Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

iPhone security, IP route hijack prevention on tap at RSA

Ellen Messmer | Feb. 14, 2011
RSA Conference product announcements will focus on everything from iPhone/iPad security to Windows 7 exploit security and the latest in Unified Threat Management.

FRAMINGHAM 14 FEBRUARY 2011 - As RSA Conference 2011 gets underway, a wave of enterprise security products and services will roll in:

Zscaler, which already provides cloud-based Web and e-mail filtering and anti-virus for computers, will add support for iPhone and iPad devices. "You should have one policy regardless of location or device," says Amit Sinha, CTO at Zscaler. Enterprises that want to adopt iPads and iPhones will be able to apply the Zscaler Mobile filtering controls by using the VPN technologies resident on the Apple devices. "They all ship with a VPN, so what we do is forward traffic to the Zscaler cloud," he says. The traffic is filtered there, and no special agent software is needed. The service costs $1 to $3 per user per month.

• Detecting and stopping IP route hijacking is the goal of Internet Identity's (IID) new service. Rod Rasmussen, president and CTO, said the firm, which specializes in finding ways to mitigate attacks against border-gateway protocol (BGP) routers and domain-name system gear, is making available its ActiveTrust BGP as a protective service.

The goal of the ActiveTrust BGP service, intended for use by both enterprises and service providers, is to prevent the type of BGP incident that occurred last year where 15% of the world's Internet traffic routes were advertised by a state-controlled telecommunications company, apparently erroneously, which funneled off traffic for Web sites, e-mail and other transactions, including that of U.S. government agencies.

The ActiveTrust service would recognize that start of this type of routing incident is occurring, whether accidentally or maliciously, and a 24x7 team of security analysts at IID would immediately communicate the issues to those using the ActveTrust BGP service. "People are trying to do bad things with the IP space," Rasmussen says.

The ActiveTrust BGP service monitors technical information in terms of announcements related to how ISPs route IP traffic and would help mitigate any incident by contacting Internet infrastructure providers, law enforcement, and other security contacts in order to resolve the issue.

Fortinet will be showcasing its new FortiGate-3140B Unified Threat Management device, which will not only work in the way a standard FortiGate appliance would but will add a way to do active-profiling of behavior to spot unusual traffic patterns in order to send alerts, quarantine or block based on anomalous behavior. Fortinet is also introducing its FortiAP-222B outdoor wireless access point. The upgraded FortiOS 4.0 MR3 operating system that's now part of FortiGate appliances allows for unified management of both wired and wireless networks from a single FortiGate platform, as well as active profiling, flow-based traffic inspection and the ability to support detection of wireless rogue access-points.


1  2  Next Page 

Sign up for Computerworld eNewsletters.