SAN JOSE, CALIF. -- During the 10 months since the last annual RSA Conference, end-users stood helpless under siege from
a sophisticated new breed of malicious threats, including Code Red and the Nimda virus, and were forced to completely re-think
security protection and policies after the Sep. 11 terrorist attacks.
Behind a backdrop of security awareness and budget considerations, RSA Conference 2002 opens its doors Tuesday to answer
myriad questions from customers seeking to lock down physical access, mobile devices, and wireless networks and get a grip
on emerging online authentication paradigms.
The virus onslaught of 2001 and other increasing vulnerability concerns has made the idea of a traditional security perimeter
"increasingly inadequate" and requires customers to squeeze greater functionality and distribution out of products they purchase,
says Jamie Lewis, CEO of the Burton Group in Salt Lake City.
"Increasingly, enterprises want to centrally manage a security policy but they want to distribute enforcement out to various
devices," said Lewis, noting the infusion of personal firewall capabilities built into machines including Windows XP. "We
see a trend toward data center architectures, SSL acceleration, load balancing, and firewall ... inspection getting built
into these appliances -- sort of a black box all in one. Those are things [are] worth looking at [at] RSA."
Leading the all-in-one charge parade, Symantec will unveil Symantec Gateway Security. The integrated appliance combines
firewall, anti-virus (AV), content filtering, intrusion detection, and virtual private network capabilities under one roof,
according to Symantec officials.
Offered to customers in three different model grades, the appliance features live technology updates and provides multitiered
protection for the network perimeter against intrusion attacks. Product capabilities embedded within the new appliance include
Symantec Enterprise Firewall 7.0; Carrier Scan Server 2.2 for AV; and an integrated IPSec-compliant VPN based on Symantec
Enterprise VPN 7.0.
IBM has its own multipurpose product to unveil at RSA on Tuesday. Big Blue will show its efforts to build stronger security
interfaces for its ThinkPad Notebooks and NetVista Desktops through the announcement of IBM Client Security Software 3.0,
said Clain Anderson, program director, Client Security Marketing for Armonk, N.Y.-based IBM.
Anderson said enhancements to Client Security Software are in place through new interface features. They include fingerprint
and proximity badge verification through compatibility with Ensure Technologies' XyLoc wireless PC solution. Available in
May, a device will be locked away until the authorized user returns to its area. Also, Targus Systems new PC-embedded biometric
fingerprint reader, announced Tuesday and available in March, will pop into a ThinkPad PC Card slot to eliminate the need
for password authentication.
Client Security Software 3.0 will enable simplified "on-the-fly" file encryption with IBM's security chip placing files
in a specified folder featuring optional virus scanning. By being stored on the PC's hard drive behind security chip algorithms,
the files will remain encrypted even if the device is stolen, Anderson said. Lastly, the new Client Security product offers
two-factor VPN authentication without the need for a separate hardware token through interoperability with RSA Security's
RSA SecurID solution.
Lewis said the emerging security implications of wireless LANs are creating significant headaches for security administrators
because any end-user equipped with a wireless remote card must be authenticated.
"Security architectures are going to be treating every [wireless] user as if they're outside the firewall because it will
be impossible to tell which client and where they're going to come from. That's a big issue that everyone should be paying
attention to," Lewis noted.
In addition to its founder and CTO Chris Klaus speaking at RSA this week, on Tuesday Internet Security Systems (ISS) will
unveil Wireless Scanner, its new wireless security vulnerability assessment solution, according to ISS officials. By eavesdropping
on wireless traffic over the air, the scanner can detect and track client attacks and plug access holes outside an organization's
physical site. The new scanner also features WLAN reporting and architecture implementation consulting, as well as mobility
benefits that can extend the device's reach to simulate outside laptop attacks. Wireless Scanner will be available in March,
officials said.
Lewis admitted that a cumulative security barrage over the last year has led users to perceive a new "higher level" of attacks,
that of malicious intent, and in response are determined to seal any type of hole or vulnerability that could leave them exposed.
"Nimda and Code Red were getting [businesses] to think how much it was costing them to be hit. Sept. 11 made them think
it's a very different world and they're going to have to think of security in a different way and they're going to have to
spend more for good reason," Lewis said.
"Certainly, we have seen an increased concern about that across the board. People wanting to find out they've done everything
they can not to be surprised and proactive about not making mistakes," Lewis added.
Both software vendors and managed services security providers (MSSPs) are tackling the issue of vulnerability assessment
at RSA Conference 2002 this week.
Foundstone will announce FoundScan Vulnerability Management Software on Tuesday. The product blankets an enterprise with
vulnerability protection by discovering and shoring up vulnerabilities before they can be subverted, according to Foundstone
officials. The software features Web application testing, wireless assessment, network mapping, customizable online and e-mail
alerting, and reporting tools. FoundScan Vulnerability Management Software will be available in April.
Citadel will announce the beta version of its Hercules product at RSA on Tuesday. The application automates network vulnerability
and remediation to repair exposed operating systems, applications, and databases through available patches, codes, and fixes
aggregated from information security sources BugTraq, SecurityFocus, and security sources Microsoft, ISS, and Network Associates.
Qualys, an MSSP (managed services security provider), will announce new additions to its managed vulnerability assessment
platform. They iinclude an enhanced reporting engine to offer reports to every level of the enterprise, a "try it and buy
it" trial-basis feature for the service, and improved patch and signature aggregation to simplify the process of repairing
spotted vulnerabilities.
Fellow MSSP Guardent will be busy at RSA as well, with its plans to announce the Guardent Perimeter Defense Suite (GPDS)
for Microsoft ISA Server, according to company officials.
McAfee, a division of Network Associates will announce new a drag-and-drop application interface to encrypt and send data
through E-Business Client Software and McAfee E-Business Server, according to McAfee officials. McAfee E-Business Server enables
end-users to secure data transmissions over the Internet using PGP (pretty good privacy) encryption.
E-mail content security vendors Postini and Marshal Software aim to help users halt intrusions targeting e-mail through
solutions to be announced on Tuesday. Postini will launch Active E-mail Management System (AEMS), combining firewall, edge
server, and monitoring capabilities into a single solution for port 25-oriented attacks, said Postini officials. The product
will provide real-time SMTP threat detection and automatic response features, system alerts, and server monitoring and resource
load balancing.
Meanwhile, Marshal Software will announce that its MailMarshal e-mail security product will be integrated with McAfee's
anti-virus engine. The partnership will enable customers to increase automated DAT file scans and faster e-mail policy checking
and enforcement, Marshal officials said.
Taking a page right from the unfolding Enron cover-up scandal, Guidance Software will introduce and demo its beefed-up computer
forensics and audit trail software, EnCase Enterprise Edition. The suite allows customers to perform computer forensics over
local and wide area networks, said Bill Siebert, director of Technical Services at Pasadena, Calif.-based Guidance Software.
Based on secure public key authentication and 128-bit encryption, Siebert said the solution can retrieve deleted files and
entire drives of information on any workstations or servers running on a network.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
