Category: Product

The Waltham, Mass.-based company will sell Immunix’s products as Novell AppArmor, Chief Executive Jack Messman said in a statement.

The product is designed to protect Linux and higher-level applications from external or internal attacks and viruses.

Immunix, based in Portland, Ore., was founded in 1998. It has somewhat fewer than 20 employees, chiefly programmers who focus on security work, said Novell spokesman Bruce Lowry. One of those employees is co-founder Crispin Cowan, who has been involved in Linux kernel security projects.

AppArmor works on Linux products using the 2.6 kernel, but Novell will support it only on its Suse Linux Enterprise Server product, Lowry said.

http://news.com.com/Novell+acquires+Linux+security+company/2100-7355_3-5702398.html?part=rss&tag=5702398&subj=news

The IBM Tivoli Federated Identity Manager is designed to let a user log on to an Internet computer system or network and then use that connection to access information or systems run by a business partner, service provider, or other affiliated company. For example, an employee could sign on to his company’s computer network and have that network provide the security authentication necessary when that user tries to access health-care insurance information on an insurer’s site or order parts from a supplier’s site. Some companies will take on both roles, confirming that a user signing on to the network is who they claim to be and then providing secure authentication when that user travels over the Internet to the sites of partners. A common way to share identities between providers means customers won’t have to replicate or stage business processes for their security providers, IBM says.

Identity management is a market that’s poised to take off in the next year or two, but few companies are able to deploy such software today without help, says Jon Oltsik, an analyst at Enterprise Strategy Group. “So IBM uses [Federated Identity Manager] to get through the door with customers,” he says, “and sets up IBM Global Services to make them ready.”

http://www.informationweek.com/showArticle.jhtml;jsessionid=DUUJ1L5ZK2NH4QSNDBNSKH0CJUMEKJVN?articleID=163100244

Businesses are looking for security products that do more than just put out fires on the network. They want technology that helps to protect the bottom line, especially when it comes to complying with the growing number of government regulations such as Sarbanes-Oxley and HIPAA. Failing to comply with those regulations, or not being able to prove that you’re complying, can damage a company’s revenue and reputation, and could even result in criminal charges.

RSA Security Inc. will introduce software to help companies monitor and report on their compliance efforts.

The RSA Reporting & Compliance Manager is designed to provide better logging and reporting capabilities for both IT administrators and auditors. The software provides views into user access rights and the activities of employees, partners, and customers working on networks protected by RSA security products. It can produce reports to show who has access to what data and who actually looked at what information, what changes have been made to access policies and who made them, and the number and types of unsuccessful unauthorized attempts at access.

http://www.informationweek.com/showArticle.jhtml;jsessionid=GZBQXMEDOA2N0QSNDBNCKH0CJUMEKJVN?articleID=162800084

Norman Kohlberger, senior regional product manager for Symantec Asia Pacific, said the main aim of the new product, which will be called Symantec Internet Security AntiSpyware Edition, was to make PC security as easy as possible for the end user. “What we are doing is reducing the complexity,” said Kohlberger. He said the new edition was an improvement on its predecessor because it not only protected the users’ personal data, but included real-time spyware and adware scanning.

Kohlberger said security vendors had to keep improving their products because the next generation of malware is being developed by organised criminals intent on making money from their victims.

http://www.zdnet.com.au/news/security/0,2000061744,39190671,00.htm

Cisco Systems Inc. showed off the first fruits of its recent Airespace Inc. acquisition at the Interop show, and the company opted for a more clever integration of tools than a simple rebranding.

Cisco is initially targeting health-care networks to use the locator system to monitor hospital and clinic equipment.

One location system is used for each central enterprise site where aggregation and network policy enforcement is required. Wi-Fi access points gather received signal strength indicators (RSSI) from 802.11 devices and tags, and Cisco Lightweight Access Point Protocol (LWAPP) controllers serve to aggregate RSSI information. Sun said the location appliance could, in theory, be integrated with an LWAPP controller, with a Layer 3 switch or an enterprise router, though some customers may want to independent 1U appliance to remain physically separate from these network elements.

Cisco has developed a rich color asset mapper for the WCS software, with mapped assets displayed on a graphic user interface through RFID information collected by the 2700 appliance.

http://informationweek.com/story/showArticle.jhtml?articleID=162101504

Juniper, which is expected to make the announcement at the Interop show in Las Vegas, will also outline a broad network security framework that it plans to fill out over the next few years.

The framework planned by Juniper gives IT managers a potential alternative to Cisco’s emerging Network Admission Control (NAC) technology and the Network Access Protection offering that Microsoft Corp. is developing.

Overall, the move to integrate security functions into the network layer is a good thing, said Hugh McArthur, director of information systems security at Online Resources Corp., a Chantilly, Va.-based online bill-processing firm. The security functions being delivered at the network layer also need to mature more before many users will feel confident enough to enable the automated responses to network threats and attacks that the technologies support, said Eric Beasley, senior network manager at Baker Hill Corp. in Carmel, Ind.

David Flynn, vice president of products for Juniper’s security tools and network-access routers, acknowledged that completely delivering on the Enterprise Infranet vision will be a multiyear process.

Another key difference is that Cisco is integrating the security into its networking equipment, while Juniper is offering its tools as an “overlay solution” designed to work with a mix of network gear, said Robert Whiteley, an analyst at Forrester Research Inc.

http://www.computerworld.com/networkingtopics/networking/story/0,10801,101450,00.html