SWIPSY

SWIPSY was a firewall toolkit produced by the Defence Evaluation and Research Agency in the UK (later QinetiQ). The SWIPSY toolkit was an ITSEC E3 (equivalent to Common Criteria EAL4) evaluated product that allowed additional code to be added to its security ‘compartments’ without affecting the evaluation status of the toolkit itself.

SWIPSY had security properties that assured network and process separation. In particular processes communicating with one network could not communicate directly with the other network other than by ‘trusted mover agents’ that in turn force data to be passed to the format and content checkers. SWIPSY ran on a Trusted Solaris 8 platform, utilising its Mandatory Access Controls to enforce separation between compartments.

SWIPSY, which stood for SWitch IP SecurelY, was used to build an SNMP firewall system called MIDASS.

SWIPSY technology was licensed by Clearswift for use in its Deep-Secure line of guard products.

SWIPSY was used as the basis for a guard for the Citrix ICA protocol by QinetiQ.