Month: June 2004

SecurID is one of the most popular two-factor authentication systems and is already used by many large enterprises. The token is about the size of a matchbox and generates a new six-digit code every minute. Users are given an easy-to-remember PIN number to type in alongside the code displayed on the token.

With an integrated SecurID system within Windows, enterprises should find easier and cheaper to ensure users do not use weak passwords or forget them.

George Anderson, IT security business development manager at services firm Computacenter, which is one of the participants in the beta trial, said the SecurID and Windows combination is a welcome relief. “We recognise that password-only security has for some time been inadequate for truly protecting Windows workstations,” Anderson said.

The beta test programme is being rolled out to a small number of companies and is expected to last around a month.

RSA Security expects the full commercial version to be available in shortly after the trial ends. Jason Lewis, vice president of product management at RSA Security, said the technology complements RSA’s core business, which is to authenticate remote users. “We’ve been traditionally focused on security issues outside the firewall and although securing remote access is critical, the RSA SecurID for Microsoft Windows solution addresses a real threat to exposing an organisation’s sensitive data within the enterprise,” said Lewis.

The integration of SecurID and Windows was first announced at the RSA Security conference in San Francisco earlier this year. At the time, Microsoft’s chairman Bill Gates said the development signalled the death of the traditional password.

More info: http://news.zdnet.co.uk/hardware/0,39020351,39156548,00.htm

According to Hoe, the Firewall Services Module 2.2 can be deployed and configured through any of three Cisco management consoles so that network managers can establish “logical firewalls” between Catalyst switching points, each with its own policy and rules.

The PIX Device Manager v.40 would only support a single Cisco Catalyst 6500 Series Firewall Services Module.

Firewall controls can be set based on IP address, protocols, and network access control lists, Hoe said. The Firewall Services Module is wholly separate from the module for IPSec VPN, which is also available for the Cisco Catalyst 6500 Series switches, as are modules for intrusion detection.

In addition, Cisco also announced what amounts to a re-branding of the Riverhead Networks equipment, Guard and Detector, which Cisco gained in its acquisition of Riverhead this March for $39 million. Guard and Detector are used to monitor traffic flows and combat distributed denial-of-service (DoS) attacks that can flood networks with unneeded traffic so that legitimate traffic is obstructed.

The Cisco Guard XT 5650 is a network appliance that compares traffic flows to profiles of normal traffic patterns, behavior and protocol compliance, among other features, and can be used to block attacks. The Cisco Traffic Anomaly Detector XT 5600 is used to identity a broad range of distributed DoS attacks and automate activation of the Cisco Guard XT 5650.

More info: http://www.nwfusion.com/news/2004/0602cisco.html