CSI : Security Products On Tap at Conference

The Computer Security Institute conference that kicked off Mondayserved as the launch site for a collection of new and upgraded productsfocusing on security issues that range from network management toanti-fraud services to securing devices on a network.

The conference, in its 32nd year, has drawn 3,000 attendees, accordingto show organizers. The agenda of keynote and panel discussionsincludes the evolving responsibilities of CISOs, the latest insecurity-related legislation and regulatory issues, how neurosciencewill affect the future of computing, and even a keynote speech aboutWashington by New York Times columnist William Safire.

In the conference’s exhibition hall, vendors are demonstrating their latest security offerings, including:

Cloakware

Cloakware upgraded its Cloakware Server Password Manager (CSPM)software for application-to-application authentication. Instead ofrelying on IDs and passwords that are “hard coded” into applicationsrequiring access to data stored on servers, CSPM allows corporatedevelopers to embed routines into their applications that acquirecredentials for access at runtime from a central credential store, saysRobert Grapes, senior product manager with Cloakware. More and more,auditors are recommending companies move away from hard-codingpasswords in order to stay in compliance with new regulations, Grapessays.

Version 2.0 features password synchronization that automaticallychanges application passwords on a regular basis — typically every 90days, says Grapes — to enhance security. It also features newadministrator controls and new features for managing theencryption/decryption keys that protect server credentials. The upgradeis priced at US$1,000 per ID-and-password combination.

Cloakware also announced an appliance version of its software, calledCSPM Express, designed for small and medium-sized businesses. Priced at$100,000, the appliance is designed for companies with 200 servers orless.

StillSecure

StillSecure updated its Safe Access network access software designed toensure only compliant devices are allowed access to an enterprise’snetwork. Version 4.0, available now and priced at $50 per IP address,works with 802.1x’s hardware-level policy enforcement for quarantiningdevices deemed non-compliant, according to company officials.Non-compliant devices can be directed into one of a number of virtualLANs — including guest, departmental, or individual — depending onthe device’s level of security, they say. Once quarantined, devices canbe put through remediation automatically by leveraging Safe Access’Enterprise Integration Framework that works with a number of patchmanagers, or device users can be directed to resources pertaining toself-remediation, they say.

Ipswitch

Network management software maker Ipswitch launched WhatsUpProfessional 2006 Premium Edition, aimed at small businesses. Thesoftware upgrade features new application management features,adherence to SNMP v.1, v.2, and v.3 specifications for monitoringdevices attached to the network, as well as expanded, standards-basedreporting, according to company officials.

WhatsUp Professional 2006’s application management features work withMicrosoft Exchange- and SQL Server-based programs. The enhancedreporting feature provides HTML-based reporting on all network-basedapplications and devices and provides statistical and performancemeasurements, officials say. Other improvements include Web contentmonitoring, router bandwidth monitoring and trend analysis, additionalpredefined reports, Web alarms, pager notifications and database tools,they say.

WhatsUp Professional 2006, Premium Edition is available now and ispriced between $2,495 and $4,995, depending on the number of networkdevices managed.

Sana Security

Sana Security announced Primary Response SafeConnect, software designedto protect desktops from spyware, adware, and phishing attacks. Thesoftware detects malicious code in three ways; leveraging the includedknowledge-based system to search for malware characteristics, usingheuristics to detect activity created by Trojans, keyloggers, silentbackdoors and rootkits, and protecting from anomaly-based threats bylearning normal application file path behaviors, according to companyofficials. These techniques eliminate the need for scanning orsignatures and provide instant protection, they say.

Primary Response SafeConnect is available now as a free beta download.Pricing for the generally available product will be announced earlynext year, officials say.

M-Systems

M-Systems launched Xkey Shield, software designed to let corporationscontrol the use of removable devices and media on their networks.Priced at $50 and available now, Xkey Shield is desktop and serversoftware that lets network administrators track the usage of andenforce policies regarding removable devices including USB Flashdrives, MP3 players, digital cameras, and CD/DVD burners and printers.Enterprises can define which types of these devices are allowed ontheir network and restrict those that are not, or enforce “read only”mode, company officials say. The software also generates reports ondevice usage.

Guardium

Guardium announced SQL Guard Database Firewall, designed to preventunauthorized access to corporate data. This policy-based firewallmonitors SQL-level access to databases and represents a key componentof enterprises’ layered security strategies, according to companyofficials. The firewall, which works with databases from Microsoft,IBM, Oracle and Sybase, includes a module for building policies thatregulate database access control and enforcement. It includes featuressuch as redundant power supply, RAID storage technology, and the optionto be deployed in a dual redundancy fashion with hot stand-bycapabilities.

SQL Guard Database Firewall is available now, starting at $50,000.

Lancope

Lancope released an anomaly-detection appliance for routers andswitches based on sFlow network monitoring and management technology.StealthWatch Xe for sFlow, available now starting at $29,995, workswith products from Foundry Networks, HP, and Extreme Networks andanalyzes sFlow records without requiring expensive sensors placedthroughout the enterprise, according to company officials. The productinspects network traffic for application-specific policies such as portusage and automatically blocks threats such as zero-day anddenial-of-service attacks and worms, as well as policy violations, atthe network’s edge, they say.

Cyveillance

Cyveillance will unveil its enhanced online anti-fraud service, whichmonitors the Internet daily, searching for company-specific threats andfraud. The updated service provides a number of ways to help companiesprotect their brand and customers online, according to officials withthe company. The service’s Abuse Box Integration feature analyzes thecontents of a company’s “report suspicious behavior” inbox to verifythreats. The service also blocks pharming attacks — where visitors totrusted sites are redirected to bogus Web sites designed to stealcustomer information — by automatically detecting unauthorized IPaddress changes. Once a fraudulent site is detected, Cyveillance’sservice can quickly take it down, often before visitors are lured toit, officials say. And the service can track fraud and abuse worldwide,in any language, they say.

The enhanced service is available now; pricing varies depending on the scope of services used.

By Cara Garretson – Network World (US online)