CA launches new vulnerability management appliance, service
Computer Associates International Inc. on Tuesday announced brand new management tools and services to help enterprises patch vulnerabilities before viruses can exploit them. eTrust Vulnerability Manager r8 is a plug-and-play box that analyzes every machine in an environment to determine vulnerability levels. Software running on the appliance provides patch and configuration remediation recommendations as well as compliance reports displaying what percentage of machines—and which in particular—meet federal are in compliance with federal regulations such as HIPAA and GLBA.
Also announced at CA World in Las Vegas yesterday was the compliment service, eTrust Managed Vulnerability Service, which provides technology and resources to allow administrators to "co-manage" vulnerability assessments and remediation. Admins can scan chosen machines, if needed, and patch at will. A customer portal provides access to information, including a network map of vulnerable installations on the enterprise network.
Sold through direct sales and resellers, Islandia, N.Y.-based Computer Associates suggests a list price of $9,500 for the eTrust Vulnerability Manager. The Managed Vulnerability Service starts at $80 per node annually for 5,000 nodes.
HP and Microsoft unveil new hardware security solution
San Jose-based Hewlett-Packard, which now prefers to be called "HP," and Redmond, Wash.-based Microsoft have jointly created the HP ProLiant DL 320 Firewall/VPN/Cache Server running Microsoft Internet Security & Acceleration Server 2004. The all-in-one appliance allows enterprises running an ISA server to more efficiently protect key Microsoft applications, such as Exchange Server, Outlook Web Access, Internet Information Services and SharePoint Portal Server.
Available in Q3, the full-featured HP ProLiant DL 320 box is rack-mountable and estimated to cost $3,000. At this week's Microsoft TechEd conference in San Diego, the companies also announced another collaboration, the HP ProtectTools Suite for Microsoft products. The series of five tools allow an enterprise to authenticate, audit imported and exported data, establish role-based access and enhanced e-mail security. Price listings are available through the companies' sales departments.
For more pricing and availability info on the HP ProLiant DL 320 Firewall/VPN/Cache Server, click here.
InfoExpress joins Trusted Computing Group
InfoExpress, a Mountain View, Calif.-based provider of network edge security solutions and CyberGateKeeper LAN, announced its new membership to the Trusted Computing Group, an open industry standards organization dedicated to building secure products to protect data. InfoExpress and TCG have agreed to partner on developing open specifications to secure endpoint host connections to networks.
For more info on InfoExpress, click here.
For more info on Trusted Computing Group, click here.
Sophos releases PureMessage
Antivirus vendor Sophos of Wakefield, Mass. announced the release of PureMessage for Windows/Exchange, its product for safeguarding Windows networks from spam and malicious code including attachments. Optimized for more than 100 desktops, PureMessage for Windows/Exchange is fully configurable and supports clustered Exchange installations in order to leverage failover capabilities of the Windows Server System. PureMessage also provides users with a Web-based tool for retrieving quarantined messages.
For more pricing info, contact Sophos here.
Sygate unveils Security Agent for Windows XP Embedded
Network security company Sygate Technologies of Fremont, Calif., unveiled its Security Agent for Windows XP Embedded. Sygate touts the product as the first value-added endpoint security solution for Microsoft Windows XP Embedded-based devices such as point-of-sale terminals, public kiosks, ATMs and other network-connected systems including those used in the medical, gaming and manufacturing sectors. The solution delivers intrusion detection and prevention, personal firewall, host integrity and centralized management. Sygate Security Agent for Windows XP Embedded is a componentized version of the Sygate Security Agent used to protect desktops, laptops and servers.
For more information about Sygate or the Security Agent for Windows XP Embedded, click here
@stake releases LC 5
Digital security company @stake Inc. of Cambridge, Mass., released its latest L0phtCrack automated password auditing and recovery application, LC 5. It is a cross-platform Windows and Unix solution featuring the first commercially available pre-computed password tables, which can reduce password auditing from hours to just minutes, the company said.
LC 5 features a wizard-based interface to configure, schedule and run comprehensive audits on Windows 2003, XP, 2000 and NT versions, along with multiple versions of Unix accounts. LC 5 can audit and uncover passwords wherever they reside -- on local or remote PCs, workstations or servers, within domain controllers or in Active Directory. Password data can also be obtained from system memory, SAM files and shadow files on Unix. It can also conduct multi-domain scans securing password integrity across an entire business, not just a single domain, and highlight trends and problem areas through its enhanced reporting capability by providing real-time data and plots in both graphic and text formats.
The product is now available for a 15-day trial in a number of editions: Professional; Administrator: Site: and Consultant. For more information about @stake Inc., click here
Beadwindow, Solutionary partner
Beadwindow Corp., a Merrimack, N.H.-based provider of network security solutions, announced a partnership with Solutionary Inc., an Omaha, Neb.-based managed and monitored security service provider. The Beadwindow intrusion-prevention system can be integrated into Solutionary's ActiveGuard technology. Solutionary's ActiveGuard and eV3 technologies, together with its security operations center, help protect IT infrastructures against security threats and intrusions.
For more information, including pricing, visit Solutionary or Beadwindow.
RSA Security, GeoTrust partner for digital certificate solutions
Bedford, Mass.-based RSA Security Inc. and Wellesley, Mass.-based GeoTrust Inc., providers of e-security solutions, announced a partnership to offer digital certificate solutions. RSA Security customers now have a choice to host their own certificate authority or choose the GeoTrust managed SSL digital certificate solution. GeoTrust Quick SSL, Quick SSL Premium, True Business ID, True Business ID Wildcard and Enterprise SSL solutions are now available through RSA Security.
For pricing information, visit RSA Security.
Perfigo releases SmartEnforcer component
Perfigo Inc., a San Francisco-based provider of integrated, software-based network access management solutions, released SmartEnforcer client for the enterprise, an add-on component for Perfigo CleanMachines. Perfigo CleanMachines scans devices for a broad set of vulnerabilities and enables users to repair their own devices when infections or vulnerabilities are detected. SmartEnforcer enables enforcement of security policies in three ways: it expands the depth of device interrogation through registry scans; it requires remediation before network access is granted; and it automates the download of fix tools to the users. Bundled pricing for CleanMachines SmartEnforcer starts at $20,000.
For more info on Perfigo, click here.
Reactivity releases Reactivity XML Firewall
Reactivity Inc., a Belmont, Calif.-based provider of XML Web services security solutions, released its Reactivity XML Firewall, which provides a centrally controlled Web services security policy and enforcement. The Reactivity XML Firewall applies a consistent security policy to messages from all the major Web services platforms before passing them on to the packaged application in the correct Web services dialect. It is an XML proxy that processes bi-directional message flow while performing all protocol and transport mediation; defending against XML attacks; ensuring trusted transactions are correctly validated and routed; and providing a signed, auditable record of messages and events.
For more pricing and availability info on Reactivity, click here.