RSA: Security firms evolve to tackle new threats

Glimpse of industry adapting to rapid changes, new threats

Evolutionary biologists have long theorized that the pace of evolution quickens when a species faces great environmental stress. This idea, of course, is a tough one to “prove,” but we can see examples of it all around us. Just look at the IT security industry, where something akin to drastic environmental change is happening right now: Organized cybercrime groups are punching truck-size holes in enterprise security defenses as regulators, shareholders, and attorneys general are putting pressure on companies to lock down sensitive data. The pressure for change will make this week’s RSA Security Conference in San Francisco less an industry shindig than a live experiment in evolutionary biology. So walk quietly and keep your field glasses handy to spot some exotic new species in these areas:


Anti-virus technology at both the desktop and gateway is a staple of today’s enterprise security strategy, as it has been for nearly a decade. But anti-virus vendors such as Symantec, McAfee, and Trend Micro are under intense pressure to keep up with threats such as exploits of previously unknown (“zero day”) software application holes, as well as fast-evolving and stealthy Trojan horse and rootkit programs that can ferry sensitive data off of enterprise networks unnoticed.

McAfee will use RSA to wade into the data protection market with a clutch of smaller vendors, including Pointsec, Vontu, Provilla, Code Green, and Tizor. McAfee unveiled a new product: DLP (Data Loss Prevention) Host, an end point protection product that will prevent data loss from e-mail, instant messaging, printed documents, USB drives, CD-ROMs, and so on.

Smaller players in the AV industry are recognizing the need to offer data leak protection as well. Kaspersky Labs will unveil Kaspersky Open Space Security (KOSS), a suite of products to manage the security of enterprise systems and mobile devices outside the firewall. Kaspersky also offers InfoWatch, a leak prevention service, to customers in Russia and will start rolling it out to the German market in February, CEO Eugene Kaspersky said.

Data leak protection is a necessity in a world where threats might come from inside a company, or be targeted at one specific company, or even one machine within a company, rather than from the Internet at large, Kaspersky told InfoWorld.

Network Access Control

It’s been more than three years since NAC -- Network Admission Control -- wiggled out of the primordial ooze that was Cisco’s post-boom inventory glut. Since then, however, the idea of marrying policy enforcement and client health screening to network admission has sprouted legs and started walking around on its own.

This year’s RSA will shine a light on the hordes of NAC solutions out there today, and also on the changing dialogue around NAC, which is as much about policy enforcement after network admission as before it.

At the top of the list, Juniper, Cisco, and Microsoft will all be keen to demonstrate third party support for their competing NAC technologies.

Microsoft started the ball rolling last week, announcing 100 networking and security companies that support the company’s Network Access Protection (NAP) technology in Vista and Longhorn Server. Juniper will use RSA to show off integrations between its Universal Access Control NAC technology and providers of end point, network infrastructure, IAM and other content-centric security solutions.

A workshop by members of the Trusted Computing Group’s Trusted Network Connect on Monday will touch on many of the same themes, with demonstrations of how to use trusted computing applications network access control and data protection using the TNC architecture and TPM (Trusted Platform Module) hardware.

But a host of other companies in the NAC space will also be displaying their wares. Anti-virus firm Sophos will unveil the first fruits of its purchase of NAC software firm Endforce at the show, and Symantec will announce end point policy enforcement features for its SNAC (Symantec Network Access Control) product.