Steelcape Protocol
Steelcape is a protocol library that can be used to replace elements of the existing TCP/IP protocol stack or supplement the existing TCP/IP protocol stack. Steelcape accomplishes this by a blend of computing algorithms and packet manipulation.
Our patented computing algorithms can set and change the protocol ports on a firewall without needing the ability to open the ports of that firewall. Steelcape can even be used to eliminate the TCP/UDP transport layer and thus decrease CPU cycles by an estimated 25% and thus improves network performance up to 30% to 40%. By manipulating the IP packets, Steelcape allows packets to pass through firewalls unchallenged and unmodified.
Topology
The goal of a Steelcape implementation is to completely secure any data transacting between Steelcape Protocol Translators, Host Drivers, and Web Clients. The Steelcape solution is entirely scalable from an small enterprise deployment to thousands of Host Drivers securing and accelarating data across a large Enterprise.
The diagram shows all of the Steelcape solutions and how they would be implemented on the WAN/LAN. The Steelcape Protocol Translator Software is installed on a server in passive mode and just sits as another node on the network behind the firewall. Out in the field is a laptop with the Steelcape Host Driver that runs as a service or daemon and is sitting behind a firewall. The Enterprise server is sitting on an administrative node of the newtork along with the other servers and requires a public IP address. The Protocol Translator Software and Enterprise server both have GUI managment tools.
The Steelcape Enterprise Server registers which Steelcape enabled devices that are allowed to transact data. In an enterprise implementation there is a need to segregate various subnets of the LAN and WAN so Steelcape has incuded a Zone utilty as described below.
Network Zones
A Steelcape deployment enables you to segregate your networks into zones for increased control of data flow. Zones are logical perimeters encompassing one or more LAN’s each with its own Steelcape enabled device(s). All hosts within a given zone can transact data. Hosts in separate zones cannot communicate. However, you can configure a Steelcape enabled Devices to operate within “overlapping” zones, relaying data transactions between select segregated hosts.
As an added security measure, Steelcape enabled devices themselves do not “recognize” or “understand” zones, and their administration is a function of the Enterprise Server. When one Steelcape enabled device attempts to “talk” to another Steelcape enabled device, the destination device consults information provided by the Enterprise Server to determine whether or not the device attempting to communicate is in the same or an overlapping zone. If so, communication proceeds. If not, the destination device simply ignores the communication request.
The diagram shows that the LAN A and LAN B are within Zone 1 and are able to transact data from one another and the same goes for LAN B and LAN C in Zone 2. London exists in the “overlapping” zone, which can be configured in the Enterprise Server and is completely scalable from a SMB to an Enterprise solution.
PCI standards require that the computer processing bank card transactions be segregated from the rest of the network, which could be easily accomplished with a Steelcape implementation.
Steelcape can be deployed on multiple platforms ranging from traditional mainframes to cutting edge operating systems. Steelcape platforms include:
 |
