eChannelLine Daily News 22-April-2009 Vendors trot out security wares at RSA 2009 by Steve Wexler Large and midsize companies will focus on the implementation of application firewalls, network access control (NAC) technologies and data loss prevention (DLP) technologies during the next year and a half, according to a new report from TheInfoPro. Released at RSA Conference 2009, the world's largest security event running in San Francisco this week, the results also showed that cloud computing is considered a greater risk than virtualization. Key findings from the biannual security study include: -22 percent of F1000 organizations have application firewalls in use today, while 31 percent are planning adoption in the future. F5 Networks leads for both in use and in plan citations; -citations for in pilot and in near-term plan NAC implementations grew to 25 percent from six months ago of those interviewed to date; Cisco remains the market leader among in use and in plan citations; however, Microsoft, Juniper, Symantec, and McAfee are improving their standings;. -29 percent of F1000 organizations have DLP in use, and an additional 37 percent are planning implementations of DLP; Symantec continues to lead among in use and in plan citations for DLP; and, -only 29 percent indicated being at least very concerned about security in a virtualized environment, while 53 percent of respondents indicated being at least very concerned about cloud computing solutions. Here are some of the other announcements coming out of RSA. Perhaps reinforcing TheInfoPro's findings, EMC's security division has enhanced its data loss prevention line-up. The RSA DLP 7.0 Suite offers new features for discovery, remediation and integration with the RSA enVision Platform. "Out of all the announcements we're doing, this is the most exciting and most relevant for our channel partners, said Joe Gabriel, senior manager of global channel marketing for RSA. The division also announced the RSA Solution for Microsoft SharePoint to address security issues that arise within a large and distributed SharePoint environment. As part of the offering, the RSA Secure View tool for Microsoft SharePoint provides customers with a hierarchical view of the SharePoint environment from servers to files within SharePoint sites. For more information, visit www.rsa.com. Security powerhouse Symantec unveiled its Endpoint Protection Small Business Edition, which is designed to offer easy-to-use, enterprise level protection for small businesses, Scheduled for release this summer, it features tools, such as the client installation wizard and a streamlined user interface, that simplify deployment and reduce the level of expertise required. In addition, pre-configured notifications, recommended Symantec security defaults and automatic security reporting are expected to save SMBs time and money. "As the number and sophistication of Web-based viruses and malicious code continues to rise, small business need to be secured with more than just traditional antivirus technology "By prioritizing optimal performance and low costs, we are offering small businesses the same level of protection provided to large global businesses with a product that is designed to meet the specific needs of smaller environments," said Symantec's Art Gilliland, VP, enterprise security group. More information is available at www.symantec.com. nuBridges Protect Token Manager is the industry's first data security software solution to combine universal Format Preserving Tokenization, strong encryption and unified key management in one platform-agnostic package, said Gary Palgon, VP product management. The company has been heavily involved with PCI compliance in the retail space, but this product "opens up new markets and new uses," he said. "The market has been asking for a centralized token server, and with nuBridges Protect Token Manager, we now deliver an all-in-one solution that includes strong encryption and unified key management for optimal data security." For more information, go to http://www.nubridges.com/solutions/tokenization/. FaceTime Insight, new visualization and reporting software from FaceTime Communications, uses tree mapping and a modular reporting infrastructure to provide a bird's eye view as well as in-depth visibility into Web 2.0 applications, social networking sites and all facets of enterprise Web browsing. It interfaces with the company's Unified Security Gateway (USG) to provide granular enterprise data visualization in terms of user behavior, usage patterns and network traffic trends. For more information, visit www.FaceTime.com. The Wedge Subsonic Engine is designed to deliver low latency, high concurrency, and gigabit throughput for deep content inspection of all commonly used application layer network protocols and data compression formats. The first phase of Wedge Networks Inc.'s Subsonic Engine innovation is the Lightweight Massive Threading Engine which is designed to handle large-scale concurrency of network traffic sessions at speeds 10 times faster than other current technology while applying full deep content inspection. For more information, visit http://www.wedgenetworks.com/subsonic.html McAfee, Inc. has announced expansion to its Security Innovation Alliance (SIA) program, adding eight new members as Associate Partners, including Authenex, Cryptotech, eIQnetworks, Novell, S21sec, Solidcore, Triumfant and Telos. The company is also expanding the categories of partners supported by SIA to include systems integrators. Ciphent as the charter member in this category. To learn more, visit www.mcafee.com/sia. Featuring integrated antivirus and antispyware with its patch management solution, Shavlik Technologies' NetChk Protect 7 will be available as a single agent, managed from the same console used for patch management. This product simplifies and automates identifying and fixing gaps in 'must do' tasks such as patch management, application control, and antivirus plus antispyware. More information can be found at www.shavlik.com. IBM has also beefed up its security offerings with new services, hardware and software aimed at improving the security of cloud computing environments, helping ensure the confidentiality of data and helping locking down applications from attack. Big Blue has introduced: Proventia Virtualized Network Security Platform, a virtual appliance to help secure a company's physical and cloud assets; malware scanning for IBM Rational AppScan; Proventia Web application firewall; IBM Tivoli Identity and Access Assurance; IBM Tivoli Data and Application Security ; IBM Tivoli Security Management for z/OS; and IBM Tivoli Access Manager for Enterprise Single Sign On is also announcing the support of six business partners for second factor 'strong' authentication. Further information is available at http://www-03.ibm.com/security/.