 12 packets’ and fielding support calls from frustrated Why Network Policy Control? ................... 12 subscribers with infected devices, the business market
    [Show full text]
  • Zonealarm Z100G Manual
    Check Point ZoneAlarm Secure Wireless Router Z100G User Guide Version 7.5 August 2007 COPYRIGHT & TRADEMARKS PREAMBLE Copyright © 2007 SofaWare, All Rights Reserved. No part of this The licenses for most software are designed to take away your document may be reproduced in any form or by any means without freedom to share and change it. By contrast, the GNU General Public written permission from SofaWare. License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This Information in this document is subject to change without notice and General Public License applies to most of the Free Software does not represent a commitment on part of SofaWare Technologies Foundation's software and to any other program whose authors Ltd. commit to using it. (Some other Free Software Foundation software is SofaWare, Safe@Home and Safe@Office are trademarks, service covered by the GNU Library General Public License instead.) You marks, or registered trademarks of SofaWare Technologies Ltd. can apply it to your programs, too. Check Point, AlertAdvisor, Application Intelligence, Check Point When we speak of free software, we are referring to freedom, not Express, Check Point Express CI, the Check Point logo, Check Point price. Our General Public Licenses are designed to make sure that you Pointsec Protector, ClusterXL, Confidence Indexing, ConnectControl, have the freedom to distribute copies of free software (and charge for Connectra, Connectra Accelerator Card, Cooperative Enforcement, this service if you wish), that you receive source code or can get it if Cooperative Security Alliance, CoSa, DefenseNet, Dynamic Shielding you want it, that you can change the software or use pieces of it in new Architecture, Eventia, Eventia Analyzer, Eventia Reporter, Eventia free programs; and that you know you can do these things.
    [Show full text]