chris - Fotolia
A presentation at Def Con this year on an inexpensive, pocket-sized "travel router" piqued my interest; it can reportedly conceal Internet traffic on the go. How does it work? And how does it differ from routers that use Tor? Will this ever be viable in an enterprise scenario with on-the-go workers?
Being a lover of freedom, I'm always interested in tools that keep a person's every move out of sight of government spies. This tool, dubbed "PORTAL" (which stands for Personal Onion Router To Assure Liberty), is an always-on Tor device. It uses existing Internet connections, but takes the user out of the equation by applying "onion router" protection to all traffic to and from the user's computer without the user having to remember to load a Tor browser and enable protective measures.
As far as anonymity is concerned, PORTAL can be more private than a VPN and is most certainly better than relying on SSL/TLS to protect your organization's network communications. Both of these technologies provide a false sense of privacy and security in that metadata -- such as the protocols and whom you're communicating with -- are in plain sight, not to mention any associated logs that record communications that are forever stamped in history.
So is PORTAL viable for the enterprise? Probably not -- at least for most situations. In today's world, we have enough trouble getting proven technologies such as antimalware and security information and event management working at the enterprise level, so I can't imagine something such as PORTAL is going to scale at this point, especially since it's not even available as its own standalone hardware device; right now, PORTAL is just software that you build into your own system.
However, I have faith in the security entrepreneurs out there -- someone will come up with a solution for the lay-person problem shortly. Perhaps then -- in a few years -- PORTAL will be enterprise-worthy.
Ask the Expert!
SearchSecurity expert Kevin Beaver is ready to answer your application security questions -- submit them now! (All questions are anonymous.)
Get more router security tips
Learn 10 quick router security hints
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective ... Continue Reading
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading