|A | B | C | D-E | F | G-I | M-N | P | R | S-T | U-V | W|
Wi-Fi security company AirTight Networks has announced the availability of its SpectraGuard SAFE wireless endpoint security software. SAFE expands on the ideas of wired perimeter security to include laptops, cell phones and PDAs, and provides enterprises with the ability to centrally define policies and actively manage wireless connections from these devices. It controls device connectivity over 802.11, Bluetooth, EvDo and other networks, and allows the administrator to set policies based on where and with what connection the user is connecting. The product delivers enterprise-class threat detection with few false alarms and extra data using AirTight's "3x3 security model:" SAFE's three keys of wireless security -- detecting, preventing and locating threats -- are bolstered by its use of stateful device and network awareness, and signature- and behavior-based analysis of wireless connections. The software runs on a variety of PC hardware, including Windows, and is compatible with WLAN and other wireless service cards. Later this year, SAFE is expected to be able to link into AirTight's SpectraGuard Enterprise to aid businesses that want to deploy uniform wireless perimeter security across portable devices.
AirTight's SpectraGuard SAFE Enterprise Edition starts at $20 per user.
Aladdin Knowledge Systems
Aladdin Knowledge Systems is pushing the envelope with two new releases aimed at easing network identification: eToken NG-Flash and NG-OTP. NG-Flash combines strong authentication with the convenience of Flash storage, available in three different sizes: 128 Mb, 512 Mb and 1 Gb. The USB-based token stores users' credentials, personal information and encryption data, minimizing the steps needed to authenticate users on various applications. NG-OTP offers a combination of USB and one-time password authentication. But, key to this token's usability is its extended battery life--purported to be seven years, or 14,000 clicks. And, no longer does a dead battery mean a useless token: Included on NG-OTP is a low-battery indicator. (Aladdin will offer battery replacements for the token when needed.)
Although both products have been announced at the RSA Conference, neither will be available for general purchase until March. Visit the Aladdin booth (1247) for more information.
Application Security (AppSecInc) announced the latest version of its real-time intrusion detection and auditing solution, AppRadar 3.0.This version offers enterprise-level database security and intelligent, real-time monitoring/auditing capabilities in a single platform.
Its monitoring and auditing capability allows customers to define the information and events to be monitored, as well as the specific data that will -- or will not -- be captured as part of that process. This avoids both unnecessary compliance auditing/reporting and the redundancy of having sensitive data in multiple systems.
Through tighter integration with AppSecInc's AppDetective vulnerability assessment tool, organizations can address the gap between the identification of vulnerabilities and their remediation. In the process of scanning, if previously known vulnerabilities have not yet been addressed, AppRadar automatically creates policies and deploys them to monitor those issues until they are resolved.
Pricing is $2,000 per unit under protection per year, and $10,000 for up to five users for the optional AppSecInc Console.
Arcot Systems announces SignFort, a secure authentication server that supports distributed digital signing, enabling the authenticated electronic signing of PDF and xml documents. SignFort holds signing keys on a centralized server, rather than have the keys sitting at the client, as is the case with smartcards and is applicable to any enterprise that wants to enable digital signatures, but keep the signing keys for individuals on a discreet secure server.
Pricing ranges from about $1-$12 per credential, depending on number of users.
Aventail Secure Collaboration
On Monday, Aventail announced Aventail Secure Collaboration, a Web collaboration solution that enables users to instantly collaborate with remote teams through a Web-based interface. Aventail Secure Collaboration includes Remote Helpdesk, Web conferencing, Instant Messaging and Secure VoIP chat. Secure Remote Helpdesk provides users with VoIP- and text-enabled remote helpdesk and network connection. The solution also offers Web conferencing and supports VoIP, instant messaging, white boarding, application sharing and dynamic meeting management functionality. The product integrates into the company's SSL VPN gateway and supports up to 500 concurrent users running Windows, Mac, Linux and PocketPC.
Pricing for 10 concurrent users is $4,995. You can visit Aventail at booth 1631.
Bivio 12-Gigabit Appliance Combination
Bivio Networks introduces a12-Gigabit processing combination optimized for complex security/network applications. This provides the high-speed, deep-packet processing required to power security applications that include intrusion detection/prevention systems, firewall/VPN, antispam, antivirus, distributed denial-of-service protection, content filtering and unified threat management. Bivio's high-speed hardware platform combined with a Linux software execution environment delivers high performance for security products that demand higher processing and network speed.
Pricing information is not available at this time.
BMC Identity Management for .NET
Software vendor BMC will showcase its recently announced BMC Identity Management for .NET here at the RSA conference. The product addresses identity management needs including workflow, directory management, audit, self service, single sign on, delegated administration and federation. The platform leverages resources inherent in the Microsoft infrastructure across heterogeneous IT environments, saving users dollars, time and resources.
Geared toward small and mid-sized businesses, BMC Identity Management for .NET sits on top of the .NET framework, allowing customers to leverage their existing resources and eliminating the need for additional middleware or hardware.
The base price for a solution that provides Web Access Management for 1,000 users is approximately $50,000; a solution that manages the provisioning for 1,000 users would cost $75,000.
To bolster its eTrust Identity and Access Management (IAM) Suite, CA is announcing the integration of its software products eTrust SiteMinder, a Web access management solution, and eTrust Single Sign-On, an enterprise SSO solution. Together, these two products will provide integrated SSO functionality that works across both Web-based and legacy/client-based applications, enabling improved user productivity and lower help desk costs. CA's IAM Suite includes Web access control, enterprise SSO, identity administration, user provisioning, user directory, identity federation and Web services security to manage mainframe, distributed, Internet and mobile infrastructures.
Pricing information is not available at this time.
CallingID's Safety Seal protects users from Internet fraud and identity theft when they log in to a Web server. It is software installed on a Web server. Once installed and linked to one or more login pages, every user that tries to login, continues using the same username and password without the need to learn a new authentication method. If a phishing site tries to redirect him from the real site to a phishing site - that phishing site will receive a false password. Even if the users' computer is infected by hostile software like spyware, Trojan or keylogger, the login parameters cannot be identified by that software. When a user logs into his online account, in cases where such hostile software exists, the hostile software is led to detect a false password while the real password is safely delivered to the site using strong encryption. CallingID uses a special technology that neutralizes all hostile software. Safety Seal is available for Internet Web sites installed on Unix, Linux and Windows machines and for clients using Windows 2000 or XP.
Pricing for Safety Seal starts at $5 annually per client.
OCTEO CN30XX and CN31XX
Cavium Networks has announced new highly integrated single and dual-core MIPS64® processors. The new OCTEON CN30XX and CN31XX family of SOC (system on a chip) processors integrate a custom MIPS64 processor core with the industry's most advanced multi-layer application acceleration and security processing hardware, along with a wide range of networking I/O options to deliver breakthrough features and price/performance for next generation networking, wireless, control and storage applications.
Pricing information is not available at this time.
CipherTrust IronMail version 6.1
CipherTrust IronIM version 2.0
Arming users with products to keep e-mail communications secure, CipherTrust is unveiling two products here at the show. First, the company will announce version 6.1 of its flagship product, CipherTrust IronMail. This all-in-one gateway security appliance includes antispam, zero-day antivirus, content filtering and gateway-to-gateway encryption. One of its features is deeper integration with CipherTrust's TrustedSource global threat correlation engine, allowing administrators an integrated view of global e-mail sender reputation, and giving them greater control and reporting capabilities. Furthermore, the new version provides deeper localization for enhanced accuracy and effectiveness in the Asia-Pacific markets.
Meanwhile, the company is taking the wraps off of its latest version of its IronIM. The new product allows security administrators to integrate policy to secure, log, monitor and encrypt enterprise IM communications. IronIM version 2.0 supports AOL Instant Messenger, MSN Messenger, Yahoo! Messenger and corporate IM solutions including Microsoft LCS and IBM Same Time. It does not require deployment of a new IM client.
The offering automatically encrypts intra- and inter-company conversations, files and content transparent to the IM service, without requiring user involvement. Leveraging CipherTrust's existing SpamProfiles and IntrusionDefender technologies, the product utilizes multiple content filtering techniques to identify and stop spam, viruses, worms and intrusions. An easy-to-use Web GUI can be used to enforce corporate policies.
Pricing for IronIM version 2 is $5,995; CipherTrust IronMail 6.1 is priced at $9,995.
Web Application Firewall Standard Edition
Access Gateway Enterprise Edition
Citrix Systems has announced two products. The Citrix Web Application Firewall Standard Edition is designed to protect Web applications from the growing number of application-layer attacks. The new Express Mode allows enterprises to protect information residing on Web servers without degrading application response time.
Citrix Access Gateway Enterprise Edition, designed for complex enterprise SSL VPN environments, provides a secure single point of access to all protocols and applications.
Access Gateway Enterprise Edition pricing starts at $2,495, and concurrent user licenses start at $99. Citrix Web Application Firewall Standard Edition is $20,000 for the 100 Appliance Platform and $30,000 for the 200 Appliance Platform.
Enterprise Configuration Manager 4.8
Configuresoft announces Enterprise Configuration Manager (ECM) 4.8, delivering cross-platform, continuous compliance for organizations with large, non-centralized IT infrastructures.
ECM Executive Compliance dashboards provide enterprise visibility for adherence to regulatory mandates like SOX, HIPAA, GLBA, FISMA and industry-best practices like PCI, DDS and Microsoft secure, and hardening guides across Windows, UNIX and Linux platforms. The compliance dashboards, available via the Web, allow quick drill-down to supporting reports, machine detail and simple one-click enterprise remediation.
ECM collects tens of thousands of detailed asset, security and configuration data settings from each networked Windows, UNIX and Linux server and workstation--storing that information in a centralized configuration management database for immediate access, analysis and reporting.
ECM enforces security policies by automatically resetting configurations to their predefined standards when an unauthorized change occurs. By leveraging the information stored in the CMDB, IT administrators can assure that the policies they develop and actions they take are appropriate for the IT infrastructure. These capabilities help IT organizations keep their critical systems properly configured, while ensuring security compliance.
ECM 4.8 is available in April. Pricing is $995 per server, $40 per workstation; optional pricing for Security Update Manager, ECM's patch assessment and verification module, is $25 per server, $5 per workstation.
Secure LAN Controller
Consentry announces general availability of its Network Admission Control (NAC)-in-a-box solution, supporting Cisco Trust Agent and the Cisco NAC framework for Secure LAN Controller and integrating Check Point Clientless Security software. The Secure LAN Controller inline networking appliance integrates network admission control, user auditing, access control and malware containment. Network/security managers have total user control by performing real-time monitoring of all LAN traffic up to layer 7. The product associates traffic to users and applications, and automatically enforces network usage policies on a per user, per application and post-admission basis.
The Controller delivers network admission control by enforcing user authentication, host integrity checks and remediation. The ConSentry Insight Manager provides a centralized control station that provides a single view of all user activity and security incidents across the enterprise LAN. To enforce user access control once a user is granted admission to the network, the Secure LAN Controller provisions and enforces which applications and resources each user or group of users have access to on the LAN. The Controller also detects and contains known and unknown malware in milliseconds before it spreads and takes down a network.
Pricing for Secure LAN Controller 1000 version is $17,995, and the 2400 version is $27,995.
PolicyMaker Application Security 2.0
DesktopStandard is adding on to its Group Policy Management Console with the release of PolicyMaker Application Security (PMAS) 2.0. PMAS allows network administrators to enforce the security principle of Least Privilege on Windows desktops via Microsoft's Group Policy change and configuration management system. It enables admin to reduce or elevate permission levels on a per-application and per-task basis, eliminating the need to manually raise each user's privilege levels for all applications and exposing the network to unnecessary risk. PMAS also reduces the permission level for admin working on general applications such as Microsoft's Internet Explorer and Outlook, and it allows restricted users to install approved Active X controls while running IE in their restricted security context. By providing self-service software installation points for restricted users, PMAS reduces admin workload in supporting unmanaged software installation without compromising security.
PMAS starts at $27 per seat for enterprises with less than 1,000 computers.
Endforce announced ENDFORCE Informant, a silent network monitoring product that detects and alerts enterprises when unauthorized rogue or unknown endpoints connect to the network. This solution enables administrators to quickly react to the presence of rogue machines.
ENDFORCE Informant is deployed strategically within a corporate network and passively monitors network communications (ARP requests). Passive monitoring means that ENDFORCE Informant does not interfere with normal network communications. Low-level ARP monitoring allows all IP communications to be detected. Even if an endpoint evades DHCP or 802.1X network-based enforcement, the endpoint cannot communicate and spread infections throughout the network without using ARP. By monitoring ARP, identifying which endpoints are attempting IP connections, and comparing the endpoint with the list of approved, compliant, and registered endpoints, ENDFORCE Informant immediately knows if an unapproved endpoint is using the network.
Once an endpoint is identified, ENDFORCE Informant can alert an administrator with the endpoint's MAC or IP addresses. The administrator can then identify the network location and take appropriate security actions.
The list price for ENDFORCE Informant is $7,500 per server and $2,000 per monitor. Volume discounts are offered.
ForeScout Technologies has announced CounterACT 5.1, enhancing CounterACT's ability to detect and disable rogue wireless access. CounterACT secures wired and wireless networks transparently by ensuring that unknown devices and endpoints that are noncompliant with security policies cannot gain network access. CounterACT can now disable a rogue wireless access point deployed at any location on the; perform agentless in-depth interrogation of unknown/unmanaged endpoints; and supports 802.1X.
Pricing information is not available at this time.
Forum XRay SOA Enterprise Vulnerability Assessment
Today, Forum Systems is announcing a vulnerability management suite dubbed Forum XRay SOA Enterprise Vulnerability Assessment. Geared toward small- and medium-sized organizations, the product is an advanced testing solution that enables security professionals the ability to assess Web services for compliance with security policies, industry standards and best practices. The offering will show exposure to Web services vulnerabilities including SQL injections, cross-site scripting or security and policy failures that could put mission critical data assets at risk.
The product is priced at $1500 per user. Subscriptions for antivirus and VulCon updates are available for an additional fee. Forum Systems will be in booth 2107.
On Tuesday, FullArmor will use the RSA conference as a backdrop to announce its FullArmor PolicyPortal managed service. The product automatically enforces Microsoft Group Policy Settings on machines that are disconnected from Active Directory and will extend Microsoft's Network Access Protection--built into Windows Vista and Windows Server "Longhorn"--with additional security and configuration assessment capabilities and automated remediation for out-of-compliance. The offering supports Windows 2000 or higher.
Pricing for the service is $1 per managed machine per month with a one-time fee of $1,500 per administrator account.
Encryption Anywhere Hard Disk
GuardianEdge Technologies (formerly PC Guardian Technologies) announces Encryption Anywhere Hard Disk, combining strong full-volume encryption with enterprise management. Features include full-volume encryption of all data including temporary files, scrap files and hibernation files, Active Directory integration, support for Single Sign-On with Microsoft and Novell, pre-Windows authentication, centralized key storage, robust recovery options, and support for security tokens and smart cards.
Pricing starts at $140 per seat, subject to volume discounts.
Guardium Data Privacy Accelerator
Guardium, the database security company, has announced its Data Privacy Accelerator, a database-centric solution for preventing identity theft, including unauthorized access by trusted insiders. It delivers a portfolio of preconfigured policies, real-time alerts, and audit reports. Customizable compliance reporting and alerting. Add-on modules are available for implementing specific regulations, such as Sarbanes-Oxley (SOX), the Payment Card Industry (PCI) Data Security Standard, and Basel II.
Pricing for the Data Privacy Accelerator, an add-on for other Guardium SQL Guard products, is $4,995.
SecureSphere Gateway Compliance Bundle
Imperva has announced three compliance modules for its SecureSphere Gateway appliances that enable organizations to meet audit and data protection requirements imposed by the PCI Data Security Standard, HIPAA and SOX. These modules are individually configured to monitor, assess and report on activity within the data center infrastructure for compliance with the specific security guidelines of these regulations.
SecureSphere addresses the full spectrum of the data center infrastructure by providing protection and reporting that integrates a database security gateway, Web application firewall, network firewall and intrusion prevention system. It reduces compliance costs by automating the ongoing effort to keep up with changes in applications and databases to maintain compliance with audit and protection requirements.
For PCI, HIPAA and SOX, SecureSphere compliance assessment reports detail data usage, configuration and policy settings, including network firewall and data server configuration, user account analysis, and data storage and usage policy.
To ensure compliance with the data protection and data assurance requirements of these three regulations, SecureSphere protection reporting covers real-time monitoring of activity at the database, Web application, platform and network layers; and real-time alerts of policy violations and, where appropriate, automated blocking of these unauthorized activities and transactions.
SecureSphere Gateway Compliance Bundle costs $32,500.
ETL Utility for Ingrian DataSecure Platforms
Ingrian Networks' ETL Utility for Ingrian DataSecure Platforms provides high performance cryptographic capabilities for enterprises encrypting and decrypting large amounts of data. It features granular, field-level encryption capabilities and that can be integrated at the Web server, application server or database layer to protect information in transit, use and storage.
Pricing for ETL Utility for Ingrian DataSecure Platforms starts at $32,500.
Internet Security Systems
Proventia Anomaly Detection System
Proventia Network Enterprise Scanner
Proventia Network Intrusion Prevention System
Internet Security Systems' three new products add to an already broad portfolio of security tools.
Proventia Network Enterprise Scanner appliance, based on ISS's well-known Internet Scanner vulnerability assessment software, provides full vulnerability management with automatic and continuous scanning, plus workflow and reporting tools. The Linux-based appliance is easy to install and use, thanks to a simple, task-oriented GUI. Network Enterprise Scanner features configurable reports that enable companies to share security information.
Organizations can combine scan-and-block technologies by using Proventia Network Intrusion Prevention System to preemptively block malicious access to vulnerabilities, and by using its Virtual Patch Technology to provide protection for newly disclosed vulnerabilities until patches are available and fully tested. The Intrusion Prevention System marks ISS's transition from off-the-shelf hardware to custom-built appliances. It employs multiple analysis and detection methodologies for increased accuracy.
Proventia Network Anomaly Detection System (ADS) collects and audits network flow data from existing infrastructure devices. This allows organizations to monitor network behavior, and automatically detect known and unknown threats and anomalous activities, such as fast-propagating worms and policy breaches. Network ADS presents actionable security event information, and generates real-time alerts and comprehensive reports, such as top talkers, traffic statistics and a correlation of users, network hosts and services.
All three products integrate with Proventia Management SiteProtector security management console.
Enterprise Network Scanner costs $7,250, plus fee starting at $44 for each scanned device; Network Intrusion Prevention System ranges from $10,995 to $99,995 depending on model; Network Anomaly Detection System starts at $59,995.
Internet Security and Acceleration Server 2006 Beta 1
Microsoft's Internet Security and Acceleration (ISA) Server 2006 Beta 1 is now available for customer download at www.microsoft.com/isaserver. This latest version of the firewall, VPN, and Web cache solution helps customers secure their Microsoft-based application infrastructure, streamline network control, enhance performance and safeguard IT environments.
Pricing information is not available at this time.
Mirage NAC 3.0
Security solution vendor Mirage Networks is introducing its Mirage Network Access Control (NAC) 3.0 at this year's RSA conference. NAC, which operates on a hardened Linux kernel, is a self-contained full-cycle software and hardware product that safeguards networks against damage from zero-day threats and policy violations. Mirage's technology behind NAC is network infrastructure-, OS and device-agnostic, and scalable for voice and data networks. At the product's core are behavioral rules that detect behavior indicative of an attack and continually monitor and evaluate endpoint behavior with little to no false positives. Signatures and agents are not required to catch zero-day attacks.
NAC 3.0's self-contained approach to access control includes pre-network admission security, which uses dynamic IP mapping and device policy checks; post-network admission security, with continual protection against threats and policy violations, and offers on-demand vulnerability scans; and quarantine and remediation capabilities that work to isolate at-risk endpoints, preventing cross-infections and enabling remediation.
Aside from the base NAC appliances, included in Mirage's NAC 3.0 family of products are management servers, designed for networks using multiple NAC appliances, that enable centralized monitoring and management of all network devices; and optional software modules that offer enhanced capabilities: Full-cycle Module enables pre-admission vulnerability, antivirus and OS patch status checks; and Mirage Operations Console Module enables centralized monitoring for networks of less than 50 users.
Mirage Networks' Mirage NAC 3.0 is priced between $5,000 and $25,000.
nCipher has announced KeepSecure, an enterprise data protection suite, capable of encrypting data at the database, file and application levels to help meet data security regulations, including Sarbanes-Oxley, Payment Card Industry (PCI) Data Security Standard, SB 1386, HIPAA, European Union Data Protection Laws and Japanese Data Protection legislation. KeepSecure uses encryption and access control services delivered as a series of security adapters designed for integration with the popular databases, file systems and business applications.
Pricing information is not available at this time.
SSL VPN-Plus v5
New features in NeoAccel's SSL VPN-Plus v5 include two-factor authentication using a USB Key, clientless-mode Web access terminal for Windows file sharing and Telnet and SSH access, customizable user login and landing pages, intelligent acceleration-triggered compression, a hardened kernel-level operating system, and an extremely easy-to-use management console. A client SDK provides library and API calls to integrate SSL VPN-Plus functions inside custom solutions.
Prices for SSL VPN-Plus range from under $3,000 for the SMB Edition to more than $100,000 for the Enterprise Edition capable of supporting 20,000 of concurrent users.
VoIP Security Solution
Enterprise security management and Internet telephony are both taken care of under NetIQ's newest release, VoIP Security Solution. Announced here at the RSA Conference, this product addresses the increased need for secure a secure VoIP environment. Through its compatibility with Cisco System's Cisco CallManager, VoIP Security Solution reduces an enterprise's exposure time to protect against the loss of confidential data, improve security knowledge and increase protection and security posture. It monitors VoIP environments in real time and detect security events and configurations, providing critical insights into Internet telephony deployments. It also correlates security events, logs them for audit, analysis and forensics purposes. Included in the VoIP Security Solution are the following: AppManager for Cisco IP Telephony-Security, which monitors the Cisco agent for availability and critical security events, and provides configuration change notification and MLA change control; AppManager Call Data Analysis, which analyses call details records to identify abuse patterns and provide reports based on the records; and Security Manager for IP Telephony, which applies correlation rules to identify threats, and logs security event information for auditing and forensics.
The NetIQ VoIP Security Solution starts at $6 per IP phone for real-time VoIP security monitoring.
iTap GigaBit Port Aggregator
NetOptics' iTap GigaBit Port Aggregator offers a unique network display and SNMP remote management which make it a dream device for network and security administrators who need to confirm the health and safety of their critical network links and devices--without spending every minute of the day checking for link failures or spending an arm and a leg on IDS/IPS systems. It enables a security or networking monitoring device to monitor a full-duplex link using only one NIC. Network monitoring and security devices connected via iTap can view 100% of network traffic in real time, including Layer 1 and Layer 2 errors. With generous buffer memory, the iTap can handle and indicate "flash" spikes in traffic volume. If either side of a bi-directional link fails, the iTap immediately communicates the fault visually to the network administrator and directly or via SNMP to network monitors and/or IDS/IPS systems, minimizing downtime due to undetected link failures or security breaches.
iTap GigaBit Port Aggregator costs $3,095.
NFR Security announces an expanded customer service program, including a 60-day money-back guarantee. The "No Failure Rights" initiative includes security implementation services; installation, configuration and tuning services; available tech support 24 x 7; customized Sentivist training; a 30- and 60-day system health check; money-back guarantee.
Pricing information is not available at this time.
Nokia Enterprise Solutions
Nokia IP 560 Security Platform
Eight years ago, Nokia and Check Point advanced the security market with the concept of a simple to deploy and manage security appliance. Since then, the combined productivity, performance and security solutions make the Nokia/Check Point offering a preferred choice for customers. Today at the RSA Conference, Nokia Enterprise Solutions has announced the Nokia IP 560 Security Platform, the latest Nokia/Check Point solution. The Nokia IP560 provides medium and large businesses security, manageability, firewall performance and port density in a rack-dense appliance. The product is available in flash-based or hybrid configurations, allowing for the option of up to two additional hard disk drives for storage and logging. Using a four-port 1000BaseT Ethernet card, the Nokia IP560 supports 58,000 connections per second and delivers over 6 Gbps of firewall throughput and 1.9 Gbps throughput of encrypted traffic for Virtual Private Network (VPN) data.
Pricing starts at $16,495.
v-GO Sign-On Platform 6.0
Passlogix's v-GO Sign-On Platform 6.0 software product has five components, each with its own advancements: v-GO SSO Administrative Platform is easier to navigate and more intuitive, and its flow and design have been completely revamped; v-Go Service Password Reset has a customizable user interface, a new report on user enrollment status and support for role/group-specific challenge questions; v-GO Authentication Manger now supports XyLoc proximity cards and SAFLink biometric devices as primary authenticators; v-GO Session Manager supports v-GO AM for all authentication events; and v-GO Provisioning Manager has expanded its CLI functionality for .NET and Java, and provides full API SDK's for both.
The complete v-GO SSO solution costs $69.99.
PGP Command Line
PGP Corp., has announced PGP Command Line for IBM zSeries and IBM iSeries, to deliver PGP encryption to mainframe and mid-range platforms. Part of the unified PGP Universal Encryption Platform, PGP Command Line takes advantage of its integrated management and security policies, allowing businesses to integrate encryption into batch processing, network transfers, and backup processes. Organizations can use new PGP Command Line for mainframes, as well as Unix, Linux and Windows, to address compliance with government and industry regulations while protecting confidential and personal information from compromise.
Pricing starts at $7,500 per runtime license.
E-mail Integrity Suite
Privacy NETworks' E-mail Integrity Suite (EIS) is a new integrated e-mail management platform designed to replace multiple point solutions with a single system that combines complete spam and anti-virus protection with easily searchable e-mail archiving capabilities. Customers can manage e-mail communications so that all proprietary and confidential information and intellectual property contained in e-mail is automatically validated, encrypted and stored for security, decision support, auditing and regulatory or legal compliance. Controlled through an easy-to-use graphical interface, EIS represents the next generation of e-mail integrity solutions by combining a complete set of e-mail management capabilities into a single set of tools. The entire Privacy Networks (EIS) suite of e-mail security and archiving software is Linux-based.
EIS starts at $5,000.
Radware's DefensePro 3.0 provides more intelligent ways to analyze and quickly adapt to changing application traffic patterns. DefensePro 3.0 leverages the Radware behavioral DoS protection system to provide multi-layer SYN flood mitigation and safeguard the network against any type of known and unknown zero-day DoS and DDoS attack by automatically monitoring, identify, classifying and adjusting traffic parameters when an anomaly is detected. It automatically mitigates DoS, DDoS and SYN flood attacks with a six-module behavioral protection system that works independently to measure and manage traffic activity based on behavioral parameters and adaptive algorithms, working with the module system to create a comprehensive description of all network activity, verify traffic health and legitimate peaks, detect network anomalies and weigh the degree of an attack to ensure all issued attack alerts are critical.
DefensePro 3.0 ranges from $25,000 to $90,000.
Reactivity XML Access Gateway
The Reactivity XML Access Gateway is one of a family of wire-speed XML networking solutions that solve key access control, identity management, threat prevention, mediation, acceleration and routing required by Web services and Service Oriented Architectures (SOA). Reactivity's Gateways with the Identity Insight deliver multi-level, multi-credential identity-based routing, reporting and alerting with comprehensive privacy enforcement. Reactivity Gateways can verify, conceal and transform sensitive data and notify administrators in real-time of non-compliant XML message.
The Reactivity XML Access is priced at $60,000.
Network intrusion prevention vendor Reflex Security has announced its ThreatIQ Suite, featuring Reflex IPS sensors, Network Discovery, the Network Defender module, and the Reflex Command Center. The comprehensive system discovers nodes, inspects for threats, defends in real time and quarantines hosts from the network. Building on the Network Discovery context, Reflex's signature anomaly and rate-based algorithms facilitate automated defenses against a wide range of attack vectors--malicious content, DoS, anomalies, access violations, viruses and spyware. By operating inline and performing deep packet inspection on all network traffic, the Reflex IPS can block and filter illegitimate traffic flows.
Pricing for ThreatIQ starts at $9,000.
RSA SecurID Appliance 2.0
RSA Security has announced RSA SecurID Appliance 2.0, a scalable strong authentication solution that enables enterprise customers to establish the trusted identity of users accessing critical business resources and simplifies deployment of strong authentication.
Enterprises can leverage the RSA SecurID Appliance to provide stronger security for remote access servers, IPsec and SSL VPNs, wireless access points, terminal services, Microsoft Windows desktops and networks, and more than 300 third party solutions such as routers, servers and Web portals. RSA SecurID two-factor authentication technology may also serve as the authentication point for RSA Sign-On Manager enterprise single sign-on software, RSA ClearTrust access management software, RSA Federated Identity Manager solution and RSA Key Manager software.
RSA SecurID Appliance 2.0 will be available in March. Bundled list pricing ranges from $4,000 for a 10-user bundle up to $34,000 for a 250 user bundle. For larger enterprises, a-la-carte pricing is based on the number of users.
Shavlik NetChk Compliance
Yesterday, Shavlik Technologies took the wraps off Shavlik NetChk Compliance, a SIM solution that aims to help security and network professionals meet regulatory and corporate audit policy challenges by managing system and security configurations. It offers central security configuration management for operating systems, Web servers and database and utilizes a centralized XML-driven query engine. NetChk offers baseline security policies and settings, including best practices for security policy auditing and rationale for security recommendations. It also allows for security audits performed around ISO 17700 frameworks. Users can search by domain, organization unit, machine name, IP address or IP range. The SIM also allows the user to manage machines from one console, server, workstation or laptop. Users can scan their environment for systems that are non-compliant and then bring them to a compliant state. The product supports Windows XP and Server 2003.
Pricing is $23 per seat for workstations (up to 1000 seats) and $250 per seat per server for up to 1000 servers. You can visit Shavlik at the show at booth 423.
Sun Java Systems Web Server
Sun Microsystems has further battened down Solaris 10 with yesterday's announcement that it will offer current customers "Trusted Extensions" to the OS.
The extensions are security add-ons that complement what was integrated into Solaris 10 last January from Trusted Solaris, a version used by government agencies with strict security requirements. Rather than create a new source tree, Solaris decided to deliver the remainder of Trusted Solaris to the commercial version as an add-on.
The extensions -- which are Common Criteria EAL4+ certified -- label data, devices and users with a security level; objects without proper clearance levels are denied access.
Sun also announced the Sun Java Systems Web Server will support Elliptic Curve Cryptography (ECC) encryption. ECC uses smaller key sizes than RSA encryption, which is still supported. ECC enables devices with limited processing power like smart cards, PDAs and cellphones to interact with the server.
ECC also brings Sun in line with the government's migration plan toward the algorithm and wider support for lightweight mobile devices.
Pricing information is not available at this time.
TippingPoint, a division of 3Com, has announced an intrusion prevention system chassis, called TippingPoint M60, and corresponding IPS modules able to scale up to 60 Gbps.
The TippingPoint M60 chassis supports 10 Gbps interfaces and is available in seven, 10 or 14-slot versions that hold three IPS modules: the T5000, a 5 Gbps IPS module; the T2000, a 2 Gbps IPS module; and the T1000, a 1 Gbps module. Each module offers the same functionality as the systems in the TippingPoint Intrusion Prevention System product line. However, the new IPS modules offer 12 Gigabit copper or fiber Ethernet ports.
Each IPS module is capable of more than two million simultaneous connections and one million connections per second with switch-like latency of less than 150 microseconds. The IPS modules block worms, viruses, Trojans, spyware, phishing and denial-of-service attacks.
The TippingPoint M60 chassis and IPS modules will be available in the second half of 2006. Pricing is not yet available.
Deep Security 4
Third Brigade is announcing the availability of its Deep Security 4, software that stops network attacks before they impact the host machine, reducing the risk of security configuration inconsistencies. By reducing the attack surface, communication is restricted to authorized hosts and services only. The product also monitors all incoming and outgoing network traffic for protocol deviations or content indicative of an attack. Deep Security also prevents unauthorized access to hosts, and provides an auditable history of security configurations and changes, documenting prevented attacks.
Third Brigade's Deep Security 4 starts at $25,000, and includes five Deep Security Agents and unlimited Agent licenses operating in detect-only mode.
TriCipher Armored Credential System Authentication Gateway
TriCipher's TriCipher Armored Credential System Authentication Gateway (TACSag) builds on the company's TACS product to include turnkey integration for more rapid implementation, without any API work for authentication; and a middleware shield, which allows customers to shield their applications from changes. All customer-facing interactions involving multifactor authentication are redirected to TACS Authentication Gateway (using the industry standard SAML standard), which then performs the requisite functions interacting directly with the customer and the TACS and returns a response. On first release TACS Authentication Gateway will also support hooks for integration with various passive authentication, and fraud detection.
Pricing for TACS starts at $100,000 and includes 25 credentials; TACS Authentication Gateway will be available in March at a starting cost of $25,000.
SecurE-Mail Gateway 5.0
Utimaco Safeware has announced the release of SecurE-Mail Gateway 5.0, the latest version of its enterprise e-mail security product. In addition to its standard features, which include encryption/decryption and centralized administration, SecurE-Mail Gateway 5.0 features enhancements such as role-based administration that allows security staff to implement company-specific guidelines for monitoring and managing corporate e-mail systems.
SecurE-Mail Gateway guarantees secure e-mail communication by attaching signatures to e-mail and automatically checking their validity. The product, however, is completely transparent to users. Via role-based administration, security staff can keep all areas of administrative responsibility separate and distinct from each other. SecurE-Mail Gateway also allows security staff to establish an auditor role to oversee security policies.
Another primary component is the integrated key server for S/MIME and OpenPGP e-mail, offering centralized administration and distribution for public keys used by an enterprise's communications partners. With the SecurE-Mail Gateway, certificates and keys can automatically be separated from e-mails and then imported.
SecurE-Mail Gateway can be clustered. Because all relevant data, including rules and certificates, are stored in a central database, clusters can be implemented at minimal cost and effort.
Pricing begins at $3,000.
Vontu 6.0 enables enterprises and government agencies to discover and protect confidential data on servers and desktops, monitor and prevent confidential data from leaving the network, and automatically enforce data security and encryption policies.
The Vontu 6.0 suite enables organizations to safeguard customer data, company information and intellectual property, whether it is located on servers and desktops (data at rest) or exiting the network via e-mail, Webmail or other Internet protocols (data in motion).
Vontu 6.0 contains several product modules: Vontu Protect adds automated enforcement to the capabilities of Vontu Discover, which scans servers and desktops to locate exposed confidential data at rest. HTTPS Monitoring and Prevention via integration with Blue Coat Proxy SG monitors HTTPS content for sensitive information and blocks communications that violate policy. FTP Monitoring and Prevention allows organizations to proactively block FTP transmissions that contain exposed confidential data. People Aware Detection enables organizations to fine-tune polices to either target or exclude specific groups of employees.
Vontu 6.0 starts at $100,000 and is priced based on the number of users and number of products purchased.
Web security product vendor Websense announces its ThreatWatcher software, an addition to its comprehensive Websense Security Service. ThreatWatcher allows businesses to set up regular Web server vulnerability scans to monitor, report and alert on compliance issues, open ports and known Web vulnerabilities. The software is compatible with Windows, Linux and Sun Solaris OSes, and is included with the purchase of the Websense Web Security Suite. Also being announced at the conference are new features to the Web Security Suite, due out in April: malicious protocol management that protects corporate computers from bot infestation; multi-point protection from worms in both Web applications and e-mail; enhanced protection from spyware; and integration with Microsoft firewalls through the Websense Manager.
In all, the Websense Web Security Suite costs $30 per user per year, based on a company of 1000 users.
Protect Enterprise Suite
Workshare's Protect Enterprise Suite unifies fragmented approaches to outbound content compliance with a combination of both end point and network-level protection in a single and easy to deploy and manage platform. The Protect Enterprise Suite comprises that company's Protect Client, Policy Manager and Network Protect, all of which can work independently or together to deliver a wide array of integrated, flexible protection strategies.
The Protect Enterprise Suite starts at $29 per user.
Dig Deeper on Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions