SCOTTSDALE, Ariz.—Hoping to bring new efficiencies to corporate computing, companies here at DEMO 2004 demonstrated a number of products designed to bring increased manageability, measurability and security to existing enterprise investments.
While Web Services have been hailed as the next big thing, many enterprises have been reluctant to deploy outside of their firewalls due to poor security. Two companies today introduced firewalls for Web services designed to protect enterprises from XML viruses, parser attacks and schema poisoning—all attacks network firewalls and intrusion prevention systems are currently unable to detect.
Forum Systems Inc., in Sandy, Utah, launched the XWall Web Services Firewall, which it hailed as the first firewall for Web services. XWall scans WSDL (Web Services Description Language) schemas and XML messages to detect XML-related threats and to prevent intrusions. The firewall also recognizes attacks based on knowledge of Web services operations, users and message using signature threat detection capabilities.
Reactivity Inc. introduced the Reactivity XML Firewall 2300. The XML Web services security appliance applies multiple security policies to bring granularity to Web services security.The Reactivity XML Firewall 2300 handles SSL termination, as well as the authentication and authorization to control access to Web services. The product also performs data validation on requests from external systems to prevent malicious activity.
Next page: More from DEMO 2004
2
As the Internet becomes increasingly vulnerable to identity theft, enterprises are looking for products that can protect them from potential significant losses. Confidence Online Portal Edition from WholeSecurity Inc., in Austin, Texas, hopes to address this issue. The product, which looks at the behaviors and fabric of running applications, identifies and disables known and unknown Trojans and other malicious attacks to protect end users from identity theft.
Taking a page from the Honeypot Project, ForeScout Technologies Inc., in San Mateo, Calif., launched its ForeScout Global Early Warning System (GEWS), a subscriber-based solution that provides real-time information on potential enterprise security threates. The Global Earning Warning System watches port scans and sniffer attacks from around the world and isolates the IP address and owner of the IP address from which an attack is coming from. To verify that the activity is really malicious, the system automatically responds with counterfeit information the IT address is looking for. When the hacker uses that information, they are then pinpointed as an attacker.
While security products dominated the first day of DEMO 2004, a number of vendors also introduced products designed to create efficiencies within corporate computing environments.
Beyond securing the enterprise, enterprise IT managers are struggling to manage the growing number of pieces in their computing environments. Many are now turning to infrastructure automation software to ease the configuration process. mValent Inc., in Tewksbury, Mass., demonstrated the mValent Infrastructure Automation Suite, software designed to allow IT managers to manage and automate the configuration of across a vast number of devices and software applications.
Symbol Technologies Inc. used its six-minute demonstration slot to release the WS 2000 Wireless Switch. The product, which combines a built-in Ethernet switch, power injectors, a firewall and storage capacity for mobile users, is aimed at providing mobility applications to branch offices and small-to-medium businesses.The WS 2000 also enables IT managers to deploy segmented public and private networks using what Symbol calls virtual AP (access point) technology on one system. And IMlogic Inc., in Waltham, Mass., demonstrated how enterprises can bring instant messaging and presence to business applications through its IMlogic IM Linkage application server.
IT managers struggling to come up with a way to measure the value of deploying products launched at Demo may want to turn to Memento Inc.s Memento Software Suite. The software application allows IT managers to model their expectations and how an application is meant to be used. It then monitors those applications to measure and monitor the actual value realized after deployment. Memento is based in Concord, Mass.