Security software all the rage at Comdex

Comdex attendees might be forgiven if they thought they had accidentally entered a medical convention as they strolled the aisles of the Las Vegas event. The word "biometrics" and references to viruses were everywhere. But these were not references to some unusual search for disease-bearing organisms. Instead, companies were going all-out to help IT managers find ways to protect the enterprise.

There were, in fact, several initiatives that would lend protection. The traditional makers of anti-virus software were present, showing the latest variations of their products. And, as was the case throughout the show, most of the improvements were evolutionary. The small steps here and there served to keep products updated, but didn't go much beyond that.

But there were exceptions. Moscow-based Kaspersky Labs, for example, was showing its new enterprise anti-virus solution that intercepts viruses before they even enter your company mail gateway. To do this, the company's gateway protection scans all incoming traffic (including mail, HTML, FTP, and other traffic) for signs of viruses, and handles them according to your company's policy. Kaspersky also provides workstation-resident anti-virus software, and the company's gateway protection can scan for outbound viruses in addition to scanning for incoming viruses.

As was the case elsewhere in the security market this year, many of the significant products came from vendors located outside the US, mostly in Europe, where security has been an issue for years.

That was certainly the case with the ubiquitous fingerprint scanners. While there are some US device makers, the biggest push came from a variety of German companies such as Siemens and Towitoko. These companies demonstrated years of experience in making really secure access control devices.

Siemens' and Towitoko's experience is also evident in the evolution of other types of access control devices. Tel Aviv-based Aladdin Knowledge Systems, Ltd. brings its international expertise and technology from Siemens together to create a smart card replacement. The device, which Aladdin calls its "e-Token," contains the same components as a smart card, but in a much smaller package. The package contains a USB connector, so you can easily plug the e-Token into a computer's USB port.

This is important for several reasons, but the most significant is that it eliminates the need to purchase and deploy smart card readers for every computer in your enterprise. In addition, Aladdin says that its e-Token is much less expensive than a smart card, and is less likely to be damaged.

And finally, it seems that what we once thought was good enough may not be. Several companies were showing prototype systems that combined biometrics, tokens, and passwords to provide an ultra-secure access control system. Such access control might contain a smart card reader which stores your fingerprints, for example. It would also contain a fingerprint reader. Such a system would compare your scanned fingerprint against what's stored in the smart card and the company database. And finally, it would require a password.

Then there would be no doubt as to the identity of the person accessing the enterprise. Routine delivery for such systems? Maybe next year.Comdex attendees might be forgiven if they thought they had accidentally entered a medical convention as they strolled the aisles of the Las Vegas event. The word "biometrics" and references to viruses were everywhere. But these were not references to some unusual search for disease-bearing organisms. Instead, companies were going all-out to help IT managers find ways to protect the enterprise.

There were, in fact, several initiatives that would lend protection. The traditional makers of anti-virus software were present, showing the latest variations of their products. And, as was the case throughout the show, most of the improvements were evolutionary. The small steps here and there served to keep products updated, but didn't go much beyond that.

But there were exceptions. Moscow-based Kaspersky Labs, for example, was showing its new enterprise anti-virus solution that intercepts viruses before they even enter your company mail gateway. To do this, the company's gateway protection scans all incoming traffic (including mail, HTML, FTP, and other traffic) for signs of viruses, and handles them according to your company's policy. Kaspersky also provides workstation-resident anti-virus software, and the company's gateway protection can scan for outbound viruses in addition to scanning for incoming viruses.

As was the case elsewhere in the security market this year, many of the significant products came from vendors located outside the US, mostly in Europe, where security has been an issue for years.

That was certainly the case with the ubiquitous fingerprint scanners. While there are some US device makers, the biggest push came from a variety of German companies such as Siemens and Towitoko. These companies demonstrated years of experience in making really secure access control devices.

Siemens' and Towitoko's experience is also evident in the evolution of other types of access control devices. Tel Aviv-based Aladdin Knowledge Systems, Ltd. brings its international expertise and technology from Siemens together to create a smart card replacement. The device, which Aladdin calls its "e-Token," contains the same components as a smart card, but in a much smaller package. The package contains a USB connector, so you can easily plug the e-Token into a computer's USB port.

This is important for several reasons, but the most significant is that it eliminates the need to purchase and deploy smart card readers for every computer in your enterprise. In addition, Aladdin says that its e-Token is much less expensive than a smart card, and is less likely to be damaged.

And finally, it seems that what we once thought was good enough may not be. Several companies were showing prototype systems that combined biometrics, tokens, and passwords to provide an ultra-secure access control system. Such access control might contain a smart card reader which stores your fingerprints, for example. It would also contain a fingerprint reader. Such a system would compare your scanned fingerprint against what's stored in the smart card and the company database. And finally, it would require a password.

Then there would be no doubt as to the identity of the person accessing the enterprise. Routine delivery for such systems? Maybe next year.