Any Paul McCartney and Wings fans out there? I really like their music although I think personally Paul McCartney is a real wanker. But man that wank can sure write some good tunes! On the album (dating myself here) "Wings Live over America" before the song Rock Show starts a promoter Dude says: "Showtime!" That's what day three of RSA was for me on paper BUT my mind was on the final two on camera interviews I had later on that day. The two I have been really looking forward to.
Robb and I opened for John Chamber's live keynote via the Internet. We presented to a live audience both in the booth and around the World. It was really awesome! I love speaking to a live audience! To feel the energy, scan the crowd for non verbals to see if we are hitting the mark and watch the crowd grow...oh man! There is nothing like presenting live! We put together a show based on conficker and the new Safev2 design guidelines. It was a lot of fun.
Once the show was over, I headed over to the first of my anticipated interviews. Of course I stopped by the VeriSign booth to watch a Dude escape from a straight jacket while riding a unicycle then juggle some knifes afterward. Note to self: update resume... Past some of the skankest Bret Micheals Rock Of Love booth babes I have ever seen is a small booth with a catchy name: Phone Factor.
I saw this booth being constructed on Monday and just reading the silk screened booth I was very intrigued. Two factor authentication with your cell phone. Now, two things I noticed without talking to a single person in that booth. First: It was in start up city where all the best innovations come from. Second: The name of the company is Phone Factor and not Phone Phactor so that means this company was most likely founded by an engineer focused on engineering and not on marketing. YES!
I spoke with Steve at Phone Factor and of course after finding out they are based in Kansas City we had to trade BBQ stories. I still think LC's is the King of BBQ in KC!!! anyway back to business, Steve went on to explain how their solution works. We all know that two factor is something you know and something you have. Their solution is that nearly everyone has a phone, why not use that as your second factor. Sounds good to me...but I wondered how restricted it was to VPN clients, cell phone models and installing software, I was concerned about scalability. Steve went on to say that Phone Factor is phone independent (cell or land line), no client side software to install and works with most popular VPN clients. It works like this:
- Start your VPN tunnel
- Your credentials are verified via RADIUS/LDAP tie in
- Now your registered phone number starts to ring
- Answer the phone and press # or enter a pin if you would like
- Your in!
My thought was some automated voice read back a pin code to you but no way! It is a true two factor solution. Once you answer that phone and hit # you are logged in. Now if someone harvests or steals your password what happens? Your phone rings. How cool is that for being alerted of a security breach!! The best solutions are always the simplest solutions aren't they? I instantly noticed a real value in what they came up with as a solution to solve many problems with token based authentication. I walked away thinking, "Now why didn't I think of that?"
The last and final interview was with RSA/VMWare. We did this after the show floor was cleared. Mangus and Allwyn from RSA not only have to coolest names of anyone at RSA but the also have a very happening product. They went on to show me a demo of DLP in the the virtualized space. This is a brand new product they just announced at RSA. DLP is nothing to get too excited about in general BUT in the virtual space, well that is something all together different! I pressed them on how this is different then how one of my favorite Cisco products; CSA does DLP? Virtualization is the key but not only is it the key but they wrote this code in a virtual appliance mode and not just a software shim like WinPcap. As a virtual appliance it can interact and take advantage of other virtualized optimizations like the Cisco Nexus 1000. I was floored at this announcement and the demo they ran for me. I highly recommend watching this video as soon as it comes out.
Today is Day Four the final day at RSA. The show closes two hours earlier then previous days. It is typically known as vendor t-shirt day! This the day vendors try to score t-shirts and booth stuff from each other so they do not have to pack and haul it back. Which is great timing for me since my wife just tossed out my: "The Future is YOURS! IBM 16Meg Token Ring" t-shirt.
Jimmy Ray Purser
Trivia File Transfer Protocol
Janis Joplin's Will called for a party for 200 people at her favorite pub in San Alselmo, California at a cost of 2500 bucks!
Jimmy Ray Purser is the technical co-host for Cisco's TechWise and BizWise TV. Jimmy Ray also conducts advanced training for engineers across North America and Europe and regularly speaks at industry conferences such as VON, CeBIT, N+I, and Networkers. As a field engineer, Jimmy Ray experiences networking first hand behind the console or in the rack. He is an active member in the IEEE and the Ethernet Alliance and has designed, installed and tested numerous networks for Fortune 500 companies, the United States military and other institutions worldwide. He holds 3 U.S. patents for Ethernet security algorithms with two others pending and one defensive publication, as well as numerous other vendor certifications in networking and security.
Purser holds a Bachelor of Science degree in electrical engineering from Southern Illinois University is currently pursuing a master of science degree in electrical engineering.