RSA Show Foor Opens – Some New Security Solutions
I’m generally not prepared to be surprised when I come to the largest IT security trade show. Like its counterparts in physical security (ISC and ASIS) there is not much new from one year to the next. But that’s kinda nice, too. Like walking into a McDonalds anywhere in the world, RSA feels familiar each year.
Maybe this year I had more of an open mind. Or maybe it’s because I started my tour of the show floor at the extreme end where the smallest booths and newest most innovative companies set up shop. (You know that the far ends of the floor – the cheap seats – are the coolest. That’s where you find the guys still working out of garages, with divorces pending because they are obsessed with some new technological breakthrough. That’s the cool stuff!)
I’ve seen Trusted Network Technologies before. This year they were giving away rubber chicken squeak toys. "Why did the chicken cross the road?" Rob asked me. I replied with the obvious answer. And he said "The obvious answer doesn’t apply to many things anymore, let me show how our way of doing access control is different." He hooked me. But I could you your help, Oh reader. I know these guys at Trusted Networks are on to something cool. They use a network device to monitor, then learn, then control access to resources. It’s a good idea. And I’m certain there is an application for physical security, not just network security. But I haven’t put my finger on it. Check out the site and let me know if you come up with something. It’s cool.
I looked at Splunk. That little booth had some cool people wearing cool shirts standing around cool LCD displays. They sell a Google-like search engine for audit and system logs of any system. search for any character string of any error or event that shows up in any of your systems and up pops every occurance, but it also sorts and analyzes the string. Troubleshooting network and system problems, on any system from firewalls to door controllers, would be faster and easier with this browser-based tool.
Avenda was alss interesting. The young company launched its beta product last month. The appliance is designed by some ex-Cisco guys to manage policy and access rules across environments mixing Microsoft NAP with Cisco NAC. In this blog I’ve written about NAC and NAP in relation to endpoint security. (See also columns in Security Magazine). Network Access Control (NAC) applies some security checks to any system connecting to the network. Avenda already partnered with Microsoft which loves the idea of having a tool to further encroach on Cisco’s core competency. But Cisco is reluctant to partner with these guys – probably because it legitimizes and even authorizes the use of competiting Microsot NAP in an otherwise Cisco-dominated network. Nevertheless, Avenda looks like a handy addition to any large environment mixing NAP and NAC.
Speaking of endpoint security, OPSWAT surprised me with an endpoint framework that I didn’t even know existed. I thought Promisec was the only framework for managing the various software components of endpoint security. OPSWAT has been around longer and has a very mature concept. The Israeli fellow I spoke to in the booth had not heard of Promisec but siad that company would be a fine customer of his. Hmmm. I’ll keep an eye on these guys.
I’m only a third of the way across the show floor. Watch from more technology posts this week.