April 14, 2003 7:53 AM PDT
New tools aim to secure corporate IT
- Related Stories
Web services specs focus on securityDecember 18, 2002
The announcements were made in conjunction with the RSA Conference 2003, which started Sunday and runs through Thursday in San Francisco.
Well-known companies at the conference like Hewlett-Packard and VeriSign and lesser-known ones such as Netegrity and Renesas Technology America are showcasing technologies to secure corporate networks, mobile devices, storage systems and Web services.
VeriSign said it will introduce software that adds security to Web services applications through its hosted security service. The gateway software resides on a company's premises and connects via the Internet to VeriSign's public key infrastructure (PKI) encryption security service.
Using the gateway, businesses can overlay security to Web services applications based on corporate policies, rather than write security into each individual Web service, VeriSign executives said. The software uses the emerging WS-Security standard, which was co-authored by VeriSign, for secure communications. The subscription service starts at $50,000 a year.
Meanwhile, security companies Netegrity and Business Layers said they are jointly demonstrating a new XML-based product for identity management. Business Layers makes software designed to allocate and then track computing equipment and network accounts given to employees. The product is designed to allow companies to secure their Web services and to automate, centralize and manage the process of doling out employee access to internal and external corporate systems and data.
Web services, which analysts have repeatedly said will catch on only after security concerns are addressed, are designed to connect business applications together over the Internet or to allow a company to use software to link its internal systems.
New security technology for mobile devices--such as smart phones and personal digital assistants--that connects to corporate networks is also being showcased at the conference. Renesas, a U.S. subsidiary of a joint semiconductor venture between Hitachi and Mitsubishi Electric, said it is demonstrating a stamp-size card designed to provide stronger security for mobile devices. The new product, the RSA SecurID, was co-developed with RSA Security.
Meanwhile, HP is announcing several products that span a variety of corporate security needs.
The company said it will unveil the HP Firewall/VPN Server: Check Point Edition, which is designed to secure servers running the Linux operating system. HP said it will also announce a product called Install-time Security for HP-UX 11i. The product allows customers to select a predefined security level at the time of server installation and have systems automatically perform numerous security operations, such as firewall and password policy configuration, the company said.
HP also plans to release its HP Atalla Secure Configuration Assistant, a set of tools designed to configure and manage security keys with its network security processor products.
Despite the various software and hardware products announced Monday, exactly how eagerly corporate America will accept them remains a question. Increasingly, companies have sought complete IT security packages. Security chiefs are looking for ways to reduce the number of companies they must deal with, which also would decrease the likelihood of interoperability problems with their security systems.
CNET News.com's Martin LaMonica contributed to this report.