InfoSec
I had the pleasure of attending this years infosec event at Olympia and it was a thoroughly enjoyable afternoon - even with the hard sell By some vendors!!
I wasn't aware of any particular focus to this years event, certainly there were vendors who duplicated other vendors products with password management systems seemingly the 'in' thing. At least three vendors had the same password management product just presented in a slightly different way.
One vendor has an interesting approach to the problem of single sign on - , whom I've had the pleasure of dealing with before displayed their showpiece single sign on tool - This appliance is a very impressive piece of technology that not just does single sign on but can also integrate with the building management system make decisions on access based on where your door card is used.
For example, No local logon's allowed on the servers unless your swipe card has been detected as being used to access the server room, also no vpn access for your account if your pass HAS been used to gain access to the building.
With Imprivata's single sign on technology these types of rules can be used to build a very powerful and comprehensive access control layer
The second vendor I was impressed by was . They have an appliance that is desigend to sit in front of SQL servers and reject or accept SQL queries dependant on where the query originated.
For example, if you have a payroll system that HR have access to but you don't want anyone else running (or trying to run) queries against it you can just block ALL queries from other IP addresses/terminals, etc. This is very handy for the casual browser or for the SQL admin who wants to poke around confidential databases. Obviously, if the SQL admin can take a backup of the database and take it offsite then the security is broken but it's an interesting idea.
Another vendor. may well have something of a niche product with their Many vendors have endpoint software for managing USB, CD burners and so on but this is the first I have seen that claims to be able to do the range of mobile phones as well. It should be an interesting application to play with.
The final stand I have to mention is Microsofts where I got to meet Claire Smyth of Technet magazine and she is an absolute delight to talk to, Obviously very comitted to TechNet and the technet community. Just a few minutes at the Microsoft stand really gives you an idea of the passion these people have for thier products and the comittment they have to security.
Subscribe to Ramblings of a Sysadmin
Get the latest posts delivered right to your inbox