Author: admini

Primary Response 2.2 is software you install on Windows NT, 2000, 2003, or Solaris servers. It “immunizes” your servers against undefined intrusions, the way the human body defends itself against biological viruses it’s never seen before, according to its developer, Sana Security.

The basic security features of Primary Response 2.1, the software’s previous version, have just been certified by ICSA Labs, an independent testing firm, according to a lab spokesperson. This is the first such certification given to a new kind of program known as host-based intrusion prevention systems or HIPS, according to Dr. Steven Hofmeyr, Sana’s founder and chief scientist.

A NIPS solution is typically a hardware appliance that’s plugged in between a company’s servers and the Internet. Such devices monitor network traffic and protect the servers from inappropriate packets, such as hacker attacks. NIPS, however, cannot protect applications that are running on individual PCs or defend against the behavior of insiders, which most intrusions are.

Host-based intrusion prevention systems, such as Primary Response, install on each server that you wish to protect. Installing a HIPS solution, unfortunately, doesn’t eliminate the need for companies to also purchase NIPS and client-based security software.

But corporations can save big bucks with HIPS by installing Microsoft patches only once every calendar quarter, instead of once a month or more, Hofmeyr says.

A Primary Response 2.2 installation consists of at least one “management server,” which lists for $6,500, and one “agent” per server you wish to protect.

More info: http://itmanagement.earthweb.com/columns/executive_tech/article.php/3364491

SecurID is one of the most popular two-factor authentication systems and is already used by many large enterprises. The token is about the size of a matchbox and generates a new six-digit code every minute. Users are given an easy-to-remember PIN number to type in alongside the code displayed on the token.

With an integrated SecurID system within Windows, enterprises should find easier and cheaper to ensure users do not use weak passwords or forget them.

George Anderson, IT security business development manager at services firm Computacenter, which is one of the participants in the beta trial, said the SecurID and Windows combination is a welcome relief. “We recognise that password-only security has for some time been inadequate for truly protecting Windows workstations,” Anderson said.

The beta test programme is being rolled out to a small number of companies and is expected to last around a month.

RSA Security expects the full commercial version to be available in shortly after the trial ends. Jason Lewis, vice president of product management at RSA Security, said the technology complements RSA’s core business, which is to authenticate remote users. “We’ve been traditionally focused on security issues outside the firewall and although securing remote access is critical, the RSA SecurID for Microsoft Windows solution addresses a real threat to exposing an organisation’s sensitive data within the enterprise,” said Lewis.

The integration of SecurID and Windows was first announced at the RSA Security conference in San Francisco earlier this year. At the time, Microsoft’s chairman Bill Gates said the development signalled the death of the traditional password.

More info: http://news.zdnet.co.uk/hardware/0,39020351,39156548,00.htm