KSE(Korea Stock Exchange) is the security market which transacts the spot goods and

  derivatives, such as stock, bonds, stock index futures and options, etc. KSE is one of the

  biggest stock exchange markets in the world.

  The data used at KSE is highly classified with national security implications. Thus, it has to be

  strongly protected and secured against any possible espionage and network hacking from the

  internet. Until recently, KSE had maintained two separate networks, one network cable for

  internal network and the other network cable for external network, to assure the network

  security. And KSE used two LAN cards to use the two separate networks.

  In this case, the external users - just few restricted number of employees -had two IP

  addresses for each LAN card. They used two different IP addresses for each LAN card and two

  physically separate networks, so that they thought it would be fare enough to protect and

  secure their internal network.

  But there is one thing they failed to notice. Even though the internal and external networks were

  separated physically and IP address of each LAN card is different, you would say that their

  internal and external network are physically connected through LAN cards all the time.

  The meaning of physical network connection between the internal and external network is that

  there is possibility of hackers penetrating into their internal network. To prove the vulnerability

  of this network configuration, FNET conducted a hacking simulation before the security

  administrator of KSE.  With kinds of Trojan-horse, the internal network of KSE was penetrated

  without any difficulty.

  KSE must provide its employees the complete and effcient access to information on the internet

  without any compromising data and information security.  The decision of KSE was to install

  NetSwitch II-M and to install IPChanger, a bundle program of NetSwitch II-M, on each desktop

  where access to both internal and external network separation with one LAN card, on a single

  network cable.

  First of all, they installed NetSwitch II-M between the internal and external HUB.

  NetSwitch II-M switches the physically separated networks whenever each user demands the

  network conversion. In order to switch the network into another, each user clicks the icon of

  IPChanger, a bundle program of NetSwitch II-M installed on each user's desktop.

  Then IPChanger generates a special packet and transmits the packet into NetSwitch II-M.

  NetSwitch II-M analyzes the packet and switches the network into another. And IPChanger

  reconfigures IP address - if the network is physically separated, it is quite natural that you

  should use two IP addresses for each network - of your computer, in order to access the other

  network. In order to reconfigure IP address on one LAN card, basically it requires a system

  reboot. But IPChanger ensure the reconfiguration of IP address without any system reboot,

  within 1.5 seconds.

  On top of it, IPChanger offers a specific function that you can hide the folder of desktop

  when you are connected with the external network. Specially, KSE employees manage very

  important data and information. So they should protect and secure each user's computer,

  apart from the internal network security. If there is any folder needed to be protected, you

  can define the folder invisible to the external network, through IPChanger.

  Through the physical network separation of NetSwitch II-M and the additional functions of

  IPChanger, KSE can provide its all employees the complete and efficient access to the

  information on the internet without any compromising their internal network security.

  There is not any physical connection between the internal and external networks. It means

  that there is not any hole of hackers penetrating into the internal network.

Copyright by FNET(C) since 1998, All rights reserved