SearchContactImprint
secunet - Your No. 1 for IT Security
PUBLIC SECTOR • Government • eGovernment • secunet safe surfer • 
 

High security

 

Government

 

Biometrics/eID

 

Health Services

 

Secure Web Solutions

 

eGovernment

secunet safe surfer

 

Security Validation

 

Evaluation laboratory for IT conformity

 

Contact

 

Training

 

News

 

Events

secunet safe surfer – the safe way to the Internet

Obtaining information from the Internet is absolutely essential to business life today. The risks of dangerous programs that could attack the workstation when surfing are frequently accepted. Alternatively, the company blocks employees from accessing the Internet and only permits access on special PCs that are separate from the internal network.

secunet safe surfer enables your employees to surf safely and comfortably from their workstations. As a result of an intelligent separation of the web browser from the client, viruses can no longer penetrate your internal network. The browser only runs on a dedicated and particularly secure surf server. The users simply view a graphical representation of the sites they visit.

If the surf server suffers a virus attack, the infection can only survive a few hours. At that point, the automatic re-installation program starts and overwrites the attack by re-installing the server system, eliminating the virus.
 

Secure surfing becomes convenient


The solution was developed on the basis of the ReCoBS concept which was developed by the Federal Office for Information Security (BSI).It consists of various Open Source components which, when combined properly, enable secure and convenient surfing in the World Wide Web.

In order to achieve high performance, the surf server should be redundant. However, users may still experience slight delays for multimedia applications. When surfing normal websites, users hardly notice a difference to their insecure Internet access.

Files that are downloaded from the Internet are sent automatically to users by email so that any viruses they contain can be detected by the mail server’s usual virus scanners. This also occurs with documents that are to be printed. This way users can work very efficiently but with substantially improved security.
 

Other security features


The exclusive separation of the web browser and internal network is not enough to completely protect against attacks from the Internet. Consequently, secunet has developed a system of additional security features, such as:
  • Daily automatic integrity check
    The surf server restarts itself every 24 hours from a secure boot medium and checks the integrity of the installed system against the reference database. The administrators are informed automatically about attacks on the system. Then the whole system is re-installed automatically, deleting all existing backdoors and viruses.
  • Avoiding and anonymising user data
    No internal user data are stored on the surf server. The profiles are created anonymously so that they cannot be allocated to their owners.
  • Separate logging
    The log data on events on the surf server are logged on a separated admin server by means of the syslog. This makes it impossible for attackers to cover their traces.
  • Change root environment
    The web browser on the central surf server only has a very restricted view of the server operating system. For example, it cannot view the operating system’s configuration files, which makes them also invisible to potential attackers.

Downloads

Factsheet
secunet safe surfer
© 2007 secunet Security Networks AG
  printprint