As RSA Conference 2011 gets underway, a wave of enterprise security products and services will roll in:
• Zscaler, which already provides cloud-based Web and e-mail filtering and anti-virus for computers, will add support for iPhone and iPad devices. "You should have one policy regardless of location or device," says Amit Sinha, CTO at Zscaler. Enterprises that want to adopt iPads and iPhones will be able to apply the Zscaler Mobile filtering controls by using the VPN technologies resident on the Apple devices. "They all ship with a VPN, so what we do is forward traffic to the Zscaler cloud," he says. The traffic is filtered there, and no special agent software is needed. The service costs $1 to $3 per user per month.
• Detecting and stopping IP route hijacking is the goal of Internet Identity's (IID) new service. Rod Rasmussen, president and CTO, said the firm, which specializes in finding ways to mitigate attacks against border-gateway protocol (BGP) routers and domain-name system gear, is making available its ActiveTrust BGP as a protective service.
The goal of the ActiveTrust BGP service, intended for use by both enterprises and service providers, is to prevent the type of BGP incident that occurred last year where 15% of the world's Internet traffic routes were advertised by a state-controlled telecommunications company, apparently erroneously, which funneled off traffic for Web sites, e-mail and other transactions, including that of U.S. government agencies.
The ActiveTrust service would recognize that start of this type of routing incident is occurring, whether accidentally or maliciously, and a 24x7 team of security analysts at IID would immediately communicate the issues to those using the ActveTrust BGP service. "People are trying to do bad things with the IP space," Rasmussen says.
The ActiveTrust BGP service monitors technical information in terms of announcements related to how ISPs route IP traffic and would help mitigate any incident by contacting Internet infrastructure providers, law enforcement, and other security contacts in order to resolve the issue.
• Fortinet will be showcasing its new FortiGate-3140B Unified Threat Management device, which will not only work in the way a standard FortiGate appliance would but will add a way to do active-profiling of behavior to spot unusual traffic patterns in order to send alerts, quarantine or block based on anomalous behavior. Fortinet is also introducing its FortiAP-222B outdoor wireless access point. The upgraded FortiOS 4.0 MR3 operating system that's now part of FortiGate appliances allows for unified management of both wired and wireless networks from a single FortiGate platform, as well as active profiling, flow-based traffic inspection and the ability to support detection of wireless rogue access-points.
• Huawei Symantec , the Chengdu, China-based joint venture between Huawei and Symantec, will show off its Secospace USG5500 line of gateway appliances. They are aimed at mid-sized- to large enterprises for consolidated firewall, VPN, URL filtering, anti-virus, anti-spam and intrusion detection and prevention. The new appliance line is said to achieve 30Gbps firewall throughput with 14-port and 10 Gigabit Ethernet interfaces.
• BeyondTrust will be doing a live demo using a utility tool it developed that exploits the Microsoft Windows 7 user account control slider to show how it's possible to give an attacker access to elevated rights. The exploit is based on a weakness that Microsoft has known about since June of 2009, according to BeyondTrust executives, but was never patched. BeyondTrust will show how its software would prevent the exploit tool — which it doesn't intend to make publicly available — can protect against this Windows 7 weakness, but how some competitors, such as Avecto, allegedly can't. "You can't defend against this if you're not at the kernel-level," says Jim Zierick, executive vice president of product operations at BeyondTrust.
Read more about wide area network in Network World's Wide Area Network section.
This story, "iPhone security, IP route hijack prevention on tap at RSA" was originally published by Network World.