Security Products Dominate DEMO

Welcome Guest. | Log In| Register | Membership Benefits

February 15, 2005 (2:17 PM EST)

Security Products Dominate DEMO

By Fredric Paul ,

(SCOTTSDALE, AZ) - Traditionally a forum for all kinds of technology product introductions, the 15th Anniversary edition of the DEMO conference here featured more security products than any other category.
More than half a dozen security companies showed off new security-related products.
Still, at least a few companies debuted "appliances" that promised to do more than just keep your beer cold:
KoolSpan: Locking Up Devices With Keys
According to KoolSpan, it's not enough to secure the network, you also have to secure the devices attached to the network. That's especially true as VoIP connects new and different types of devices to both wired and wireless nets.
Using 2-factor authentication and 256-bit AES encryption, KoolSpan's SecureEdge TrustChips do the job with hardware "locks" and "keys" embedded in devices from IP phones to laptops, with no servers or network infrastructure required. The technology consists of a lock with embedded smart chip, which is in turn embedded in the device being secured, such as a cell phone or laptop. The user carries a keychain-sized key, also with an embedded smart chip, which he inserts in a port in the device to active the device. Access is managed by a gateway elsewhere on the network.
The technology is designed to bypass the normal hassles of authentication, encryption, and remote access, making VoIP more suitable for enterprise use.
Shipping since the end of last year, SecureEdge costs $4,950 to $9,950 based on the number of users. KoolSpan now hopes to sell the TrustChips to OEMs who will either re-brand them or build them into their network-aware devices.
BorderWare: Making VoIP Safe
VoIP in the enterprise is hot, but it presents a whole host of brand new security issues, including voice spam, denial of service attacks, "man-in-the-middle" eavesdropping, redirects, caller ID impersonation, and hijacking.
BorderWare claims its SIPassure is the industry's first Session Initiation Protocol-based firewall designed to help mitigate these vulnerabilities by authenticating VoIP sessions and setting policies and rules for behavior and responses on the network.
VoIP carriers could use SIPassure to secure the edges of their networks, while enterprise VoIP users would install it between the perimeter firewall and the call manager. The enterprise version of SIPassure starts at $8,000, while the carrier version costs hundreds of thousands of dollars.
IPLocks: An Inside Job?
Keeping the bad guys out doesn't help protect data from people already on the inside. That's where IPLocks' new Information Risk Management Platform comes in. It's designed to secure corporate data and ease compliance with government regulations. Even if an authorized user has permission to access data, the Information Risk Management Platform can notify administrators of risky behaviors, intrusions, changes to data, and policy violations that could affect the privacy and accuracy of the information.
Christine Crandell, VP of marketing, noted that in recent scandals, employees of AOL and Yahoo Japan had sold customer names to spammers. To fight that kind of abuse, IPLocks could be set to flag any employee accessing 100 customer accounts at once, for example.
The 5.0 version of the product, available this month, includes a high-speed data collector that directly scans the memory structure to extract data fast, and with minimal impact on the database. Pricing runs $15,000 per CPU for the database server.
Cenzic: A Security Application For Applications
Cenzic HailStorm 2.0 isn't designed to protect your network. Instead, it's there to protect the applications on your network--and to make sure they comply with internal and regulatory policies. Announced at DEMO, HailStorm 2.0 is designed to automate the process of application penetration testing on both custom and commercial apps.
Unlike most automated application security solutions, Cenzic Hailstorm doesn't look for vulnerabilities by comparing applications against a standard database. Instead, it tries to automate the process of how consultants--or hackers--manually look for security vulnerabilities. Using the same techniques, it can also test for compliance with internal policies and regulatory standards such as Sarbanes-Oxley.
Already shipping to customers in the financial services industry, HailStorm is priced per application, starting at about $5,000 per year per application for 50 to 100 applications, but volume discounts drop as low as several hundred dollars per application when testing thousands of apps.
Imprivata: Making Single Sign-On Easy
Single Sign-On (SSO) has been a key security goal for a while now. Security is reduced when users depend on a multitude of passwords and other authentication methods. Multiple passwords and security methods creates increased loads on corporate help desks to reset forgotten passwords.
Imprivata's OneSign is an SSO appliance designed to solve some of the issues that have kept SSO from becoming a reality in the enterprise. Integrated with the company's software for centralizing and automating administration, deployment, ongoing maintenance and disablement of users, the rack-mounted appliance is designed to make it easy to implement and manage password policies--automatically collecting authorized users' various passwords and not requiring changes in workflow or the applications themselves.
It's also designed to integrate with additional authentication methods such as strong passwords, ID tokens, and finger biometrics. OneSign also generates reports that show who's accessing what and when, and who's violating corporate security policies. That can be valuable to help meet security and password-related compliance requirements.
The "Encore," or 2.8 version of OneSign is due in May, including proximity badges, smart card support, and better workflow. Claiming to make SSO affordable for the enterprise, Imprivata starts OneSign at $17,000 for 200 users.
Metavise: Big Help For Smaller Companies
Of course, large enterprises aren't the only organizations facing security issues. Small and medium-sized companies face threats just as big, but have much smaller resources to cope with them. Metavise EdgeGuard Gateway Security Platform is intended to help smaller companies deal with security by creating an expandable gateway security platform, bringing together a company's software security solutions in a single, easy-to-manage "virtual rack" interface.
A one-stop-shop security appliance designed for companies of up to 1,000 employees, EdgeGuard integrates commercial and open-source security products in a single place. Featured software appliances include AntiVirus Scanner, eMail SpamGuard, Web Content Control, Packet Attack Shield, and Rogue Protocol Control from companies such as Sophos, F-Prot, SurfControl, and Intrusion.
New solutions can be added by downloading from its online store and added to the virtual rack. The products share knowledge about the network traffic in a MetaKnowledge Base.
In Beta now, EdgeGuard is due to ship to VARs and to distributors by the end of the year. According to CEO Dirk Morris, pricing will combine a base fee for the box and filters of about $2,000 to $3,000 along with subscription payments to the specific software solutions chosen.