Posts Tagged ‘TLS’

REDCOM Picks Mocana to Secure Carrier Class 4/5 IP Softswitch Solutions

Tuesday, December 8th, 2009

pic5-27Victor, N.Y. and San Francisco (November 24, 2009)‚ REDCOM Laboratories Inc., a company that designs and manufactures digital and IP-enabled telecommunications systems, today announced a technology partnership with Mocana to secure REDCOM’S TRANSip® IP technology suite. REDCOM announced an agreement to integrate Mocana’s NanoSSL™ Advanced™ device integrity software to implement secure SIP over TLS and to encrypt remote administration of REDCOM HDX and SLICE® 2100™ softswitches. Mocana’s security technology embedded within these REDCOM platforms protects users from eavesdropping, data theft and VoIP man-in-the-middle attacks by encrypting content and authenticating endpoints at carrier-class traffic volumes and speeds.

TRANSip is a Mocana-secured, fully integrated VoIP and TDM solution available for the REDCOM HDX and SLICE 2100 Carrier Class 4/5 softswitch platforms that incorporates the benefits of TDM and IP technologies. TRANSip provides a SIP Call Controller, Media Gateway, Media Gateway Controller, and a full range of related IP telephony capabilities and features. TRANSip also supports traditional TDM transport and signaling interfaces and features.

NanoSSL is Mocana’s super fast, super small SSL/TLS solution specifically designed to speed product development while providing best-in-class device security services for resource-constrained environments. NanoSSL is open-standards based, extensible, extremely small footprint, platform-agnostic and includes an optional government-certified FIPS 140-2 level one-validated crypto core. NanoSSL includes a full-featured key generator and certificate management client, and even supports Government Suite B crypto algorithms and the new RFC standard for TLS 1.2. Free source code evaluations of NanoSSL are available to developers at www.mocana.com/evaluate.html.

“Our customers demand robust security from our IP-based switch platforms,” said Klaus Gueldenpfennig, President of REDCOM. “They also expect very high throughput and high availability. Mocana’s government-certified cryptography software stood out head and shoulders above the rest. Their stellar engineering support and embedded security expertise made Mocana an easy choice when we went looking for a security partner.”

“REDCOM’s TRANSip incorporates a full VoIP and TDM feature set in a single Next Generation Network platform, coupling REDCOM’s world-renowned reliability with best-in-class Mocana device security,” said Adrian Turner, Mocana’s President and CEO. “TRANSip offers their customers all the ROI benefits of secure VoIP while still leveraging customers’ substantial investments in existing network elements.”

For more information about REDCOM’s HDX and SLICE 2100 with TRANSip, please email sales@redcom.com or call 1.585.924.7550. For more information about Mocana’s NanoSSL software, visit www.mocana.com/nanossl.html or call 415.617.0055.

About REDCOM
For more than 30 years, REDCOM has specialized in the design and manufacture of innovative telecommunications products noted for their quality and reliability. REDCOM products provide customers with state-of-the-art public and private network systems, ISDN systems, integrated TDM and VoIP systems, transportable systems, programmable systems, and test equipment.

Located in Victor, New York, REDCOM markets to a global customer base including commercial telecom service providers, private networks, integrators, emergency responders, and government and defense agencies, customizing products to meet each market’s specific needs. All REDCOM products are proudly designed, manufactured and assembled in the United States.

About Mocana
Mocana secures the “Internet of Things” – the 20 billion datacom, smartgrid, federal, consumer, industrial and medical devices that connect across every sector of our economy. These devices already outnumber PCs on the Internet by five to one, representing a $900 billion market that’s growing twice as fast as the PC market. Every day, millions of people use products sold by over 100 companies that leverage Mocana’s Device Integrity software, including Dell, Cisco, Honeywell, General Electric, General Dynamics, Avaya, Nortel Networks, Harris and Radvision, among others. Mocana won Frost & Sullivan’s Technology Innovation of the Year award for 2008 for Device Security, and was named to the Red Herring Global 100 as one of the “top 100 privately-held technology companies in the world” in January 2009.

Tags: , , , , ,
Posted in Uncategorized | 1 Comment »

Tech Heavyweights in Secret Crash Program to Fix Serious SSL Flaw

Sunday, November 8th, 2009

pic2-24A recently discovered bug in the Secure Sockets Layer (SSL) protocol could affect web servers, browsers and smart cards, as well as embedded devices with SSL-enabled firmware.

In a recent Dark Reading security article, Marsh Ray, who discovered the vulnerability, says it could “…allow a man-in-the-middle to do bad things to your SSL/TLS connection. The [attacker] in the middle is able to inject his own chosen text into what your application believes is an encrypted, secure communications channel…”

The bug is a result of a gap in the regeneration phase of the authentication process, at which time applications often call for a refreshing of the encryption. The Internet Engineering Task Force (IETF) is already preparing an extension to the SSL/TLS protocol that will address the flaw. According to Ray, the fix “defines an extension header that lets a client and server indicate what they believe was going on over the communications channel before the renegotiation. It restores the continuity of authentication.”

Once the extension is made available, it will then fall on developers whose products use SSL to release security patches to their users.

Tags: , ,
Posted in Uncategorized | 1 Comment »

MOCANA CASE STUDY:
Securing CPU Tech’s Acalis Sentry

Tuesday, November 3rd, 2009

pic2-23Nowhere is device security more crucial than in Defense applications. The mission-critical requirements of defense settings demand a fully integrated security architecture, built from the ground up.

Mocana customer CPU Tech, a leader in secure processing solutions for defense, has recently announced Acalis Sentry. This software/hardware combination encrypts embedded software and manages internal security settings for their Acalis CPU872, the first commercially available trusted embedded processor that addresses the anti-tampering requirements of military and commercial systems, as defined by U.S. Department of Defense (DoD) Instruction 5200.39.

CPU Tech needed a system to authenticate connections between the client and Acalis Sentry Server, as well as issue and authenticate self-signed X.509 certificates. And because their product applications include secured embedded systems, it needed to be optimized for resource-constrained environments.

nanosslbox2They chose Mocana’s NanoSSL.

Mocana’s super fast, super small SSL/TLS solution was specifically designed to speed projects like CPU Tech’s while providing best-in-class security services for performance-critical environments. NanoSSL is open-standards based, extensible, configurable, easy to integrate, extremely small footprint and platform-agnostic. And the crypto core at the heart of NanoSSL is government-certified FIPS 140-2 level-1-validated — crucial to CPU Tech’s solution.

CPU Tech found that NanoSSL was actually going to be less expensive for them than OpenSSL, when engineering, testing and support costs were factored in — besides which, initial evaluations showed that OpenSSL would not be able to meet CPU Tech’s stringent performance requirements and long-term maintenance of FIPS certification. Another reason for CPU Tech’s selection was Mocana’s guarantee that NanoSSL contained no GPL code, so CPU Tech could be confident that their intellectual property wouldn’t accidentally become public domain because of “GPL contamination.” This “Trusted Source” software is a key value offering for Defense customers.

For more information about CPU Tech and its products, visit them at www.cputech.com, or click here.

Tags: , , , , , , , ,
Posted in Uncategorized | 1 Comment »

MOCANA CASE STUDY:
Securing Radvisions Multiconferencing Unit

Monday, October 26th, 2009

pic5-22As videoconferencing becomes more widespread, even the most sensitive meetings are migrating online. Mocana customer Radvision knew it needed to do something to protect their government and commercial customers’ most sensitive videoconferences from hackers, interception and eavesdropping.

Radvision (NASDAQ: RVSN) is the industry’s leading provider of products and technologies for unified visual communications over IP and 3G networks. They offer one of the broadest sets of standards-based video networking technologies on the market today. Radvision is driving the unified communications revolution by combining the power of video, voice, data and wireless – in videoconferencing systems, mobile video solutions and highly scalable video-enabled desktop platforms for IP and next-generation cell networks.

Open-source security tools were considered, but the option was discarded because they were unsupported, unreliable and proved difficult to port to Radvision’s advanced, special-purpose platforms. Neither could they meet Radvision’s stringent performance requirements. Radvision also needed FIPS 140-2 level one validation for their core security libraries in order to address the needs of their most sensitive government and government-contractor customers – something open source couldn’t offer.

Radvision turned to Mocana, tightly integrating Mocana’s NanoSSL™ solution into the Radvision Multiconferencing Unit http://www.radvision.com/Products/Video-Products/MCUs/default.htm and the Radvision Gateway http://www.radvision.com/Products/Video-Products/Gateways/default.htm.

Mocana’s super fast, super small SSL/TLS solution was specifically designed to speed product development projects like Radvision’s while providing best-in-class device security services for performance-critical environments. Radvision loved NanoSSL’s open-standards based, extensible, extremely small footprint, platform-agnostic and government-certified FIPS 140-2 level-1- validated crypto core. Best of all, Radvision found NanoSSL to be surprisingly affordable: their total cost of ownership ended up being substantially less than what they had anticipated for open source, when engineering and support costs were included. And Mocana’s NanoSSL helped them get new, more secure versions of their products to market much faster than expected.

For more information about RADVISION and its products, visit them at www.radvision.com

Tags: , , , , , , , , ,
Posted in Uncategorized | No Comments »

BridgeCo Selects Mocana to Secure “App” Delivery & Protect Software Updates for New Net-Connected Home Entertainment Platform

Sunday, October 18th, 2009

pic1-21SAN FRANCISCO – October 19, 2009 – BridgeCo and Mocana today announced a technology partnership to protect the next generation of digital music players and networked home entertainment systems. BridgeCo has selected Mocana to secure “app” delivery and software updates for their popular “JukeBlox” platform, on which many well-known consumer brands of digital music player are based. Mocana’s NanoSSL™ software, embedded within the BridgeCo “JukeBlox” platform protects JukeBlox-based consumer electronics and music players from viruses, malware and trojans by authenticating the sources of software updates and guaranteeing the integrity of the new code delivered.

BridgeCo’s extensive experience in audio streaming and networked home entertainment systems makes the JukeBlox platform a proven, mature, and flexible foundation that many well-known consumer electronics brands build upon, including Pioneer, Denon, Harman Kardon, Nokia, Philips, and Grundig, among others. JukeBlox tightly integrates with many content, advertising and interoperability partners including as Pandora, Rhapsody, Napster, Flickr, Picasa, Sirius, Clear Channel, Google, Microsoft and Apple.

The JukeBlox Platform is the industry’s most comprehensive Digital Media Player (DMP) software/middleware development platform, application code and SDK. The JukeBlox Platform for Wi-Fi Audio DMP and Internet Radio products enables the delivery of digital content available from USB 2.0 storage, broadband Internet connection or the PC to consumer entertainment equipment. The platform also provides support for an Alarm clock and AM/FM Tuner (with or without RDS). The platform supports network connectivity through Wi-Fi or wired Ethernet and is designed to comply with industry standards (UPnP, DLNA, Certified for Windows, Play4Sure, etc). The platform is optimized for digital rights management using a secure co-processor and Mocana NanoSSL technology for encrypted and authenticated delivery of new software “apps” and updates, letting consumers customize their home entertainment systems with new features and functions as well as leverage the latest performance improvements, audio standards and bug fixes.

nanosslbox2NanoSSL is Mocana’s super fast, super small SSL/TLS solution specifically designed to speed product development while providing best-in-class device security services for resource-constrained environments. NanoSSL is open-standards based, extensible, extremely small footprint, platform-agnostic and includes an optional government-certified FIPS 140-2 level-1- validated crypto core. NanoSSL includes a full-featured key generator and certificate management client, and even supports Government Suite B crypto algorithms and the new RFC standard for TLS 1.2. Free source code evaluations of NanoSSL are available to developers here.

“Trusted audio brands use the BridgeCo platform because we understand qudio electronics and home networking technologies, and the cool new things we can do when the two come together in unexpected ways.” said Gene Sheridan, CEO of BridgeCo. “But no piece of stereo equipment is ‘finished’ when it leaves the store anymore.  Consumers expect to be able to update it, upgrade it, and enjoy new apps that are coming available every day over the web. Mocana’s software makes sure that we can deliver those features to our customers – and their customers – with confidence.”

In addition to BridgeCo, over 100 major consumer electronics and computer device companies including Motorola, Cisco, Intel, General Electric, Honeywell and Siemens rely on Mocana software to guarantee device integrity for their products in the consumer, medical, industrial, IT and military markets.  NanoSSL is part of the new 5.1 release of Mocana’s Device Security Framework, the industry’s most comprehensive suite of embedded security solutions for non-PC devices.


About BridgeCo
BridgeCo Inc. is a leading provider of network media processors and related software, middleware and SDK solutions for enabling network and internet connectivity in home CE products. BridgeCo is an ISO 9001 and ISO 14001 certified company with operations in Huntington Beach, California, Zurich, Switzerland and Bangalore, India.  Its key investors include Advent Venture Partners, Balderton Capital (formerly Benchmark Capital Europe), Cipio Partners, Earlybird Venture Capital, ETV Capital, Fidelity Ventures, Intel Capital and Wellington Partners.

About Mocana
Mocana secures the “Internet of Things” – the 20 billion datacom, smartgrid, federal, consumer, industrial and medical devices that connect across every sector of our economy. These devices already outnumber workstations and servers on the Internet by at least five to one, representing a $900 billion market that’s growing twice as fast as the PC market. Every day, millions of people use products sold by over 100 companies that leverage Mocana’s Device Integrity software, including Dell, Cisco, Honeywell, General Electric, General Dynamics, Avaya, Nortel Networks, Harris and Radvision, among others. Mocana won Frost & Sullivan’s Technology Innovation of the Year award for 2008 for Device Security, and was named to the Red Herring Global 100 as one of the “top 100 privately-held technology companies in the world” in January

Tags: , , , , ,
Posted in Uncategorized | Comments Off