What&'s Hot At RSA
At the show, security bellwether McAfee will be touting its foray into this market with its NAC-focused Policy Enforcer product that is currently in beta testing. 3Com&'s TippingPoint unit is also setting its sights on NAC with the availability of a software upgrade called Quarantine Protection for its intrusion-prevention systems and its integration with Microsoft&'s Network Access Protection platform.
VARs believe that NAC represents a growing market opportunity but, they say, it may take some time for customers to warm up to the idea of the technology&'s benefits and make room for it in their IT budgets.
“I hope to see around 10 [percent] to 15 percent in sales from NAC solutions this year,” said Michael McKinzie, president of security solution provider Securtek, Irvine Calif. “The challenge is customers have not budgeted for this, and we have to educate them a bit, so 2007 should be much better.”
Other VARs agree. Jim Hindy, CEO of Entre BTG, a Norcross, Ga.-based solution provider, said that while there is a definite need for companies to protect their networks with NAC solutions, it will take time for the market to adopt it. “I&'m guessing that by the third quarter of this year we will see some momentum, and more in the fourth. By the end of this year we&'ll see some real investments in [NAC],” Hindy said.
Santa Clara, Calif.-based McAfee is banking big on NAC&'s potential. Policy Enforcer will be a component of its ePolicy Orchestrator product that manages compliance policies and updates. More importantly to VARs, said David Roberts, senior vice president of North American channel sales at McAfee, the vendor is beefing up its channel strategy for Policy Enforcer and hopes to recruit new partners. “I expect that we will make a push toward VARs with a lot of networking skills that we don&'t have today in our channel,” Roberts said.
Roberts would not say exactly how many new partners McAfee is looking to recruit, but he did say that it plans to more than triple the head count of its channel managers in the field who are training VARs on the new Policy Enforcer. “My investment in our channel in 2006 is doubling what it was a year ago. I felt like I needed much more head count coverage in North America because with this type of sale, McAfee has to be much more intimate with the reseller,” Roberts said.
Policy Enforcer is being targeted at larger enterprise customers and the list price will be $27.64 per node for a 1,001- to 2,000-node environment. It will be available in March.
Meanwhile, TippingPoint&'s Quarantine feature works, when IPS and SMS are deployed together, by scanning end-point devices before they are allowed on the network, the company said, and if a machine is infected, the port that is trying to be accessed on the network will be blocked or the user will be redirected to a VLAN for remediation. “We can now reach down to the device and make sure it is no longer a threat,” said Senior Product Manager Robert Albach, adding that customers do not have to have 3Com switches for Quarantine to work.
NAC is not the only area of security that vendors will be promoting at RSA.
Cisco Systems is using the show as a venue to unveil significant advancements in its security lineup. The San Jose-based networking giant is launching Cisco Security Manager 3.0, which, despite the 3.0 moniker, is a brand-new platform that allows for simplified policy administration across multivendor environments. Cisco also is adding SSL VPN capabilities to both its ASA all-in-one security appliances and its routers, including the increasingly popular Integrated Services Router (ISR) line.
Also at RSA, Cisco is launching its “Anti-X” initiative, which pairs the vendor&'s ASA unified threat management appliances with Trend Micro software. Cisco&'s Content Security and Control Security Services Module integrates Trend Micro&'s antivirus, antispyware, antiphishing, antimalware and URL filtering with Cisco&'s firewall, VPN and IPS.
Sunnyvale Calif.-based security vendor SonicWall is debuting at RSA its Continuous Data Protection products that it obtained through its acquisition of Lasso Logic back in November. Now rebranded as SonicWall appliances, the CDP products take any new data entered into a PC and route it off-site to be stored in a data center in realtime. This ensures that in the event of a disaster, traditional backup tapes located on-site are not destroyed, said Anna Yen, general manager of SonicWall&'s CDP unit.
“Tape backup is unreliable,” Yen said. “It requires someone to manually insert tapes every night, and people forget to rotate tapes or take them off-site.” For now, SonicWall technology has not been integrated into the CDP product line, but the company said it plans to integrate its Global Management System sometime later in the year, which will allow the appliance to be managed from the same Web interface that is currently being used to remotely manage all SonicWall firewall and content filtering appliances. The appliance is being marketed to smaller businesses at a price of about $4,000, not including software and services costs.
VARs are anticipating data recovery to be a hot market this year, especially after disasters such as Hurricane Katrina. And with a product that uses no tapes and sends data to an off-site data center, there is the potential for a lot of money to be made in services, said Monte Robertson, president of security solution provider Software Security Solutions in Lakewood, Colo. “People are going to and need to have a backup strategy [so that] in the event you lose everything, you can still rebuild,” Robertson said.
Atlanta-based Internet Security Systems will use the RSA show to announce that it is adding a new product to its Proventia line. Network Anomaly Detection System will provide IT departments with a clear view of an organization&'s network behavior that reports back anomalies in otherwise normal network activity. The appliance will ensure that an employee in the sales department, for example, isn&'t accessing payroll data, said Mark Butler, director of product marketing at ISS. ADS will be sold as either a stand- alone device or it can be integrated into ISS&' SiteProtector management system product. “With ADS, you&'ll find out there are ports open on your network that you thought were closed,” Butler said. “ADS is a whole new approach to security that we haven&'t done before,” he said.
The Proventia Network ADS product will be available in March. Pricing has not yet been determined.
Check Point Software Technologies&' Zone Labs, meanwhile, will launch the beta release of a new 64-bit version of its ZoneAlarm firewall at the show. It will be available immediately for a free download. While most viruses and malware aren&'t written to exploit the 64-bit version of Microsoft XP, there were variants of the Sober and the most recent Kama Sutra worm that were effective in infecting PCs with those operating systems, said Vice President Laura Yecies. ”Many of our users are early adopters and we wanted to have that product available to them,” Yecies said.
The premium versions of the new 64-bit ZoneAlarm are expected to be rolled out sometime in July.