Steelcape Protocol
Steelcape is a protocol library that can be used to replace elements of the existing TCP/IP protocol stack or supplement the existing TCP/IP protocol stack. Steelcape accomplishes this by a blend of computing algorithms and packet manipulation.
Our patented computing algorithms can set and change the protocol ports on a firewall without needing the ability to open the ports of that firewall. Steelcape can even be used to eliminate the TCP/UDP transport layer and thus decrease CPU cycles by an estimated 25% and thus improves network performance up to 30% to 40%. By manipulating the IP packets, Steelcape allows packets to pass through firewalls unchallenged and unmodified.
Topology
The goal of a Steelcape implementation is to completely secure any data transacting between Steelcape Gateways, Agents, and Applets. The Steelcape solution is entirely scalable where an Appliance gateway can act as your Firewall and router for a SMB to hundreds of Appliance Gateways and Mobile Agents securing and accelarating data across an Enterprise implementation.
The diagram shows all of the Steelcape solutions and how they would be implemented on the WAN/LAN. The appliance Gateway is installed in passive mode and just sits as another device on the network behind the firewall. Out in the field is a laptop with the Steelcape Mobile Agent which is a software version of the Appliance Gateway that runs as a service or daemon and is sitting behind a firewall. The Enterprise server is sitting on an administrative node of the newtork along with the other servers and requires a public IP address. The Appliance Gateway and Enterprise server both have browser interfaces for remote managment.
The Steelcape Enterprise Server registers which Appliance Gateways and Mobile Software Agents are allowed to transact data. In an enterprise implementation there is a need to segregate various subnets of the LAN and WAN so Steelcape has incuded a Zone utilty as described below.
Network Zones
A Steelcape deployment enables you to segregate your networks into zones for increased control of data flow. Zones are logical perimeters encompassing one or more LAN’s each with its own Steelcape Gateway. All hosts within a given zone can transact data. Hosts in separate zones cannot communicate. However, you can configure a Steelcape Gateway to operate within “overlapping” zones, relaying data transactions between select segregated hosts.
As an added security measure, Steelcape Gateways themselves do not “recognize” or “understand” zones, and their administration is a function of the Enterprise Server. When one Gateway attempts to “talk” to another Gateway, the destination Gateway consults information provided by the Enterprise Server to determine whether or not the Gateway attempting to communicate is in the same or an overlapping zone. If so, communication proceeds. If not, the destination Gateway simply ignores the communication request.
The diagram shows that the LAN A and LAN B are within Zone 1 and are able to transact data from one another and the same goes for LAN B and LAN C in Zone 2. London exists in the “overlapping” zone, which can be configured in the Enterprise Server and is completely scalable from a SMB to an Enterprise solution.
PCI standards require that the computer processing bank card transactions be segregated from the rest of the network, which could be easily accomplished with a Steelcape implementation.
Steelcape can be deployed on multiple platforms ranging from traditional mainframes to cutting edge operating systems. Steelcape platforms include:
 |
