Skip Links

Hacker Wars - Episode Five: Interop Conference 2008 (New York, NY, USA)

Bruiser the Bulldog           Bruiser the Bulldog's Lunch!

Once again Bruiser made the trek to Interop 2008 in New York, NY using super-sniff-sense to find out where the next big thing in Network Security could be found.

I tracked down Avocent again to see where they were headed with their DSView plugin technology that they were showing off last year. This year, they had numerous plugins running including those from Landesk (http://www.landesk.com), NetClarity (http://www.netclarity.net) and Uptime Software(http://www.uptimesoftware.com).

Again, it was no frills and all business. From within DSView they were showing how you could click on a server and remotely manage it – this included finding its holes, patching it, reconfiguring it and protecting it from downtime. You can find out more about them at http://www.avocent.com/

I didn’t see Verdium this year but I heard they made it into the Always On list of Green Technology companies to watch. With the price of fuel going up so high, it makes perfect sense that power management using the Energy Star agent technology would be a good fit for a Green award. Still keeping a keen eye on them at http://www.verdiem.com

Although I didn’t see NeuralIQ this year, they are still plugging away at building an innovative Intrusion forensic solution at http://www.neuraliq.com. If you like honeypots and virtualization, keep them on your short-list.

Now with all this wireless hacking going on around us every day, I thought it was time to sniff out a wireless vendor that had something innovative to offer. Searching through the entire expo hall, way in the back, where I usually find something new and neat, there they were, Meru Networks. Meru’s wireless controller family seems to be well designed using a common software foundation and extensible services for ease of RF deployment, they do also offer over the air quality of service (QoS) claiming zero-loss handoff mobility for converged data, voice, and video networks using their own unique Air Traffic Control technology. I think Meru Networks is ahead of most vendors in this space, yet like all the rest it seems that what they tout as “comprehensive security”, lacks a more sophisticated wireless network access control (NAC) or intrusion prevention system that I was expecting to see. If you are thinking about 802.11 and how to merge performance, scalability with more security than your basic brand name wireless router, you should check them out at http://www.merunetworks.com.

Drawn to the aroma of fresh network security technology, Bruiser made it over to Norman’s booth. Haven’t heard of them? No surprise. They don’t market the most of us but if you are using any major vendor’s anti-virus solution, they probably use the Norman Sandbox to learn about zero-day Malware and build signature tests. Still, I hate to give up my CPU on my laptop to let it download signature after signature test trying to scrub and scan and keep up with the worst of the worst malware. If only there were a way to offload this to a server? Hmmm…..Enter NNP. Woof! I’d trade a fresh milky dog bone biscuit for one of these.

Yes, the product that really made Bruiser’s day is the Norman’s Network Protection appliance (NNP). This product is an in-line technology that identifies and blocks malware traveling in and out of your network. What makes the product so impressive is that it does not delay your traffic using a traditional proxy based method of scanning for malware. The packets are duplicated in NNP and the originals are passed through the system to the destination in real time. As soon as something malicious is found, the communication is stopped, causing the destination client to discard all data from the transmission. Now if I just kept my laptop safe and sound behind one of these puppies, I’d never have to spend time in the pound, getting a cleaning and scrubbing from CPU intensive virus scanners.

As the malware problem increase, it’s becoming vital to have some additional layer of defense to compliment host based antivirus engines. Unlike most of the network-based solutions I’ve seen, the NNP seems to be the only appliance to reduce the impact on network and host performance. The plug and play nature of an inline product results in almost instant setup for securing many puppies in the pound almost instantly.

Not only does NNP use Norman’s award winning signature based scanning engine, but also boasts the proactive Norman SandBox technology. The power of the SandBox and the malware tools Norman has build around the technology is amazing. Even if you’re not in the market for malware related products, I highly recommend stopping buy Norman’s booth at their next tradeshow pit stop just for the demonstration of Norman’s SandBox Malware Analyzer tools and Network Protection technologies. I was always afraid to click my paw on “VIRUS.EXE” until I learned about how to do it in a Sandbox. And I thought sandboxes were for cats, like my friend Spencer. For more information, visit http://www.norman.com.

On this year’s trek to the big apple, after wandering through hundreds of booths looking for goodies and market makers, my picks this year to watch from Interop are Avocent, Meru Networks and of course Norman. That’s it for the Bruiser trip report – back to the puppy playgroup. Woof!

Our Commenting Policies