RSA Conference, First Impressions

I'm at the RSA conference this week, and I've started a blog. I'll be posting a few entries this week. We'll see how many: they just told me I have to use 802.1X authentication to get on the wireless network. Wish me luck ;-)

It's Tuesday, and the RSA Conference has just opened it's Exhibit Floor. Bill Gates and Cokie Roberts were the two big speakers this morning. A true crypto geek might grouse that "this is a security conference, why would I care about an OS vendor and a TV personality?" The Cryptographer's Panel is yet to happen. In the post-".com" era in San Francisco, it is not surprising that this conference is different from previous years.

The show has a new mix of vendors. There are still the traditional crypto hardware, software, and security consulting vendors. This year however there are more vendors selling Intrusion Detection and Prevention, in an almost bewildering variety of packages. I didn't know there were so many ways of avoiding calling yourself an IDS, but I guess that's the Industry's reaction to Gartner declaring the term to be out of fashion. There are also devices that I would call Policy Enforcement Points -- products designed to enforce security policies. These too come in a variety of shapes and descriptions. I see a lot of vendors selling "identity management" solutions. These involve tokens, smart cards, certificates, directory systems, fingerprints, RFID chips, and probably other technologies I haven't seen yet. There are even some vendors selling PKI solutions. I guess that out-of-fashion term isn't so out of fashion with some folks.

Some of the old players are gone, of course. Commerce moves forward, and Darwin has a hand in it. There are some interesting surprises. Entrust is here, with a conventional 10x10 booth. Certicom, the Elliptic curve folks, are here too, they have a 10x20. One might not have expected those two players to appear in that light. Netscape is here. They didn't man their booth last night at the reception held in the hall, and their color scheme is a sort of subtle powder blue. Folks seeing their booth for the first time were heard to comment that this looked like a faded left-over of their last showing.

Patch management is one thing people are talking about. I wonder about this, because it seems to me to be an obvious technology that Microsoft would include in future versions of their OS. Clearly someone's spending money on marketing this, there are some huge vendor booths in this space.

More later, after I survive installing 802.1x authentication on this machine to use the attendee show network!