Raise The Shield: 25 Hot New Security Products At RSA Conference 2011

Fighting The Fight

RSA Conference 2011 is set to take San Francisco by storm this week, swarming the Moscone Center from Feb. 14 to Feb 18. It's become the security conference to end all security conferences, and a global cadre of tens of thousands of security pros are ready to show their expertise, hone their skills and highlight what's needed to ensure everything is locked up tight and right and impermeable by cybercriminals, hackers, attackers and crackers.

And the show floor will bustle with sweet new gear to ensure everything -- the network, the cloud, the laptop, the desktop, the data center and every other part of the IT ecosystem -- is secure.

Here, we take a look at 25 hot new security products that will be showcased during the week-long de facto security show that is RSA Conference 2011.

WatchGuard Application Control

WatchGuard wants you to take back control of your network. The company said that its new WatchGuard Application Control, which will be showcased at RSA this week, gives businesses in-depth, granular control over Web 2.0 applications, such as Facebook, Twitter, LinkedIn and more. Along with protecting against the next generation of threats that leverage these popular Web 2.0 applications, WatchGuard Application Control also lets businesses can rein in how individual employees use such applications, directly from the corporate firewall. Companies can easily decide who, what, when, where, why and how applications are used on the network.

Huawei Symantec Secospace USG5500

The Huawei Symantec Secospace USG5500 series, which will be unveiled at RSA, is a new portfolio of unified gateway security solutions aimed at enterprise and data center customers. Through advanced multi-core architecture and FPGA-acceleration technology, the Secospace USG5500 series supports large-scale deployments across enterprises, cloud service providers and data centers. Its solutions can support a premium density of 64 Gigabit Ethernet and 14-Port 10 Gigabit Ethernet interfaces -- enough to achieve 30 Gbps firewall throughput -- while offering anti-virus, anti-spam, IPS and URL filtering capabilities, ensuring a secure network environment for cloud based service delivery.

Motorola AirDefense Service Platform -- Dedicated Sensing

At RSA, Motorola's AirDefense will show off the AirDefense Services Platform, which uses collaborative intelligence with dedicated sensors that work in tandem with a hardened purpose-built appliance to monitor all 802.11 (a/b/g/n) wireless traffic in real time. The solution provides advanced rogue detection and mitigation, intrusion prevention, automated protection, and wireless vulnerability assessments and scales to support single offices as well as organizations with hundreds of locations around the globe.

GoldKey Secure Portal

GoldKey Security Corporation will launch a private cloud storage and online authentication security appliance that relies solely on hardware tokens for key management. The company said the combination will be a new standard for enterprises that want to protect and maintain control of their data both in and out of the cloud.

The GoldKey Secure Portal provides a way to incorporate a secure, multi-factor login and authentication to Web sites or online applications. With military-grade 256-bit AES encryption and a mutual-authentication technique developed by GoldKey Security Corporation, companies can defeat man-in-the-middle attacks and password brute-force attempts.

Adding the GoldKey Secure Portal appliance to a data center creates virtual "vaults" on existing servers and storage that are completely private, yet easy for authorized users to access and manage with a GoldKey. GoldKey is an integrated security solution that incorporates twelve security strategies into a single device.

Astaro Log Management

Astaro will launch Astaro Log Management (shown) at RSA, which allows Astaro Security Gateway users to centrally store and analyze log data from all systems and applications. With its error tracking, policy protection and automatic alerts, it can reduce troubleshooting time by up to 80 percent while helping companies comply with PCI and other regulations.

Astaro also plans to launch a Next Generation Firewall subscription for visibility and control of Internet usage and applications, and new Endpoint Security controls for the use of USB ports, DVD drives and other peripheral devices.

Security Innovation TeamMentor OWASP Edition

Security Innovation at RSA will highlight its new TeamMentor OWASP Edition, which was developed for the Open Web Application Security Project community of corporations, educational organizations and individuals from around the world working to create freely-available articles, methodologies, documentation, tools and technologies. TeamMentor is a secure development process product. The company said most secure application development efforts fail due to time, level of effort and quality issues -- but it generally falls down to inadequate guidance. TeamMentor OWASP Edition is a Web-based product that provides guidance to anyone in the community as they design, code, and test; helping improve application security.

TeamMentor is a centralized and broadly available collection of development assets. By tailoring content for users, Security Innovation has focused on meeting the needs of PCI-DSS and OWASP mandates and standards and the demand for application security knowledge. This edition is free and available for download to anyone who needs a set of secure coding standards.


At RSA, TITUS will launch TITUS Aware, which the company said prevents email data loss by bringing user driven security to the desktop, where users are educated on security policy and given the ability to remediate potential data breaches before they happen. Integrated into Microsoft Outlook, the solution complements an organization's data loss prevention strategy by involving the most important part of security: the user.

Check Point R75

Check Point will show off Check Point R75, the first products to fit into its 3D Security program that focuses on three key dimensions of security: policy, people and enforcement. The Check Point R75 platform is a free upgrade to existing customers and includes new virtual blades to cover application control, identity awareness, data loss prevention and mobile access. The new blades, or modules, run on the Check Point UTM-1 and Power-1 security appliances, IP appliances, open services and within virtualized environments and on endpoints.

QualysGuard Web Application Scanning 2.0

Qualys is set to launch QualysGuard Web Application Scanning 2.0, which includes several major enhancements to help customers catalog their Web applications on a global scale and scan them for vulnerabilities that can lead to exploitation. The new release, delivered via the QualysGuard SaaS platform and its new Java-based backend, comes with a new Web 2.0 user interface for flexible reporting and automation of scanning tasks. QualysGuard WAS 2.0 will be available on March 1, 2011 in beta to QualysGuard subscribers. It will be sold as an annual subscription based on the number of Web applications, and includes 24x7 support and full updates.

NitroSecurity NitroView 8.5

NitroSecurity will showcase its latest security information and event management (SIEM) offering, NitroView 8.5 at RSA this week. Available in March as part of NitroView 8.5 is the NitroView ESM X3, (shown), which delivers two times the performance of the NitroView ESM 5000 series and retains months of data on-line. NitroView ESM X3 features collection rates up to 150,000 events per second, concurrent analysis of 40 billion rows of events and flows, production of reports and queries in under a minute, support for up to 50 TB of direct-attached HDD storage and high-speed I/O using 320 GB SSD in addition to 7 TB HDD. Also available as part of Version 8.5 are the NitroView Receiver 4500 and NitroView Virtual Receivers.

NitroSecurity will also showcase NitroView 9.0, which is coming this summer.

Sourcefire Immunet 3.0

Sourcefire will highlight Immunet 3.0, its cloud-based anti-malware solution, which offers a cloud-based Collective Immunity platform to deliver real-time protection against zero-day attacks by leveraging the collective presence of Immunet's 850,000 worldwide users for increased endpoint protection. The solution enables businesses and consumers to create custom anti-malware signatures for more accurate protection against targeted attacks and offers an innovative Cloud Recall feature that can remediate previously approved files, automatically quarantining them in real time based on new threat information.

Lenovo SecureDoc

Lenovo at RSA will launch SecureDoc for Lenovo, a full-disk encryption (FDE) solution for central management of new self-encryption hard drives that meet the Opal standard issued by the Trusted Computing Group. Lenovo ThinkPad laptops and ThinkCentre desktops will be among the first PCs to offer Opal standard FDE drives for an enhanced level of security and manageability for IT administrators.

SecureDoc also delivers fully-managed software encryption for PCs without self-encrypting hard drives, providing flexibility and a migration path for large organizations with strong security requirements, such as in healthcare, banking, education, insurance and government. SecureDoc provides transparent pre-boot support for finger-print readers built into select Lenovo ThinkPad laptops and ThinkCentre desktops. The integration of FDE with multi-factor authentication allows organizations to strengthen data security without negatively impacting productivity.

SecureDoc is available on current and upcoming ThinkPad laptops as well as ThinkCentre desktops using the new Opal self-encrypting drives from Hitachi and Seagate Technology or unencrypted drives.

AppRiver SecureSurf

AppRiver SecureSurf, which AppRiver will show off at RSA, is an easy-to-deploy hosted solution that protects companies against online threats by incorporating security information from a number of sources, including AppRiver's own award-winning spam filtering service. The SecureSurf process checks targeted Web sites against a continuously updated list of Web sites known to distribute malware or viruses, or that contain pornography and other objectionable content. Additionally, SecureSurf allows companies to establish thorough Web surfing policies, monitor Web usage and create whitelists of known good sites. For those Web sites that appear to be somewhat suspicious, the service directs these sites to a hosted proxy server, which can conduct a rapid, detailed content analysis.

Xceedium GateKeeper Version 5.2.1

Enterprises and government agencies use the Xceedium GateKeeper to control, contain and audit the activity of privileged users, inside and outside the network. Version 5.2.1, which Xceedium will launch at RSA, streamlines access by privileged users who are connecting remotely to a network through an SSL VPN. Once a user has authenticated to the SSL VPN, Xceedium GateKeeper transparently picks up their credentials and uses them to authenticate the user to the GateKeeper and initialize their access policy. The GateKeeper now includes tight integration with the dominant remote access security solutions -- Cisco ASA 5500 Series Adaptive Security Appliances, F5 FirePass SSL VPN and Juniper SA Series SSL VPN Appliances.

Lancope StealthWatch 6.0

At RSA, Lancope plans to show off the fruits of what the company calls its largest product release in a decade: Lancope StealthWatch 6.0. StealthWatch 6.0 is for flow-based security, network and application performance monitoring across physical and virtual environments. The new StealthWatch 6.0 leverages NetFlow, sFlow and other flow data from existing routers and switches to extend visibility to the application layer through behavior analysis and deep packet inspection. With StealthWatch 6.0, network operations and security teams can obtain actionable insight into who is using the network, what applications and services are in use, and how well they are performing -- and to reduce the time from problem onset to resolution.

Juniper SRX-vGW Series Services Gateway

With security a primary concern in enterprise cloud adoption, Juniper at RSA will debut the SRX-vGW Series Services Gateway, which pairs technology acquired from Altor with Juniper's SRX Series Services Gateways. Designed to provide a consistent, virtualization-aware solution for private and public cloud deployments, vGW marks the first step in Juniper's multi-phased strategy to unify security environments for physical and virtual networks. Juniper's SRX-vGW integration sheds light into virtual networks by having the vGW automatically populate VM membership into Juniper SRX Zones for consumption by the Juniper SRX administrator. Key features include zone-based smart policy groups that are automatically created on the hypervisor; automated security for new or cloned VMs; automated VM compliance assessment based on VM attributes, such as virtual network settings, VM operating system patch levels, installed applications and patch level; and quarantine of ’non-compliant’ VMs to eliminate administrative errors and reduce risks to the virtualized environment from non-compliant VMs.

Identity Finder Version 5.0

Identity Finder will launch version 5.0, which includes new searching support for e-mail systems and enterprise servers, centralized remediation and configuration management and vastly improved application performance. Identity Finder helps organizations reduce the risk of data leakage and identity theft by locating and securing sensitive information in all file types, on file servers, e-mail servers, network databases, company websites and desktop hard drives. Identity Finder then enables administrators and end-users to digitally shred, redact, encrypt or quarantine the information based on specific policies and requirements. With the Identity Finder DLP Console 5.0 administrators may perform remediation remotely from a centralized interface. Advanced data filtering enables users to analyze mission-critical data in real time, as well as generate custom reports. Enhancements to both the Mac and Windows clients significantly improve accuracy and performance and provide support for additional browsers, applications and e-mail servers.

NetWitness Visualize

NetWitness will showcase Visualize at RSA, a "Minority Report"-style visualization of an organization's network traffic. Visualize graphically renders large volumes of network content such as audio, documents, and images, and enables security analysts to manipulate a visual timeline of a network event or query, deeply interrogate and review all the related objects and understand all the contextual network metadata associated with each object.

NetWitness also plans to demonstrate and highlight Spectrum, an automated malware analysis offering.

MokaFive Suite 3.0

MokaFive will launch its MokaFive Suite 3.0 at RSA this week introducing full support for Windows 7, improved security features and multi-tenant capabilities for managed service providers. The solution presents a high performance, secure and cost-effective alternative to VDI.

By encapsulating Windows 7 into a virtual desktop, customers can now remotely deploy Windows 7 without a deskside visit. MokaFive has partnered with AVG to provide a built-in anti-malware scan to enable use of personal devices for business. MokaFive Suite Service Provider Edition enables MSPs to provide desktop management from the cloud by offering managed service providers true multi-tenancy, golden image management tools and consolidated cross-tenant reporting. Service Providers can now provide managed desktop services with a shared infrastructure that is lightweight and easily scalable.

Mykonos Security Appliance -- Jujitsu Release

Mykonos software will use RSA to launch the Jujitsu Release of the Mykonos Security Appliance, a Web application firewall appliance that detects, tags, tracks and stops hackers in real-time.

New Features include a Cross Site Request Forgery processor that protects against that type of attack as well as a new reporting management system that enables administrators to share valuable hacker data with their internal stakeholders. Key infrastructure improvements also enable the product to work seamlessly within enterprise IT environments. These features include SSL configuration to secure internal communication and third party authentication for access to the product and the ability for devices to connect to multiple V-LANS. A command line interface is also included for power users.

Fortinet FortiGate-3140B

Fortinet at RSA will launch a new data center security appliance, FortiGate-3140B, which is designed to thwart threats in high-speed networks. The FortiGate-3140B consolidated security appliance is designed for large enterprises and data centers requiring maximum firewall, virtual private network and intrusion prevention system (IPS) performance to optimize protection against blended threats, destructive malware and constantly evolving attempts to breach security in high-speed network environments. The FortiGate-3140B offers up to 58 gigabits-per-second of firewall performance, 10 Gbps of IPS performance, and up to 22 gigabits-per-second of VPN performance, in a two rack unit form factor. The new appliance comes standard with ten 10-gigabit Ethernet ports and offers a total of 22 ports, meaning the FortiGate-3140B can be deployed as either a high-performance firewall or a unified threat management solution that can be easily configured to concurrently support VPN, IPS, application control, anti-spam and anti-virus security measures without degrading performance.

Sophos Virtual E-mail Security Appliance

As part of its E-mail Security and Data Protection line, Sophos will launch the Sophos Virtual E-mail Security Appliance, a virtual security appliance that delivers strong security, data protection and simplified management in VMware virtual environments. The virtual appliance combines DLP and e-mail encryption with proactive spam and malware protection.

It provides protection against zero-day malware threats with proactive Sophos Behavioral Genotype technology; integrated SPX email encryption and DLP via pre-packaged sensitive data intelligence via SophosLabs; Sender Genotype and live in-the-cloud anti-spam lookups to block over 99% of spam; a managed appliance experience with automatic updates, monitoring, alerting, and remote remediation; simplified administration with 3-clicks-to-anywhere management; extended streamlined provisioning, responsiveness, installation and deployment with quick Open Virtualization Format images via pre-configured performance profiles; and iinteroperability and clustering with Sophos’ hardware appliances and other Sophos solutions.

Certes Networks Variable Speed Encryptors

Certes Networks (formerly CipherOptics) announced a new line of Variable Speed Encryptors (VSE), which change the economics of network encryption by allowing customers to customize encryption throughput to match bandwidth speeds from 3Mbps to 10Gbps.

The CEP VSEs integrate easily into any existing network, providing wire-speed AES 256 bit encryption. The VSEs are compatible with CipherEngine, Certes Networks' group encryption management solution that eliminates the complexity and performance compromises of traditional network encryption.

Solera OS 5.0

Solera will launch the latest update to its network forensics platform, Solera OS 5.0. The suite of DeepSee network forensics applications provides visibility into all network activity. New features like Application Classification and Description, DeepSee Active Reporting and Geolocation create a solution to protect against unknown threats in the network. Solera OS 5.0 lets users investigate the full scope of the incident to pinpoint exactly when, where and how the incident happened. The intuitive interface helps users navigate through the system. Solera OS 5.0 is designed to help reduce time to incident resolution.

Geolocation (shown) enables views of all traffic and alerts to patterns that may identify abnormal or suspect traffic to and from locations of interest. In chart or 3D Google Maps form, users have global views of every stream in an out of the network.

GentleSecurity LeakWall

GentleSecurity will launch LeakWall at RSA this week, a content-aware endpoint DLP system that enforces content-centric policies regarding processing, use, transit and storage of classified data, protecting from theft and accidental leakage. Content is classified through deep data inspection, identifying partial and modified content. Policies allow audits and control content transmission, access and modification. LeakWall prevents malicious leaks by insiders, malware or intruders' covert channels; and encryption, device and Web holistic access controls add value beyond DLP.

With its advanced classification method and integration with Microsoft Group Policy, LeakWall also provides dynamic profiling and discovery features.