LuciGate Frequently Asked Questions
Hardware Firewall appliance hackerproof, Ethernet IP, Network Security. Packet Types, Ports, Sockets Filters, Address Translation, Independent, Transparent, Maintenance Free Hardware Firewall appliance hackerproof, Ethernet IP, Network Security. Packet Types, Ports, Sockets Filters, Address Translation, Independent, Transparent, Maintenance Free Hardware Firewall appliance hackerproof, Ethernet IP, Network Security. Packet Types, Ports, Sockets Filters, Address Translation, Independent, Transparent, Maintenance Free Hardware Firewall appliance hackerproof, Ethernet IP, Network Security. Packet Types, Ports, Sockets Filters, Address Translation, Independent, Transparent, Maintenance Free Hardware Firewall appliance hackerproof, Ethernet IP, Network Security. Packet Types, Ports, Sockets Filters, Address Translation, Independent, Transparent, Maintenance Free Hardware Firewall appliance hackerproof, Ethernet IP, Network Security. Packet Types, Ports, Sockets Filters, Address Translation, Independent, Transparent, Maintenance Free Hardware Firewall appliance hackerproof, Ethernet IP, Network Security. Packet Types, Ports, Sockets Filters, Address Translation, Independent, Transparent, Maintenance Free Hardware Firewall appliance hackerproof, Ethernet IP, Network Security. Packet Types, Ports, Sockets Filters, Address Translation, Independent, Transparent, Maintenance Free Hardware Firewall appliance hackerproof, Ethernet IP, Network Security. Packet Types, Ports, Sockets Filters, Address Translation, Independent, Transparent, Maintenance Free

Q. Why is LuciGate so much cheaper than other Firewalls on the market?

Q. How can you claim it is hackerproof?

Q. Can I configure it over the Network?

Q. Then how do I configure it?

Q. Will it tell me if someone is trying to hack into my network?

Q. Can LuciGate protect me from a “denial of service“ attack

Q. Do I need a firewall for ADSL Broadband?

Q. Does it do Address Translation?

Q. Would every user on the network need their own smartcard?

Q. Do users have to log on to the Lucigate Firewall?

Q. What if someone removes the smartcard from the LuciGate?

Q. What if someone replaces the smartcard with another “modified” smartcard?

Q. Why would I need spare smartcard keys?

Q. How does the LuciGate Firewall protect our network?

Q. How does LuciGate know which packets to let through and which to reject?

Q. How do I program the smartcard?

Q. Does LuciGate require any maintenance?

Q. How long does it take to install the hardware?

Q. Does Lucigate require experts to configure it?

Q. Can you tell if anyone removes the LuciGate Firewall?

Q. What is an Application Gateway?

Q. Why is LuciGate so much cheaper than other Firewalls on the market? A. Because it is a piece of hardware, specially designed to be a Firewall. This is sometimes referred to as a Firewall Appliance. It is not a Unix computer or a Pentium PC running specialised software to make it into a Firewall. There is no additional hardware to buy, no operating system and no licensing costs. Lucidata has never agreed with "per user" licensing - you can have as many users as you like.
Q. How can you claim it is hacker proof? A. Because it is not a computer and does not respond to anything. It simply acts as a filter passing on allowed data. Any other data is simply annihilated as though it has entered a black hole! It does not talk to strangers and therefore cannot be misled. It has to be specifically set up to respond to a Ping from the Inner World.
Q. Can I configure it over the Network? A. No you cannot. This is by design. Responding to any sort of messages on the network is a potential vulnerability.
Q. Then how do I configure it? A. The configuration parameters are written onto a smartcard key which is then inserted into the LuciGate Firewall. The configuration parameters are read into the LuciGate as soon as the card is inserted. Think of it exactly like unlocking a gate in a very controlled way.
Q. Will it tell me if someone is trying to hack into my network? A. The software supplied with the LuciGate includes the LuciGuard program. This can be run on any PC on the internal network and will alert you to potential hacking or spoofing attempts.
Q. Can LuciGate protect me from a "denial of service" attack A. Many packet structures that are used by hackers for this type of attack, are automatically discarded.
Q. Does it do Address Translation? A. Yes - you can "hide" all your IP addresses by mapping them to other addresses which cannot be seen (pinged) from the Outside World.
Q. Would every user on the network need their own smartcard? A. Definitely not! The smartcard is simply the means by which the LuciGate Firewall is programmed with the information about which data packets are allowed through. Normally only one would be supplied with each LuciGate and it should be under the control of the Network Security Officer.
Q. Do users have to log on to the Lucigate Firewall? A. No! Users (or anyone else for that matter) will never know LuciGate is there! Only the person(s) who installed it need know about it. It will not respond to anything, with one exception, as entering into a dialogue with anyone is a potential weakness. The exception is that the LuciGate can be set up to respond to a Ping from the Inner World in order to confirm that it is in place, doing the job. The LuciGate will not act as a proxy, by design.
Q. What if someone removes the smartcard from the LuciGate? A. Then nothing will pass through the Lucigate. It becomes an "air gap".
Q. What if someone replaces the smartcard with another "modified" smartcard? A. All Smartcards are tied to a particular LuciGate or group of LuciGates within one company or department. If the smartcard came from an outside source, LuciGate will recognise it as "foreign" and will not allow data through. It would also flash its LEDs. Spare Smartcards should always be kept under lock and key. It is also advisable to keep the SmartMouse programming unit under secure conditions.
Q. Why would I need spare smartcard keys? A. You might want to have a special smartcard key for allowing maintenance access at certain times. Or to have one ready programmed for a network configuration change. Daytime/Night-time configurations might also be appropriate.
Q. How does the LuciGate Firewall protect our network? A. Basically, like most firewalls, by only allowing permitted, and very well defined packets of data through. But it can also make your network structure invisible to the Outer World by using address translation.
Q. How does LuciGate know which packets to let through and which to reject? A. The smartcard key is programmed with this information which ranges from low level hardware addresses up to specific application level services.
Q. How do I program the smartcard? A. With a "SmartMouse" programming unit which can be plugged into the COM port of any IBM compatible PC. It is supplied with the KeyCutter which runs under Windows 95 or NT. Click Here for a demo version of this program.
Q. Does LuciGate require any maintenance? A. Once it is set up, you can just leave it to do its job.
Q. How long does it take to install the hardware? A. As long as it takes to plug in three cables and turn on the power!
Q. Does Lucigate require experts to configure it? A. Obviously, the person responsible for cutting the smartcard key will need to know what the security policy is, know the structure of the network and have a clear idea of which parts he wants to protect and from what. It should not be a problem for any competent Network Manager. If you do need help you can contact Lucidata or your dealer for assistance.
Q. Can you tell if anyone removes the LuciGate Firewall? A. The unit is supplied with the LuciGuard monitoring program, which will raise an alarm if the LuciGate is removed , bypassed or tampered with. This program can run, optionally, in the background on any PC on the Inner World.
Q. What is an Application Gateway? A. A popular term meaning a Gate that only lets through traffic to or from a specific application. When the LuciGate key is programmed with an application service port number, such as 23 for Telnet, it then becomes a Telnet Gateway.
Q. Do I need a firewall for ADSL Broadband? A. Now that broadband connections appear to be steadily rolling out, the need to consider the security of your network has never been so critical. While many quality ADSL routers provide features that give a good measure of protection, they themselves are in the front line and are totally exposed to the Internet. They are usually managed by an ISP which means they are potentially vulnerable to attacks from anywhere. Placing a LuciGate firewall between the broadband router and your network gives you complete control over the traffic entering your network, even if the router is compromised.
My question is not here! email Lucidata and we will answer it within 24 hours

connectivity, protocol converters, legacy solutions, networks, security, firewalls

Home Page | Send email | LuciGate Firewall | Diplomat jr protocol converters | D90 Range | IDS Data switch | Contact Details

These pages were last updated January 2008