Security titans ready for showdown at RSA

Network-access control and security-policy enforcement are expected to grab much of the limelight at this week's RSA Conference 2006 (complete conference coverage), which organizers estimate will draw 14,000 attendees and more than 300 exhibitors.

The roster of keynote speakers reads like a who's who of IT industry CEOs: Bill Gates of Microsoft, Art Coviello of RSA Security, Scott McNealy of Sun, John Chambers of Cisco, Stratton Sclavos of VeriSign, John Thompson of Symantec and Thomas Noonan of Internet Security Systems (ISS).

In his keynote address, Chambers will be talking up Cisco's Network Admission Control program, which relies on the company's switches and routers to enforce endpoint security policy, such as requiring anti-virus updates or software patches. Cisco also plans to announce Cisco Security Manager, management software that is integrated into the company's monitoring, analysis and response system.

Cisco's vision will not go unchallenged.

3Com, which is dispatching its Chief Technology and Strategy Officer Marc Willebeek-LeMair to present a keynote on Thursday, is expected to launch its so-called Quarantine Protection System.

Presented as an alternative to Cisco technology, the Quarantine Protection System is supposed to work with 3Com and Cisco LAN switches to block network access to a Windows-based desktop machine if it doesn't conform to designated security policies. 3Com's method will use the 3Com TippingPoint intrusion-prevention system to detect unauthorized behavior from a client machine and send an alert to Microsoft's System Management Server.

In his keynote on Wednesday, Symantec's Thompson is expected to outline a strategy to provide security services that will protect Web users from spyware and phishing attacks. Symantec also plans to unveil its own network-access control product this week, as is McAfee.

VPN vendors will use the show to launch new products and partnerships that tighten VPN access and offer higher speeds.

Citrix is expected to introduce three hardware models of its Access Gateway, the company's SSL VPN termination device, to accommodate more concurrent users. The company until now had only one device, the Access Gateway 2000, which supports 1,000 users. The three new models, the 5000, 7000 and 9000, support 2,000, 2,500 and 5,000 users, respectively. Pricing for the 5000 starts at $5,500; the 7000 at $17,500; and the 9000 at $25,000.

Citrix also is dividing the Access Gateway product line into standard and advanced editions. The advanced edition adds software that manages which network resources users can access and which functions - such as print, save and view - they are allowed to perform based on how trusted the machine that they are using is.

Citrix also is set to offer a scaled-down version of its application firewall that can guard against most attacks without having to spend time monitoring Web-application server traffic first. The company says the new standard version of its Citrix NetScaler devices will block SQL injection, cross-site scripting, buffer overflows and worm attacks, representing 80% of the attacks Web application servers face.