Security Concerns Weigh on HP, Users

Hewlett-Packard Co. (HP) probably isn’t the first company IT managersthink of when looking for help securing their networks. But the companyhopes to take a more active role in helping its customers secure theirsystems, and helping the IT industry sort out evolving concepts such asidentity management, an HP executive said Monday at the HP TechnologyForum 2005 in Orlando.

By building security-related technologies into its hardware andsoftware products, HP can remove some of the complexity from trying tosecure a company-wide network, said Tony Redmond, vice president andchief technology officer with HP Services. Redmond, along with HPExecutive Vice President Ann Livermore and Russ Daniel, vice presidentand chief technology officer of HP’s software division, kicked off theHP Technology Forum by updating HP’s user community on current projectsand future directions.

The first fruits of HP’s growing security research were releasedearlier this year. HP’s Virus Throttler technology allows ProLiantservers and ProCurve networking switches detect abnormal levels ofnetwork traffic typically associated with worms, viruses or hackeractivity, Redmond said. The technology limits the spread of virusesacross a company’s network by isolating the affected servers orswitches, allowing administrators to catch up to a fast-movingoutbreak, he said.

HP also hopes to further protect its customers by partnering withemerging identity management organizations, such as the LibertyAlliance and the WS-Federation, Redmond said in an interview after hiskeynote address. The goal of these organizations is to develop a singlesign-on technology that would allow users to sign onto a network onceand have access to several different protected Web sites.

HP belongs to the Liberty Alliance, but thinks it can play a role inbringing the two organizations together to develop a single standard,Redmond said. It has developed its own single sign-on technology withinits HP OpenView software that can be deployed within an organization,allowing users to access different password-protected sites within anintranet with a single user name and password. This has improved HP’sunderstanding of the benefits and pitfalls of allowing easy yetprotected access to vital information, he said.

“We’ve got two competing standards. For the good of our customers, we’ve got to bridge the gap,” Redmond said.

HP’s growing emphasis on security was welcomed by Craig Gleason, asystems administrator with Tektronix Inc. Gleason’s company buys HP’sProLiant servers and is very interested in making sure HP stays up todate with evolving security needs, he said.

If HP can demonstrate that its products are more secure than thecompetition, users will respond, Gleason said. “People might startcalling them just for security,” he said.

By Tom Krazit – IDG News Service (San Francisco Bureau)