Security takes center stage at CSI conference

New and upgraded products focusing on such security issues as network management, anti-fraud services and securing devices on a network will be launched at the Computer Security Institute conference in Washington today.

The CSI Conference, in its 32nd year, is expecting 3,000 attendees, according to show organizers. Topics will include the evolving responsibilities of chief information security officers, the latest in security-related legislation and regulatory issues, how neuroscience will affect the future of computing.

In the conference's exhibition hall, vendors will demonstrate their latest security offerings, including:

Network management software maker Ipswitch will launch WhatsUp Professional 2006, Premium Edition, aimed at the small-to-midsize businessmarket. The software upgrade features new application management features, adherence to SNMP v.1, v.2, and v.3 specifications for monitoring devices attached to the network, as well as expanded, standards-based reporting, according to company officials.

WhatsUp Professional 2006's application management features work with Microsoft Exchange- and SQL Server- based programs. The enhanced reporting feature provides HTML-based reporting on all network-based applications and devices and feature statistical and performance measurements, officials say. Other improvements include Web content monitoring, router bandwidth monitoring and trend analysis, additional predefined reports, Web alarms, pager notifications and database tools, they say.

WhatsUp Professional 2006, Premium Edition is priced between $2,495 and $4,995, depending on the number of network devices managed.

Sana Security will announce Primary Response SafeConnect, software designed to protect desktops from spyware, adware and phishing attacks. The software detects malicious code in three ways; leveraging the included knowledge-based system to search for malware characteristics, using heuristics to detect activity created by Trojans, keyloggers, silent backdoors and rootkits, and protecting from anomaly-based threats by learning normal application file path behaviors, according to company officials. These techniques eliminate the need for scanning or signatures and provide instant protection, they say.

Primary Response SafeConnect is available as a free beta download. Pricing for the generally available product will be announced early next year, officials say.

M-Systems will launch Xkey Shield, software designed to let corporations control the use of removeable devices and media on their networks. Priced at $50 and available now, Xkey Shield is desktop and server software that lets network administrators track the usage of and enforce policies regarding removable devices including USB Flash drives, MP3 players, digital cameras, and CD/DVD burners and printers. Enterprises can define which types of these devices are allowed on their network and restrict those that are not, or enforce "read only" mode, company officials say. The software also generates reports on device usage.

Guardium will announce SQL Guard Database Firewall, designed to prevent unauthorized access to corporate data. This policy-based firewall monitors SQL-level access to databases and represents a key component of enterprises' layered security strategies, according to company officials.

The firewall, which works with databases from Microsoft, IBM, Oracle and Sybase, includes a module for building policies that regulate database access control and enforcement. It includes features such as redundant power supply, RAID storage technology, and the option to be deployed in a dual redundancy fashion with hot stand-by capabilities.

SQL Guard Database Firewall is available now, starting at $50,000.

Lancope plans to release an anomaly detection appliance for routers and switches based on sFlow network monitoring and management technology. StealthWatch Xe for sFlow, available now starting at $29,995, works with products from Foundry Networks, Hewlett-Packard Co. and Extreme Networks and analyzes sFlow records without requiring expensive sensors placed throughout the enterprise, according to company officials.

The product inspects network traffic for application-specific policies such as port usage and automatically block threats such as zero-day and denial-of-service attacks and worms, as well as policy violations, at the network's edge, they say.

Cyveillance will unveil its enhanced online anti-fraud service, which monitors the Internet daily searching for company-specific threats and fraud. The updated service provides a number of ways to help companies protect their brand and customers online, according to officials with the company.

The service's Abuse Box Integration feature analyzes the contents of a company's "report suspicious behavior" inbox to verify threats. The service also blocks pharming attacks -- where Web site visitors to trusted sites are redirected to bogus Web sites designed to steal customer information -- by automatically detecting unauthorized IP address changes. Once a fraudulent site is detected, Cyveillance's service can quickly take it down, often before visitors are lured to it, officials say. And the service can track fraud and abuse worldwide, in any language, they say.

The enhanced service is available now; pricing varies depending on the scope of services used.

This story, "Security takes center stage at CSI conference" was originally published by Network World.

Copyright © 2005 IDG Communications, Inc.

Shop Tech Products at Amazon