Cavalcade of New Security Products Expected at RSABy Matt Hines | Posted 2007-02-03 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Preview: A wide range of security vendors will re-launch or introduce products at the upcoming RSA Conference 2007 in San Francisco, including well-recognized names such as McAfee, Oracle and Novell.
Officials in charge of coordinating the upcoming RSA Conference 2007, being held in San Francisco's Moscone Center from Feb. 5-10, said that this year's security industry trade show will be larger than ever before.
If the sheer volume of new products planned for introduction at the annual confab are an indicator of the event's overall size, the RSA managers aren't exaggerating.
Sandra Toms LaPedis, area vice president and general manager of RSA Conferences, said in an interview with eWEEK that the increasingly popular show will likely see more new product launches than in any of its 15 previous shows.
Everyone from anti-virus vendors to networking companies and compliance specialists are expected to roll out technologies between keynote presentations from the likes of Microsoft Chairman Bill Gates, Oracle CEO Larry Ellison and former United States Secretary of State Colin Powell.
Among the technology providers planning to bring new products to market at RSA 2007 are a nearly full range of the security industry's biggest names. Those firms willing to provide a sneak peak at the tools they plan to introduce at the show include McAfee, TippingPoint, Qualys, Oracle, CA, Novell and Kaspersky.
McAfee, based in Santa Clara, Calif., will expand its footprint in the emerging DLP (data loss prevention) market, which has spurred forward over the last year with a series of high-profile incidents involving stolen laptops, systems intrusions and suspected insider attacks.
On Mon. Feb. 5, the company will introduce McAfee DLP Host, which the no. 2 security software maker identifies as a comprehensive package for preventing the leakage of confidential data via malicious and unintentional means.
TippingPoint, based in Austin, Texas and the security division of networking giant 3Com, is planning to launch its newest NAC (network access control) technology, an appliance that promises to help companies manage and enforce security policies required of devices that attempt to log onto their networks.
Dubbed TippingPoint NAC Policy Enforcer, the device serves as a management component for the company's collection of access control technologies, including its Policy Server, Services Server and endpoint NAC Client products.
With the market for NAC technologies heating up, with entries from a number of networking firms and stand-alone technology providers, TippingPoint executives said they will differentiate from the crowd by focusing on every element of the device authentication process, including so-called post-admission checks, which monitor machines for suspicious behavior even after they've been admitted to an organization's IT systems.
Hosted security applications provider Qualys, based in Redwood Shores, Calif., will announce a completely revamped version of its outsourced security auditing and vulnerability management services package, labeled QualysGuard 5.0.
Among the improvements touted in the new service offering, which is meant to replace similar on-premise security applications, are a new user interface, speedier vulnerability scanning, new reporting capabilities and a set of APIs (applications programming interfaces) that aim to help users integrate the system with other technologies.
Qualys will also announce a new partnership with infrastructure security specialists VeriSign, of Mountain View, Calif. Under the deal, VeriSign will offer a branded version of Qualys' risk and compliance management tools as part of its own Managed Security Services offerings.
Database giant Oracle, also based in Redwood Shores, will release a handful of new technologies to help customers integrate user identity management systems across various technologies, including its enterprise software systems.
Among the announcements planned by the company is a new Enterprise Manager Pack, which promises to allow enterprises to centrally monitor and manage identity systemsa key element of IT securityacross heterogeneous computing environments.
The company will confirm certification of its Identity Management technology with its Oracle E-Business Suite 12 and Siebel 8 business applications and detail future plans to extend support for its PeopleSoft Enterprise 9 and JD Edwards EnterpriseOne 8.12 applications, to be delivered by June 2007.
Next Page: CA, Novell, Finjan and Kaspersky to announce products.
Oracle also plans to announce that its Database Vault software package, used to protect and limit access to sensitive data and applications, has been certified for use with its PeopleSoft Enterprise product line.
Systems management and anti-virus software maker CA, of Islandia, N.Y., will introduce a new HIPS (host-based intrusion prevention system), which promises to combine firewall and threat detection and prevention capabilities for fighting Web-based attacks.
The CA HIPS technology, which is meant to help companies augment traditional signature-based anti-virus tools and ward off rapidly-emerging zero-day attacks, will monitor both incoming and outgoing traffic and allow for centralized management of access control policies, company officials said. The package also aims to streamline the installation and management of intrusion prevention on Microsoft Windows systems.
Network security device maker Finjan, based in San Jose, Calif., will announce two new products at RSA and demonstrate upgraded versions of its Vital Security Appliances.
One of the new tools, Finjan SecureBrowsing is designed to help improve the safety of Web browsing for enterprise users, offering protection from Internet-based malware and phishing attacks. The technology, offered as a feature on the company's security hardware products, promises to scan URLs in real-time to prevent users from accessing sites or applications that may be carrying malware exploits.
Finjan will also debut RUSafe, a feature that promises to test network traffic for threats, scan content using the firm's security engines and generate traffic logs and reports. In addition to its traffic-scouring capabilities, the feature also promises to speed configuration of Finjan's appliances.
Anti-virus specialists Kaspersky Lab, which maintains its U.S. headquarters in Woburn, Mass., will release its first set of malware-fighting tools designed for use on mobile devices. Aiming to cash in on the growing adoption and enterprise usage of smart phones, Kaspersky Anti-Virus Mobile is an integrated package of tools for preventing malware infections and blocking unsolicited wireless text messages, which can be used to carry various attacks and fraudulent schemes.
Network server software maker Novell, of Waltham, Mass., will preview new features added to its flagship security and identity management technologies, specifically its Sentinel 6 and Identity Manager 3.5 products.
In Sentinel 6, Novell will show off expanded capabilities for data correlation and security incident management, along with a new data connectivity framework. With Identity Manager 3.5, an update to the company's user provisioning and directory management package, the firm will display new tools for supporting role management to ensure separation of duties for regulatory compliance purposes.
The software also promises increased integration with all of Novell's access management tools, including its SecureLogin authentication system.
Database defense experts Applications Security, based in New York, will debut DbProtect, its latest integrated suite of systems protection tools, which will arrive on the market in April 2007. The database security package will offer activity monitoring for privileged users such as administrators, security patch gap management and security applications detection tools, along with a new unified installation system.
Meant to help prevent data theft or subversion carried out through privileged user accounts, the software promises updated versions of all the company's security applications, along with integrated scanning, vulnerability assessment and activity monitoring, as well as centralized management and reporting capabilities.
Network security software maker StillSecure, Superior, Colo., will introduce its new Complete NAC product line, which adds post-admission checks to the company's existing device authentication system. The package also includes additional support and compatibility for standardized NAC architectures provided by Cisco Systems, Microsoft and the Trusted Computing Group.
The expanded version of the firm's Safe Access NAC offering, which provides pre-admission device testing for networks, promises the ability to continuously monitor traffic after a machine has been tested and granted access to prevent worms and other viruses from spreading themselves using any type of delayed delivery techniques.