STTarx®

STTarx has been designed from the ground up to remedy a widely observed flaw in Internet Protocol communications in order to provide secure network communications. The STTarx solution allows organizations to deploy a resilient network architecture that is lightweight, inconspicuous and dependable.

The patented STTarx approach has a ten-year development history. The product has been examined by leading research and security organizations.

Devices protected by STTarx are quiet. The solution has a light, indistinguishable footprint. Unauthorized, inbound and outbound, communications attempts are discarded, tossed away and ignored without displaying or exhibiting a sensible signature or response.

With STTarx, computers and associated network segments are indiscernible. Directed attacks are ignored, thereby mitigating denial attacks. Communications require a four–factor, 512–bit, authorization between participating devices in a true peer–to–peer model which is easily managed by an intuitive, centralized, interface which does not present a single point of failure.

Static encryption does not exist — the patented methodology constantly alters encryption algorithms, key lengths and keys in seconds while encrypting the data that is being transmitted. An additional, secondary, encryption is applied, per–packet, in order to further protect data–in–transit.

Frequently Asked Questions

What Operating Systems does STTarx run on?

STTarx currently runs on the following Operating Systems:

  • * Windows XP Professional Service Pack 3 (NT 5.1)
  • * Windows XP Profession x64 Edition Service Pack 2 (NT 5.2)
  • * Windows Server 2003 R2 Service Pack 2 (NT 5.2)
  • Windows Vista (NT 6.0)
  • Windows 7 (NT 6.1)
  • Windows 8 (NT 6.2)
  • Windows 8.1 (NT 6.3)
  • Windows Server 2008 (NT 6.0)
  • Windows Server 2008 R2 (NT 6.1)
  • Windows Server 2012 (NT 6.2)
  • Windows Server 2012 R2 (NT 6.3)
  • Windows 10 (NT 10)

Additionally, STTarx has been installed on Windows Embedded Operating Systems, 7 and up, in limited quantities with positive results.

* Versions of Microsoft Windows that are considerd End of Support are not supported without contract. Please refer to the Windows lifecycle fact sheet for more information on Windows End of Support.

Is there a way to secure computers or devices that do not run Windows?

There are a number of small form factor devices capable of running a Windows Embedded Operating System. These "black boxes" can be used to place a STTarx node between devices with either limited computing capabilities or incompatible Operating Systems and the rest of the network. Additionally these "black boxes" can even allow things such as surveillance cameras, sensors, switches or entire network segments to gain STTarx secured capabilities.

Does STTarx replace my current security software or is STTarx installed in addition to my present protection?

STTarx intercepts inbound traffic before any firewall or other application sees it and is the absolute last thing to deal with data outbound. Therefore, STTarx will enhance your present protection. We're confident that after you've been using STTarx for sometime you will have the confidence necessary to reduce the additional resources and expenditure that your present protection requires.

How are devices identified?

A minimum of six (6) attributes are used to generate a Fingerprint ID for a device. One (1) attribute is from the Operating System, two (2) attributes are used from each Processor and three (3) attributes are used from each Hard Drive. All of the attributes are merged in order to generate a unique 128–bit device Fingerprint ID. Furthermore, once a device has registered with the STTarx Server another 128–bit identity is created by the STTarx Server, this is called the Node ID, then the Fingerprint ID and Node ID are merged in order to generate a third 128–bit identity. Additionally, a forth 128–bit identity is generated that is used to identify the connection between two nodes this is called the Subscription ID. All four 128–bit identities, 512–bits in all, must match in order to validate communications between two nodes.

How does the STTarx encryption engine work?

The methodology used by STTarx to rotate through encryption algorithms can be described as a simple iteration over two multidimensional arrays. One array is used for asymmetric algorithms and the other array is used for symmetric algorithms. Both arrays contain information about the algorithms capabilities (algorithm definition) with regards to the minimum key size, maximum key size and skip size (which is used to determine if an algorithm supports multiple key sizes and if so what key sizes are valid). The index of the algorithm for both asymmetric and symmetric algorithm arrays is tracked thereby allowing STTarx to recursively cycle through each array independently. Additionally, each algorithm definition provides the capability to track the next available key size which is dependent on the capabilities (minimum key size, maximum key size and skip size) of the algorithm. When an algorithm definition reaches its maximum key size it simply cycles back to the minimum key size defined and the process of cycling through the valid key sizes continues until the maximum key size is reached again.

How are network packets processed?

The diagram below provides a high-level illustration of how network packets are processed.

What is the network overhead cost of node–to–node authentication and key–exchange?

STTarx node–to–node authentication and key–exchange is accomplished in seven (7) packets. Each time a key–exchange event occurs the roles in the diagram below reverse.

News

STTarx demonstrated the uninterrupted network communications and ease of changing traditionally difficult network security policies on the fly, from security zones to dynamic Virtual Private Network (VPN) encryption ciphers rotating as fast as once per second, all while under cyber-attack. STT remains proud to have empowered the event participating first responders and Verizon's Head of Network & Security Innovation Programs, Jeff Schweitzer, in the next generation Software Defined Perimeter.

Read the entire press release here: STT Next Gen Dynamic Encryption Demonstrated at 2017 Verizon OCR

STT LLC is proud to announce that the STTarx software product has received the DT&E designation of the Department of Homeland Security (DHS). STTarx is now certified as a QATT (Qualified Anti–Terrorism Technology).

Customers of the certified technology now have protection under the SAFETY Act from lawsuits or claims alleging failure of the technologies to prevent or mitigate an act of cyber terrorism. STT LLC is proud that it's STTarx software is the only network protection product that has been certified under the Safety Act to date.

The SAFETY Act — officially called "Support Anti–Terrorism By Fostering Effective Technologies Act of 2002" — is a DHS liability management program aimed at encouraging the development and deployment of security products and services that will enhance the protection of the United States. DHS has designated over 700 products, technologies and services since the SAFETY Act was enacted in 2002. The liability protections provided by the SAFETY Act encourage more effective security deployments by automatically limiting the types of liability claims companies using certain products may face following a terrorist event.

In December 2014 an unnamed ISP experienced a DDoS attack that peaked at a router-straining 400 gigabytes per second, easily the largest denial of service event in Internet history... (Full Article)

STTarx withstood a DDoS attack 5 times larger, 2 terabytes per second to be exact, in an open and live environment during extensive testing and evaluation performed by Troy University and the Alabama Computer Forensics Institute (ACFI) in 2014.

Summary

Troy University and the Alabama Computer Forensics Institute (ACFI) completed the task of carrying out a security assessment and subsequent penetration test of the STTarx product.

The purpose of these tests were to determine security vulnerabilities in the STTarx application in two applied environments. Server configurations and web applications running on the servers were specified as part of the scope. The tests assumed the identity of an attacker or a user with malicious intent. No due care was attempted to prevent damage to the clients and the servers — the threat assessment included thorough, rigorous efforts to compromise traffic, clients and servers, employing a wide variety of techniques.

Approach

  • Controlled test environment
    • Perform broad scans to identify potential areas of exposure and services on the client and the server that may serve as entry points
    • Perform targeted scans and manual investigation to validate any observed vulnerabilities
    • Test identified components to gain access to (1) traffic, (2) client, and (3) server
    • Rank vulnerabilities based on threat level, loss potential, and likelihood of exploitation
    • Identify issues of immediate consequence and recommend solutions
  • Open, live environment
    • Perform broad scans to identify potential areas of exposure and services on the client and the server that may serve as entry points
    • Perform targeted scans and manual investigation to validate any observed vulnerabilities
    • Test identified components to gain access to (1) traffic, (2) client, and (3) server
    • Rank vulnerabilities based on threat level, loss potential, and likelihood of exploitation
    • Identify issues of immediate consequence and recommend solutions

During the network security checks, for both types of tests, we tried to probe ports present-known to us and all available ports. We scanned all published services running on known ports and common operating system level services and attributes. We sought configuration issues and logical errors present with the operating system and associated services. Within the controlled test environment, both the client and server were unpatched Windows operating systems.

Scope

The scope of these tests fell into two categories. In the controlled environment, we scanned the actual devices within the development group. In the open, live environment, we scanned the entire IP subnet of the client and target server networks. The total number of IP addresses scanned for the live test was 512.

Key Findings

Troy University and ACFI did not identify any open ports, live IP addresses in either environment running the STTarx product. Troy University and ACFI did not identify any common insecure services such as VNC, Telnet, FTP, Terminal Services, MySQL, and Microsoft SQL as being externally accessible. Troy University and ACFI often finds these types of services during external penetration tests. During the course of this assessment we did not receive an Internet Control Message Protocol (ICMP) Echo Reply from any hosts. Upon additional reviews of the test and live environments with Troy University personnel and STTarx managers, Troy verified that the configuration in place was for testing purposes and the intent of the configuration was live with no additional security measures in place, which could have affected discovery.

With known knowledge of the configurations in both environments, a directed assault was launched to the IP addresses of the clients and servers. The assets did not respond to any attempt to attack the devices. Furthermore, a vast array of attacks were offered. Included among the attack types were denial of service, distributed denial of services, operating system exploitations, network payload manipulation, malware and viruses.

Once Troy University and ACFI completed its testing regime, another third-party was employed to verify test results and conduct another series of tests. The group reached identical conclusions — the STTarx protected devices could not be observed nor compromised. The tests were conducted by Troy University and ACFI eleven times. Host discovery yielded no results. Service enumeration yielded no results with known active IP addresses. Vulnerability scans of known IP addresses to purposefully exposed services yielded no results. Following the vulnerability scans, we performed manual tests. Those tests yielded no results.

Conclusion

According to our tests, and verified by independent review, the STTarx product functioned as described. In a controlled test environment where all variables were disclosed, the STTarx product performed without failure. In a live, production environment, the STTarx product performed as described. All tests to locate, infiltrate and erode the security of the STTarx solution were unsuccessful.

STT LLC

Board of Advisors

Chairman
James M. Simon, Jr.: Former Assistant Director for Administration of the U.S. Central Intelligence Agency; former Microsoft partner and Chief Strategist of their Worldwide Public Sector.

Member
Edward Hubbard: Former Vice President of Business Development at Uber.

 


Administration

Chairman — Founder
Curt Massey

Chief Executive Officer
Gerald A. Resnick

Technology

Chief Software Architect — Founder
Matt Armatis

Chief Technology Officer — Founder
Rand Lennox

Chief Information Security Officer
Russ Bodnyk

Marketing & Sales

Chief Business Development Officer — Founder
Phil Gambell

Vice President of Sales
Ray Tatom

Director of Governmental Affairs
Jeff Miller

Contact STT LLC

If you have a question or would like to find out more information about STTarx, please fill out the form or contact us directly at: info@sttarx.com

Your Name
Your Email
Company (Optional)
Message