In-depth: InfoSec show preview

Security starts right here MicroScope's introduction to the 2011 InfoSec show will help you find your way around. As the great and the good of the security industry get ready to assemble in London for Information Security show one of the challenges will be to try and get round the show floor and make the most of time, energy and shoe leather.

Security starts right here
MicroScope's introduction to the 2011 InfoSec show will help you find your way around

As the great and the good of the security industry get ready to assemble in London for Information Security show one of the challenges will be to try and get round the show floor and make the most of time, energy and shoe leather.
As usual there is a strong seminar programme and a hall packed full of vendors keen to tell resellers about their latest products. Along with the manufacturers there are also several distributors in attendance that will provide dealers with a chance to find out what the latest view is from that part of the market.
This selected guide will provide resellers with a quick idea of what will be happening at the show, which takes place between 19 and 21 April at Earl's Court.

Astaro, the leading European UTM provider, told MicroScope that it has introduced three new IT security solutions which it will be discussing at InfoSec; Astaro Application Control, Astaro Log Management and Astaro Endpoint Security.
Network configurations and the threat landscape have become increasingly complex, making it necessary for organisations to consolidate their IT security. Together the new technologies represent Astaro's commitment to offering the next generation of unified threat management solutions by providing IT security that extends beyond the perimeter, protects against modern threats and improves administrators' visibility into network operations.  

Attachmate and NetIQ
Attachmate and NetIQ are showcasing a portfolio of integrated security and compliance, enterprise fraud management and identity and access management solutions on stand E80, namely: Attachmate's LuminetT enterprise fraud management solution to tackle internal fraud and enable regulatory compliance; and NetIQ Directory and Resource AdministratorT to simplify Active Directory management, while enforcing administrative controls and improving security and compliance.

Becrypt told MicroScope that to reduce costs and improve productivity IT and security officers are looking for ways to provide more flexible or remote working capabilities. However, with the consumerisation of ICT, more and more staff are insisting on using their own kit, so the ICT department has a balancing act of providing access to data, but managing the associated risks and, most importantly, securing the end point.

C-MI Labs Plc
C-MI Labs Plc is promoting its product Radware integrated application delivery solutions, assuring full availability, maximum performance, and complete security of all business-critical applications.
On display will be Radware's real-time network attack prevention device with its four essential security modules - DoS Protection, NBA, IPS and Reputation Engine; a WAF appliance, securing Web applications for PCI compliance by mitigating web application security threats and vulnerabilities.
Also featured will be Radware's unique Virtual Application Delivery Infrastructure, reducing ADC expenses and gaining flexibility in creating virtual data centre workflow auto­mation.

Canon will be showcasing its security and Information Data Loss Prevention (IDLP) solutions, with a focus on extending this to print. This will include: Canon's uniFLOW V5 software and Image Runner Advance series of MFDs uniquely enable  organisations to safeguard business data around the MFD, and complete their DLP infrastructure. And scanning  and automatically removing sensitive information at source through Canon's eCopy: allowing the automatic removal of sensitive information in a printed document or electronic PDF file.

Check Point
Check Point said it would be showcasing its latest Software Blades which seamlessly add more security functions to networks. The new software blades add application control, identity awareness, data loss prevention and mobile access control, giving users better control over these emerging threat vectors, and giving VARs opportunities to revisit and upsell existing customers.

CiRRUS told MicroScope that the specialist market maker and value added distributor will use Info­Security 2011 both to launch its latest and exclusive portfolio of technology solutions vendors for the security market, and to effectively launch itself into the channel market.
Products include First Option Technologies - technical support for resellers and vendors; CronLab - ­anti-spam, web filtering, e-mail archiving solutions; iWebgate - a network ­security enabler; Deepnet - a comprehensive, cost effective two-factor authentication solution and VMInformer - compliance, security and auditing for virtual environments.
CiRRUS will also showcase Osirium, a UK-based IT Security and Infrastructure solution.

DeviceLock Inc
DeviceLock Inc said it will be demonstrating DeviceLock 7.0 Endpoint DLP Suite, its endpoint security solution, which addresses the needs of enterprises that require an affordable approach to preventing unauthorised data leaks. It will also look at the need for businesses to have adequate security measures in place, protecting a business' cloud infrastructure as well as its endpoint computers and devices, a topic that will be covered in more detail during DeviceLock's presentation at the Technical Theatre at 12:40 on Thursday 21 April.

F5 Networks
F5 Networks will demonstrate how the proliferation of smartphones and mobile devices such as tablets are forcing organisations to simultaneously evolve both their IT security and scalability. This trend has created a huge opportunity for the channel to help customers grow their networks securely, without compromising on usability or speed.  F5 will also be demonstrating how its solutions can aid PCI compliance, mitigate DoS/DDoS attacks and secure the cloud - pressing topics for organisations everywhere.

FireEye told MicroScope that it will be previewing its next-generation Malware Protection Systems (MPS) that protect against the zero-day and targeted cyber attacks which evade traditional security defences.
Using FireEye's Web Malware Protection System (MPS), organisations can secure their networks against inbound, zero-hour malware, outbound data theft callbacks, and dynamically innoculate their networks against future attacks.
The FireEye MPS blocks targeted attacks, zero-day exploits, advanced persistent threats, and provides accurate, actionable forensics that detail the exact nature of an inbound attack or outbound callback, such as keylogging and other data theft or fraudulent transaction activities.

G Data
G Data, which creates Antivirus software, will showcase several new products.
New 2012 retail products (G Data Antivirus 2012, G Data InternetSecurity 2012, G Data Total Care 2012, G Data NotebookSecurity 2012 and G Data InternetSecurity for Netbooks 2012). MobileSecurity for Android smartphones.
G Data will also discuss current threats for mobiles. CloudSecurity - a free browser plug-in designed to protect against websites contaminated with malware. Endpointprotection -  protects businesses against Internet risks and simultaneously guarantees adherence to corporate.
Eddy Willems, G Data security evangelist, will be making a presentation on Thursday 21 April at 14:40, entitled "Twenty-five years of malware: International cyber attacks to turn corporate."

GrIDsure Authentication Platform
GrIDsure Authentication Platform (GAP), told MicroScope that one of the greatest barriers to enterprise cloud adoption is security and, in particular, user authentication.
Passwords are not sufficient for public and shared services and may well be outside of defined corporate policy, it said. GrIDsure's products enable providers and enterprises to protect their cloud services with strong authentication. GrIDsure's unique, pattern-based authentication method creates a one-time passcode by presenting users with a grid of random numbers from which they enter the values in their pre-registered pattern. There is no need for costly hardware or tokens.

Imperva said it will be presenting a talk on new attack schemes and models as uncovered recently in its research labs.
Its findings are a result of its hacker intelligence initiative (HII). The HII is a research effort focused on providing deeper insight on how cyber criminals conduct large-scale cyber attacks, as well as shedding light on the evolution of the underground business of cyber criminals. This work allows Imperva to recognise the source of attacks and, subsequently, to provide an out-of-the-box defence against automated attacks.
Imperva's offering of ThreatRadar, an add-on to their Web Application Firewall (WAF), provides automated, reputation-based defence against large scale industrialised cyber ­attacks.
By integrating credible, timely information on known attack sources into the WAF defence, ThreatRadar can quickly and accurately stop traffic from malicious sources before an attack can be launched.

Idappcom told MicroScope that Traffic IQ v2.0 is an automated auditing and vulnerability assessment testing tool that has an extensive traffic ­library which includes thousands of real threats plus corresponding security rules for the latest threats.
Anthony Haywood will demonstrate how not all security products are 100% effective and let in quite a lot of known threats, and how to optimise security systems already in place to ensure a company is fully protected.

Ixia said that Dave Schneider, senior manager market development with operators and equipment manufacturers across the network security landscape, will be discussing how it is developing its security strategy to meet evolving challenges.
Schneider will share his expertise on technology, techniques and tools for security validation, and will also talk through the results of the first public demonstration (7 April) of methodology for measuring the effectiveness and performance of network security appliances, which Ixia is currently developing with ICSA labs.

Kaspersky Lab
Kaspersky Lab will discuss how security threats have evolved in line with the changing technology landscape, such as virtualised desktop environments, workforces that carry the company's datacentre on their smartphones and applications that are served from the cloud.

LANDesk told MicroScope that LANDesk Software, a global leader in systems lifecycle management, endpoint security and IT service management, will host one-to-one and self service demonstrations of its Security Suite and Management Suite products, including its mobility management solution. Additionally, by entering the Holiday Security Survey at the stand, delegates stand the chance of winning an iPad1.  LANDesk will be giving away one device daily.

NitroSecurity said it will present two products. First, NitroSecurity will demonstrate the revolutionary NitroRSC Correlation Engine, which can calculate a "risk score" based on the asset value, vulnerability profile and event scoring. IT managers can proactively evaluate risks and effectively identify emerging threats based on the scores.
Second, NitroView ESM X3 SIEM Appliance: the ESM X3 can collect up to 150,000 network events per second and can concurrently analyse up to 40 billion events. The ESM X3 has blazing fast performance and keeps months of data online and instantly accessible with 320GB of SSD and a 7Tb hard disc-drive to balance speed with reliability.

Origin Storage
Origin Storage told MicroScope that at InfoSecurity it will launch Data Locker 3 - one of the most secure PIN-encrypted portable hard disc drives in the market, designed for mobile users who require high capacity storage and protection.
The enterprise edition of Data Locker is now FIPS 140-2 accredited: this edition prevents unauthorised access by using military grade 256-bit AES hardware encryption.
Also at the show, Origin Storage will be show-casing Enigma - a self encrypting drive which is supplied with a Seagate FIPS140-2 drive and is the first solution to provide companies of all sizes with a quick and cost effective way to secure laptops using the highest level of hardware AES 256-bit encryption.

Pentura said that Giri Sivanesen, senior manager for policy, risk and compliance, will be attending. Sivanesen has over eight years experience in national, physical and information security and has worked with clients in the intelligence community, law enforcement and central government.
Sivanesen has also acted as security adviser and counter-penetration officer for a central government organisation where he worked to counter threats from electronic attack, espionage and serious and organised crime. Sivanesen will discuss how espionage has evolved, the risks organisations face today and what proportionate security controls are needed to raise defences.

PragmaticDefence Ltd
PragmaticDefence Ltd told MicroScope that it will be launching Pharos, which provides the industry's first vendor-agnostic, cyber security situational awareness (CyberSSA) and security reporting platform. ­Pharos provides organisations with the only CyberSSA platform for all their IT and Security reporting needs. A three-step process enables data collection of information sources, analysis of customer-defined thresholds and clear reporting screens.

Qualys told MicroScope that it will showcase a couple of new products. IronBee is a new open source project to provide the next-generation of web application firewall (WAF) technology. Led by the team that designed and built ModSecurity, this new project aims to produce a web application firewall sensor that is secure, high-performing, portable, and freely available - even for commercial use.  
QualysGuard Policy Compliance 3.0, providing more comprehensive policy compliance scanning capabilities without the need to install agents. The latest version expands support for new operating systems and adds support for scanning databases and network devices - providing customers with a full, in-depth view of IT policy compliance across all assets.

Tripwire told MicroScope that as a leading global provider of IT security and compliance automation solutions, they will discus the results of its first benchmark study produced in collaboration with the Ponemon Institute, estimating the costs associated with an organisation's compliance efforts.
The study found the average cost of compliance is around £2.2m. However, non-compliance costs around £5.9m, nearly three times more than investing in compliance activities.
Tripwire will highlight the issues and offer suggestions on best practices for data protection.

SafeNet said it will be will be showcasing Trusted Cloud Fabric™ - its practical framework for delivering  the trust, security, and compliance enterprises demand when  moving data, applications and systems to the cloud - including ProtectV  Instance for virtual machine encryption;  ProtectV Volume for virtual storage encryption, and SAM 8.0 authentication for secure SaaS access.

Skybox Security
Skybox Security told MicroScope that Skybox View 5.5, which includes advanced new network mapping capabilities, change tracking capabilities and change assurance workflow, and enhanced device checking features.  
The product strengthens an organisation's security posture by enabling network vulnerabilities to be found and closed quickly, even in complex networks with tens or hundreds of thousands of devices. This prevents attacks before they can be mounted.

Stonewood, encryption experts, told MicroScope that it will be announcing the general availability of its Orion management system, allowing organisations to remotely control their encrypted hardware.
Stonewood will also demonstrate its full range of accredited encrypted hardware, from USB drives to bespoke internal drives, that are designed for users from businesses to the military.
Chris McIntosh, CEO of Stonewood, will be present at the show to discuss encryption, data protection and the role of the Information Commissioner's Office.

Veracode told MicroScope that at Infosecurity Europe, it will be demonstrating its platform live, as well as discussing the latest application threats - including the top 10 mobile application risks across the major mobile platforms.

Wick Hill
Wick Hill said it will conduct two live hacks per day from its stand, demonstrating the ease with which voice-over-IP can be hacked.
These hacks include the same type as those shown in the recent Ocean's Eleven film. Solutions to prevent such hacking will also be demonstrated.
Wick Hill will also show a wide range of new and established security solutions from vendors such as WatchGuard, Check Point, LogLogic, Panasonic, Sipera and VIPRE ­Business.
These include WatchGuard's latest XTM software, which features powerful new ways to control security; Control Phreak, which prevents toll fraud, in conjunction with Panasonic's voice switch systems; LogLogic 5, with support for the recently launched VMware VCloudT Director, which lets cloud computing users operate a secure, efficient IT infrastructure within a compliance framework; and Abra from Check Point, which provides a radical alternative to securing remote users, while cutting costs and simplifying administration.

Winfrasoft told MicroScope that it is launching its new AuthCentral with Pin-plus-two-factor authentication software and appliance offering.
AuthCentral utilises Pin+token technology, a system which will allow the security industry to ditch traditional passwords, Pins and tokens for a much higher level of security and usability through the use of visual patterns.
Also launching is the ActiveSync Gateway, an appliance dedicated to securing and filtering the ActiveSync mobile phone protocol which is used by most device manufacturers to access corporate e-mail systems.

Read more on Data Protection Services