Demo@15 show focuses on secure networks

SCOTTSDALE, ARIZ. -- If the new products presented at Demo@15 are a bellwether for what drives innovation, then the challenge to keep networks secure appears to be the biggest driver of all.

Cenzic  is all about protecting Web-based applications through vulnerability testing. According to John Weinschenk, CEO, all users need to do is to put their Web site URL into the Cenzic Hailstorm wizard and hit a single button.

"We look at everything including the application logic, such as a company's password policy," said Weinschenk.

The system maps all application code, links, forms, and fields looking for security holes. Hailstorm creates its own attack scripts and issues reports on where weaknesses were found and gives remediation tips. It also maintains a customizable policy library for compliance assessments. 

Industry analyst Earl Perkins, vice president of security and risk strategies at Meta Group, said that although Web-based applications are proliferating at a rapid pace, application security has not kept pace.

Hailstorm monitors for phishing, access control, and zero day attack.

Phishing is also on the security menu at Cloudmark. As a follow-on to its SafetyBar tool for e-mail, at Demo the company unveiled Cloudmark SafetyBar for Internet Explorer, Cloudmark Intelligence Center, and Cloudmark Anti-Phishing Reputation Service.

Inexperienced users seeing an e-mail from their bank asking for an update of account information will be blocked from access to the Web site if SafetyBar for IE determines the site is bogus.

The Intelligence Center shares relevant data on spurious sites, the URL, and the distribution pattern with members of its community.

The Anti-Phishing Reputation Service blocks bogus sites for the entire Cloudmark user base. It also includes maps to pinpoint frequency of attacks around the globe.

SafetyBar for IE is in beta and is expected to ship in March 2005.

KoolSpan takes a hardware route to security offering SmartCard-based network security with a product dubbed TrustChip. With TrustChip-enabled SmartCards deployed in devices, such as a Cisco switch, remote users can access the switch from anywhere without the need to go through a VPN.

The product works with any network-aware device that requires authentication.

In an onstage demonstration, Tony Fascenda, CEO of KoolSpan, showed how he could securely access his MP3 files remotely by using a TrustChip card in his home PC.

KoolSpan offers its own SecureEdge solution that is available now as well as a version for equipment manufacturers to sell, featuring schematics, documentation, and design guide.

Other companies offering security products include IPLocks, which tracks employee access to sensitive company data and sends alerts to appropriate managers when an employee steps outside of his or her normal usage patterns.

Metavize EdgeGuard offers SMBs a simple plug-in solution to security by bundling more than a dozen leading security applications onto an appliance that plugs into the wall and into the network via an Ethernet cable. EdgeGuard can be used to protect networks from viruses, worms, phishing attacks, and spyware