As everyone knows by now, securing a network requires a multilayered, multifaceted approach. A spate of announcements this week from a variety of security vendors big and small shows just how intricate the security problem can be.
VARs who work in the security space are finding that many of their clients have similar issues, regardless of their vertical sector, so combining a range of solutions is almost always the best approach.
"All companies have the same common problems when it comes to security, and the large corporations can afford to spend tens of thousands of dollars on their security architectures," says Greg Hanchin, a principal at DirSec, a security integrator with offices in Denver, Oklahoma City, Omaha and Las Vegas.
Sun Microsystems announced that it is shipping Sun Java System Identity Auditor, a solution that helps improve audit and compliance performance. It enables customers to create a secure identity audit trail and present a unified view of an individual's identity and system-access activities. The solution delivers proactive, automated and sustainable visibility into identity controls across critical enterprise applications and the entire identity-management infrastructure. Sun has not yet released pricing information.
"Companies are spending substantial sums of money to hire and manage external consultants to perform auditing and compliance tasks for identity management activities," says Roberta J. Witty, research vice president at Gartner. "To answer the question of, 'Who has access to what?' and prove it, companies need a secure, automated analysis and reporting solution that is cost-effective and comprehensive in its capabilities, including the scope of supported platforms and applications as well as role-conflict analysis."
An example of the increasing convergence of network and physical security, Axis Communications released a professional network camera that integrates high-resolution video and two-way audio over IP networks. The AXIS 211A Network Camera is designed for surveillance and remote-monitoring applications that require the ability to see and hear events and communicate with visitors or intruders in real time. It utilizes simultaneous Motion JPEG and MPEG-4 video streams to optimize image quality and bandwidth efficiency, and its built-in support for Power over Ethernet (PoE) enables power, video and audio to all be delivered through the same network cable, thereby decreasing installation costs.
The AXIS 211A Network Camera will be available through Axis' distribution channels next month for $899.
On the intrusion-detection and network-monitoring front, Neon Software announced two related products. The newest version of its LANsurveyor's Continuous Scan Intrusion Detection System works with Microsoft Baseline Security Analyzer, a vulnerability-assessment tool, to automatically perform vulnerability assessment when a new system is connected to a network. This allows network managers to find new nodes and test them at any time. The new Continuous Scan is easy to use and is accessible to most IT departments as a $495 option for LANsurveyor.
Neon also shipped LANsurveyor version 9.0 for Windows, which allows network administrators to safeguard and monitor their networks by incorporating network documentation, asset management, network monitoring and vulnerability-management features. The new version includes better network diagrams, enhanced alerts, additional reporting capabilities and more extensive monitoring capabilities.
LANsurveyor starts at $495 and is available in three versions that include licenses for Neon Responders, the LANsurveyor client software used for asset management, reporting and management. All versions of LANsurveyor support mapping networks with unlimited nodes. The Continuous Scan IDS option is $495.
Security vendors also are working in tandem to solve specific problems for vertical industries. This week, Alogent, Certicom, Unisys and VeriSign announced a joint development effort that will deliver a solution allowing banks to capitalize on opportunities encouraged by The Check Clearing for the 21st Century Act ("Check 21"). Financial institutions will be able to implement the solution as separate modules or as a complete end-to-end transformation strategy.
The solution comprises point-of-presentment capture through image-exchange software that pairs Unisys technology with Alogent's point-of-presentment branch deposit automation and remote deposit automation solutions. The software automates payment and deposit processing, helping to reduce costs and improve efficiency, while allowing the check to be imaged where it is presented.
Integrating security technology from Certicom, Unisys' check-processing hardware and image security software creates a unique digital signature for each check image created and attaches the mathematical signature immediately at the check transport system. VeriSign verifies the identity of each company using the Unisys system through its outsourced Business Authentication Service. No timetable for the solution was announced.
Next month, Reconnex will be announcing its electronic risk-management platform, an appliance-based internal network security platform that combines protocol-independent content analysis, content registration and forensic capabilities. The platform consists of two appliances working in tandem to analyze, identify and register known and unknown risks. Reconnex analyzes all information regardless of protocol while providing forensic, reporting and registration capabilities. The platform will combine real-time content monitoring, application monitoring, document scanning and network forensics into a single solution.
Finally, Kavado announced the beta version of Defiance TMS, an enterprise-class threat-management system that secures large-scale, distributed deployment of Web applications and Web services. The solution offers scalable intrusion-detection and prevention that detect threats, generates alerts and blocks internal and external attacks to corporate and customer data across the enterprise without impacting day-to-day business operations.
Defiance TMS is a software solution that runs on any supported Linux, Windows or Sun server. Defiance TMS will be generally available later this quarter. Pricing starts at $52,980 for the initial deployment. Additional Defiance components, such as Defiance Monitor, an intrusion-detection solution, can be purchased separately starting at $11,500. Defiance Monitor can also be purchased as a standalone product at $11,500.