SOA Security Architect | SOA SECURITY NETWORK | THE SOA NETWORK2008-07-24T17:06:03Zhttp://soasecurityarchitect.com/atom.aspxQuick BlogF5 Enables Enterprises to Bolster Their Security Posturetag:soasecurityarchitect.com,2008-07-23:bc02b888-36f3-41f8-978c-8d613bf75f83Gary E Smith - THE SOA NETWORK2008-07-23T18:01:53Z2008-07-23T17:53:00Z










F5 Enables Enterprises to Bolster Their Security Posture

New release of BIG-IP software offers simple, integrated, and cost-effective application and protocol security

SEATTLE, JULY 23, 2008 – F5 Networks, Inc. (NASDAQ: FFIV), the global leader in Application Delivery Networking (ADN), today announced a new release of BIG-IP® software that underscores the company’s leadership and commitment to security—one of the three critical pillars of ADN, along with optimization and availability. Today’s enhancements help enterprises cut through the complexity of security by making it easy to implement advanced application and protocol security. BIG-IP software now features comprehensive protocol security, WhiteHat Security integration through the F5® iControl® API, and Kerberos delegation support. This BIG-IP software announcement complements the new BIG-IP Application Delivery Controller (ADC) platforms announced today.

F5 Offers New Application Delivery Platforms with Superior Value, Flexibility, and Performance

“The delivery of simplified, cost effective security solutions that address the complex difficulties of application security are critical given the threats to today’s applications,” said Michael Monticello, Security and Risk Management Analyst at Enterprise Management Associates. “F5 is addressing these needs through an industry-changing integration with WhiteHat Security, as well as with its intuitive products and features.”

Highlights of this BIG-IP software release include:
Advanced security with minimal management, configuration overhead, or expertise. BIG-IP Protocol Security Module delivers advanced protocol security and compliance for the most common Internet protocols, including HTTP(s), SMTP, and FTP. Running as a module on F5’s core BIG-IP systems, the Protocol Security Module focuses on protocol checks, and provides an easy-to-deploy solution with simplified management for network administrators, adding incremental security with minimal deployment time and impact to applications. Protocol Security Module is transparently upgradable to F5’s full-featured web application firewall, BIG-IP Application Security Manager™ (ASM).

Total website security and PCI compliance. F5 and WhiteHat Security’s integrated web application vulnerability assessment and mitigation solution is now available. The joint solution leverages F5’s iControl API and combines the powerful capabilities of WhiteHat’s Sentinel and F5’s BIG-IP ASM product to provide dynamic website vulnerability assessment, detection, and remediation. The joint solution also exceeds PCI 6.6 compliance requirements.

Streamlined access for authorized users. BIG-IP systems, now with Kerberos delegation, are the first application delivery controllers to support CAC/PKI authentication, allowing customers to reduce the number of servers required for SSL and user authentication. The CAC/PKI security authentication method is now used by many government organizations and others as their primary authentication method. Additionally, BIG-IP product family now interfaces with Microsoft Windows Active Directory domains and streamlines access for authorized users.

“Today’s enterprises must adapt rapidly to changing business needs, both from internal personnel and from their customers,” said Mark Vondemkamp, Director of Product Management at F5. “F5’s new security and application delivery solutions enable organizations to scale and refine their network infrastructures to provide optimized, secure access to the applications users rely on. With F5’s wide array of solutions, customers benefit by being able to leverage previous investments and update their infrastructure on demand.”

Availability
The BIG-IP v9.4.5 software is available now. For more information on F5’s BIG-IP solutions, please visit www.f5.com/products/big-ip/.


About F5 Networks
F5 Networks is the global leader in Application Delivery Networking. F5 provides solutions that make applications secure, fast, and available for everyone. By adding intelligence and manageability into the network to offload applications and optimize the data storage layer, F5 extends the power of intelligent networking to all levels of application delivery. F5’s extensible architecture intelligently integrates application optimization, protects the application and the network, and delivers application reliability. Over 16,000 organizations and service providers worldwide trust F5 to keep their applications running. The company is headquartered in Seattle, Washington with offices worldwide.

For more information, go to www.f5.com.

SOURCE: F5 Networks


_________________________________________________________________________________________



To submit Press Releases related to SOA Security send to: pr@soa2.com


For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>F5 Networks, Inc. (NASDAQ: FFIV), the global leader in Application Delivery Networking (ADN), today announced a new release of BIG-IP® software that underscores the company’s leadership and commitment to security—one of the three critical pillars of ADN, along with optimization and availability. Today’s enhancements help enterprises cut through the complexity of security by making it easy to implement advanced application and protocol security. BIG-IP software now features comprehensive protocol security, WhiteHat Security integration through the F5® iControl® API, and Kerberos delegation support. This BIG-IP software announcement complements the new BIG-IP Application Delivery Controller (ADC) platforms announced today. - SOA Security Architect - SOA SECURITY NETWORK - THE SOA NETWORK Burton Group to Address Security Architecture for the Future at Open Group Conferencetag:soasecurityarchitect.com,2008-07-22:25af9649-b7ab-4fef-8ef8-7c7c4acab6c1Gary E Smith - THE SOA NETWORK2008-07-22T18:54:11Z2008-07-22T18:49:00Z










Burton Group to Address Security Architecture for the Future at Open Group Conference

SALT LAKE CITY, UT, Jul 22, 2008 (MARKET WIRE via COMTEX) -- Burton Group, a research and consulting firm focused on in-depth analysis of enterprise technologies, announces Sr. VP and principal analyst Dan Blum will provide a keynote presentation on the future of security architecture at The Open Group Conference on Wednesday, July 23, 2008 in Chicago.

According to Burton Group's security and risk management strategies analysts, effective security network control is declining due to de-perimeterization, an emerging term to describe the erosion of the enterprise firewall as a single point of control due to many trends including workforce mobility, smarter mobile devices, business partnerships, wireless access, Service Oriented Architecture (SOA), and Software as a Service (SaaS).

Blum's keynote will be based on his recent research report, "Shifting Defenses: Security Futures for Networks, Applications, and Data." In the report, he points out industry trends will shift the defensive emphasis from network controls to endpoint-, identity-, application-, and data-level controls. He predicts an information-centric approach to IT security architecture that builds on converging XML-oriented database management systems and enterprise content management, and service oriented architecture (SOA) data services will provide lasting strategic benefits.

"The trend is moving away from large, monolithic organizational structures toward virtual enterprises," says Blum. "Individuals and organizations are becoming more empowered with computing devices and sophisticated content creation and collaboration tools that pose strong risk and regulatory pressures on IT security."

On Wednesday, Blum will discuss alternative security architectures that are gaining currency including the Jericho Forum commandments which start with the de-perimeterization problem as a premise and look beyond to the roles of secure endpoints, secure protocols, trust mechanisms, and data-level security.
More information and discussion about de-perimeterization, Blum's report, and upcoming keynote can be found at the following online resources:
 
* Security and Risk Management Strategies blog: http://srmsblog.burtongroup.com/

* Slidecast - Security Architecture in a Deperimeterized World: http://podcast.burtongroup.com/ip//2008/07/todays-security.html

* Jericho Forum and the Collaboration Oriented Architecture (COA) position paper: http://srmsblog.burtongroup.com/2008/05/jericho-forum-a.html

* Complimentary report: Shifting Defenses: Security Futures for Networks, Applications and Data: http://www.burtongroup.com/Guest/Srms/ShiftingDefenses.aspx

* The Open Group Conference: http://www.opengroup.org/chicago2008/

* The Jericho Forum: http://www.opengroup.org/jericho/deperim.htm

 
About Burton Group
Burton Group ( www.burtongroup.com) is an IT research and advisory services firm that helps technologists make smart enterprise architecture decisions. Burton Group provides in-depth, IT research and advisory services to executives and technologists at Global 2000 organizations. Focused on strategic business technologies and the unique needs of enterprise organizations, Burton Group provides clients company-wide access to its world-renowned analysts and a suite of powerful, intuitive research and decision support tools unmatched in the industry.


_________________________________________________________________________________________



To submit Press Releases related to SOA Security send to: pr@soa2.com


For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>Burton Group, a research and consulting firm focused on in-depth analysis of enterprise technologies, announces Sr. VP and principal analyst Dan Blum will provide a keynote presentation on the future of security architecture at The Open Group Conference on Wednesday, July 23, 2008 in Chicago. - SOA Security Architect - SOA SECURITY NETWORK - THE SOA NETWORK ObjectSecurity receives SOA security consulting contract with UK Cyber Security Knowledge Transfer Networktag:soasecurityarchitect.com,2008-07-02:6865f8f5-18cc-40ec-abda-9022e59b1e84Gary E Smith - THE SOA NETWORK2008-07-02T06:26:15Z2008-07-02T05:57:00Z










ObjectSecurity receives SOA security consulting contract with UK Cyber Security Knowledge Transfer Network

ObjectSecurity, the leading solutions provider for Model Driven Security Management (OpenPMF 2.0, see www.openpmf.com) today announced that it has been awarded a £50,000 (US$100,000) consulting contract by the UK Cyber Security Knowledge Transfer Network (KTN), which is funded by the UK government’s Technology Strategy Board.

The project involves a Service Oriented Architecture (SOA) security concerns analysis report with input from the KTN and the wider community. Several workshops are held in London to facilitate a dialogue, and a website with collaboration tools is available on www.secure-soa.info .

Dr. Ulrich Lang, CEO and co-founder of ObjectSecurity says “We are excited to work on this project. The open nature of the project allows us to bring all involved stakeholders together and facilitate a discussion about how to move SOA security forward.”

“'We are delighted to be working with ObjectSecurity. This is a complex topic on which there is plethora of views. We are looking forward to being able to circulate a useful and exploitable white paper which will get to the core of the problem. We expect the at the output will incorporate the expertise of a wide and diverse stakeholder group.”, Nigel Jones and Ralph James from the Cyber Security KTN say.

ABOUT OBJECTSECURITY

ObjectSecurity Ltd. (www.objectsecurity.com) is a Cambridge (United Kingdom) and San Jose (CA, USA) based SOA security specialist and a world-leader in model driven security management. The company offers the ground-breaking model-driven OpenPMF enterprise security management ecosystem and various secure middleware platforms. ObjectSecurity also provides services for model driven security, middleware security, SOA security, secure information sharing (e.g. CDM). Their customer base includes Agilent Technologies, BAA Heathrow Airport, Deutsche Telekom, Lufthansa Systems, ESG, European General Electric, Intel, QinetiQ, Royal Bank of Scotland, Real-Time Innovations, Twinsoft/Hewlett-Packard, US Naval Research Lab and others. ObjectSecurity specializes on information security for complex IT environments in mission-critical markets. ObjectSecurity has recently been named “Cool Vendor” by Gartner, the leading technology analyst firm, and is also a listed sample vendor on Gartner’s Hype Cycle for Information Security 2007.

ABOUT CYBER SECURITY KTN

The Cyber Security KTN (www.cybersecurity-ktn.com) aims to be the single focal point for UK Cyber Security expertise, to collaboratively identify universal challenges and develop effective response, influence UK investment strategy and government policy, accelerate innovation and education, harness and promote UK capability internationally and help improve the UK security baseline.

Contributions are critical for this project. Please register at the website www.secure-soa.info or contact us


_________________________________________________________________________________________



To submit Press Releases related to SOA Security send to: pr@soa2.com


For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>ObjectSecurity, the leading solutions provider for Model Driven Security Management,today announced that it has been awarded a £50,000 (US$100,000) consulting contract by the UK Cyber Security Knowledge Transfer Network (KTN). - SOA Security Architect - THE SOA NETWORK 2008 ACM Workshop on Secure Web Services (SWS) - Call for Paperstag:soasecurityarchitect.com,2008-06-09:ade32d3e-a608-40b8-a2e2-91d53c61c6f4Gary E Smith - THE SOA NETWORK2008-06-09T20:59:31Z2008-06-09T20:02:00Z










SWS 08 submission deadline EXTENDED to June 20th


2008 ACM Workshop on Secure Web Services (SWS)
October 31, 2008
George Mason University, Fairfax, VA, USA.
            
Held in conjunction with the 15th ACM Conference on Computer and Communications Security (CCS-15)

Call for Papers

Basic security protocols for Web Services, such as XML Security, the WS-* series of proposals, SAML, and XACML are the basic set of building blocks enabling Web Services and the nodes of GRID architectures to interoperate securely. While these building blocks are now firmly in place, a number of challenges are still to be met for Web services and GRID nodes to be fully secured and trusted, providing for secure communications between cross-platform and cross-language Web services. Also, the current trend toward representing Web services orchestration and choreography via advanced business process metadata is fostering a further evolution of current security models and languages, whose key issues include setting and managing security policies, inter-organizational (trusted partner) security issues and the implementation of high level business policies in a Web services environment.

The SWS workshop explores these challenges, ranging from the advancement and best practices of building block technologies such as XML and Web services security protocols to higher level issues such as advanced metadata, general security policies, trust establishment, risk management, and service assurance.
The workshop provides a forum for presenting research results, practical experiences, and innovative ideas in web services security.

Topics of interest include, but are not limited to, the following:
• Web services and GRID computing security
• Authentication and authorization
• Frameworks for managing, establishing and assessing inter-organizational trust relationships
• Web services exploitation of Trusted Computing
• Semantics-aware Web service security and Semantic Web Secure orchestration of Web services
• Privacy and digital identities support

Important Dates
• Paper submissions due: June 20th, 2008 DEADLINE EXTENDED
• Acceptance notifications: July 3rd, 2008
• Camera-ready papers due: August 10th, 2008

Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings.
Papers should be at most 15 pages excluding the bibliography and well marked appendices (using 11-point font and reasonable margins on letter-size paper). Committee members are not required to read appendices, and so the paper should be intelligible without them.
Papers should have a cover page with the title, authors, an abstract (300 word maximum) and contact information. Submissions should be made electronically in PDF or portable Postscript format using the SWS08 Submission System.

http://ra.crema.unimi.it/jsa-ssoa-openconf

CCS General Chair
Peng Ning, NC State University, USA.

SWS Program Chair
Ernesto Damiani, Information Technology Department, University of Milan, Italy.Seth Proctor, Sun Microsystems Labs, USA.
Industrial Track co-Chairs
Anoop Singhal, NIST, USA.
SWS Program Committee
Elizabeth Chang, Curtin University, Australia.
Tharam Dillon, Sydney University of Technology, Australia.
Csilla Farkas, University of South Carolina, USA.
Emmanuel Bruno, Université du Sud Toulon-Var, France.
Eduardo Fernandez-Medina Patòn, Universidad Castilla-La Mancha, Spain.
Thomas Gross, IBM Zurich, Switzerland.
Frédéric Cuppens, ENST-Bretagne, France.
Alexis Bonnecaze, ESIL Marseille, France.
Guenther Pernul, University of Regensburg, Germany.
Duminda Wijesekera, George Mason University, USA.
Richard Chbeir, Université de Bourgogne, France.
Stefania Marrara, University of Milan, Italy.


_________________________________________________________________________________________



To submit Press Releases related to SOA Security send to: pr@soa2.com


For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>The SWS workshop explores these challenges, ranging from the advancement and best practices of building block technologies such as XML and Web services security protocols to higher level issues such as advanced metadata, general security policies, trust establishment, risk management, and service assurance. The workshop provides a forum for presenting research results, practical experiences, and innovative ideas in web services security. - SOA Security Architect - THE SOA NETWORK Websense to Discuss Web 2.0 Security Threats and Strategies at the Gartner IT Security Summittag:soasecurityarchitect.com,2008-05-29:41194a33-a867-4ee5-b878-5859ada05cb0Gary E Smith - THE SOA NETWORK2008-05-29T18:56:31Z2008-05-29T18:53:00Z










Websense to Discuss Web 2.0 Security Threats and Strategies at the Gartner IT Security Summit

Websense, Inc. (NASDAQ: WBSN) today announced that it will join with Websense® customer OmniAmerican Bank, one of the largest locally based financial institutions in the Tarrant County (Fort Worth), Texas area, to present strategies and solutions for securely using Web 2.0 technologies and protecting essential data at the Gartner IT Security Summit held at the Gaylord National Resort and Convention Center in Washington, D.C., June 2-4, 2008.

The Gartner IT Security Summit brings together industry experts, vendors and organizations that have implemented innovative IT security solutions to share best practices and discover the tools and technologies to protect their IT infrastructures against emerging threats.

Websense activities at the Summit include: 

--  Solution Provider Session: Websense Senior Director of Advanced
    Content Research Charles Renert will explore how Web 2.0, increased
    collaboration and social networking pose major hurdles to traditional
    security tools. Monday, June 2 at 4:15pm ET (Room Location: Potomac 3).
--  Solution Provider Case Study: Websense customer and CIO at
    OmniAmerican Bank Tony Lippert will share how his organization enables
    employees to take advantage of Web 2.0 technologies safely and securely
    through the help of Web security and data loss prevention solutions.
    Monday, June 2 at 4:50pm ET (Room Location: Potomac 3).

As new generations of technology-savvy users and a growing wave of Web 2.0 technologies make their way into the workplace, they bring with them new security threats as well as new technical and management paradigms. Due to the constantly changing nature of Web 2.0 applications, traditional security solutions are unable to protect organizations from these emerging threats. At the Summit, Websense will demonstrate how integrated Web security, email security and data loss prevention solutions protect against inbound Internet-based threats and outbound data leaks, allowing organizations to take advantage of Web 2.0 applications while protecting their essential information, network systems and employees.

For more information about the 2008 Gartner IT Security Summit, visit www.gartner.com.

About OmniAmerican Bank

OmniAmerican Bank is headquartered in Fort Worth, Texas and operates 17 full-service branches in the Dallas/Fort Worth Metroplex. The bank offers a full array of consumer products and services plus business/commercial services, mortgages and retirement planning. Founded over 50 years ago, OmniAmerican has grown to manage assets over $1 billion, providing the highest level of personal service. Electronic banking and additional information are available at www.OmniAmerican.com.

About Websense, Inc.

Websense, Inc. (NASDAQ: WBSN), a global leader in integrated Web, messaging and data protection technologies, provides Essential Information Protection(TM) for more than 42 million employees at more than 50,000 organizations worldwide. Distributed through its global network of channel partners, Websense software and hosted security solutions help organizations block malicious code, prevent the loss of confidential information and enforce Internet use and security policies.

For more information, visit www.websense.com.



_________________________________________________________________________________________



To submit Press Releases related to SOA Security send to: pr@soa2.com


For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>Websense, Inc. (NASDAQ: WBSN) today announced that it will join with Websense® customer OmniAmerican Bank, one of the largest locally based financial institutions in the Tarrant County (Fort Worth), Texas area, to present strategies and solutions for securely using Web 2.0 technologies and protecting essential data at the Gartner IT Security Summit - SOA Security Architect - THE SOA NETWORK HP Application Security Goes SAAStag:soasecurityarchitect.com,2008-05-27:23d65b11-881a-4e42-9cab-ee58050964beGary E Smith - THE SOA NETWORK2008-05-27T19:16:11Z2008-05-27T19:12:00Z










HP Application Security Goes SAAS

HP has expanded its application security business with a series of upgrades.

Hewlett-Packard is taking a software-as-a-service approach to security in its latest push to help organizations secure their Web applications.

The company has plans to launch a service it calls the HP Assessment Management Platform in August to help customers centralize all of their Web application security analysis programs into a complete solution maintained and managed by HP. The announcement comes on the heels of a major upgrade of the company’s Application Security Center, which includes new versions of its application assessment and quality assurance programs available today.

“This is HP's first SAAS offering for application security,” said Tim Van Ash, director of global service portfolio for HP’s software-as-a-service business unit. “In the past we partnered with a third party for infrastructure security assessments as part of load-testing offerings. The issue is how to enable a true enterprise approach and scale, and this can't be done by companies today with limited expertise in both the domain and products. Taking a SAAS approach allows the security team to offer these assessment services to the enterprise to the teams who really need them.”

With the upgrade of HP Application Security Center comes updated releases of HP DevInspect, HPQAInspect and HPWebInspect. In HP DevInspect 5.0, the company has added the ability to automatically correlate the results between the static and dynamic testing phases and to use that correlation to help prioritize the results. Previously, the results were presented separately.

HP QAInspect 5.0 integrates security defect management with HP Quality Center software. With defect staging and consolidation capabilities, application teams can filter, prioritize and assign defects based on risk to the business in order to help detect and address problems faster, HP officials said. Version 5.0 of HP WebInspect features faster runtimes and improved scanning accuracy for common security vulnerabilities such as cross-site scripting and SQL injection.

SPI Acquisition Bridges Web Security Gap

The latest security push comes roughly a year after HP acquired SPI Dynamics to bolster its position in application quality management. SPI Dynamics specialized in securing Web applications during the development process. Among the executives who came over after the acquisition is Billy Hoffman, who now heads the Web Security Research Group at HP Labs.

To Hoffman, the latest releases help bridge what he called a Web security gap that can plague enterprises during application development by providing common ground for developers and security pros.

“Your average developer, QA guy doesn’t really know all the security issues that your security team has,” Hoffman said. “With the DevInspect and QAInspect products, we kind of shifted the conversation, so we’re not really talking about security vulnerabilities because at their heart security vulnerabilities are really software defects.”

Gartner analyst Joseph Feiman said organizations need to be vigilant throughout the entire application lifecycle - from requirements definition to development, testing and ultimately through production – in order to ensure its applications are secure.

“While customer-facing applications may be the lifeblood of a business, if they are not secured, they can provide an open door for hackers to a company’s most sensitive data,” Feiman said in a statement.

SOURCE: eWeek

_________________________________________________________________________________________



To submit Press Releases related to SOA Security send to: pr@soa2.com


For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>Hewlett-Packard is taking a software-as-a-service approach to security in its latest push to help organizations secure their Web applications. The company has plans to launch a service it calls the HP Assessment Management Platform in August to help customers centralize all of their Web application security analysis programs into a complete solution maintained and managed by HP. The announcement comes on the heels of a major upgrade of the company’s Application Security Center, which includes new versions of its application assessment and quality assurance programs available today. SOA Security Architect - Securing SAAS in a connected World - THE SOA NETWORK New IBM Software Simplifies Application Security for Service Oriented Architecturestag:soasecurityarchitect.com,2008-05-20:29d8410e-edf5-47ca-9f10-b2a1235dbbdfGary E Smith - THE SOA NETWORK2008-05-20T18:42:14Z2008-05-20T18:38:00Z










New IBM Software Simplifies Application Security for Service Oriented Architectures

Software Brings User-centric Identity and Security to SOA Environments, Improves Interoperability and Eases Business Partner Collaboration

IBM (NYSE: IBM) today announced details of new application security software designed to help clients securely manage employee, partner and customer IT users and their access to company applications and information.

The new release of IBM Tivoli Federated Identity Manager software focuses on enabling a company's separate business divisions to deploy secure software applications using open standards and a wide range of security credentials without needing to embed complex security logic into each application. The solution simplifies application integration using many forms of user credentials and facilitates the secure sharing of information between trusted parties -- such as business partners or separately managed divisions within an organization operating in an SOA environment.

IBM, the current leader in Identity and Access Management software revenue, according to analyst firm IDC (1), bolsters its existing portfolio with this new release that provides new management capabilities, user-centric identity technology and substantially extended interoperability with several open industry standards and other vendors' software.

"With its extended interoperability, IBM Tivoli Federated Identity Manager is uniquely positioned to simplify application security integration, enabling business process and application owners to deliver their services without being constrained by IT security and compliance issues," said Venkat Raghavan, director of product management, IBM Tivoli security, risk and compliance software. "This enables clients to tie together various organizational and business silos while also simplifying the integration between their company and partners' Web sites."

The vexing challenge for developers building applications is how to deal with the multitude of user credentials that need to be managed while providing end-to-end security. Using an office building analogy, end-to-end security could entail electronic locks opened by employee badges on the front door and keys for individual offices and file cabinets that store business critical information. Similarly, in the IT environment, it is common to have a single application that needs to support many forms of user credentials as business processes and organizations are linked across many facets of a company, including mainframe applications. Managing and securing access to a company's many services, applications and data are needed to meet security and compliance requirements.

This new IBM Tivoli software release automates the management of user credentials across applications without the application specialists needing to be security experts. Application owners define the type of credential needed based on an application's risk profile, and end users who present their credentials are automatically signed-on and given access to the various parts of the applications as appropriate. The software also provides auditors with a single view of the credentials used to help validate that the user access matches policy.

IBM Software Brings New User-Centric Identity to SOA Applications

The new IBM Tivoli Federated Identity Manager now provides businesses the flexibility to integrate with leading user-centric identity management technology and frameworks, including OpenID, Microsoft Windows CardSpace and Eclipse's Higgins Identity Frameworks.

User-centric identity management provides a means for users to control what information they share about themselves. Similar to a college id, driver's license and a passport, the user is able to choose which identification claims will be used when a situation requires it. IBM software now enables organizations to bring these identities into one central, federated identity management system that supports traditional identities in addition to the emerging user-centric frameworks.

While reusing existing applications and Web services can dramatically reduce SOA implementation costs, applications are often developed independently and have different formats to define, share and audit user identities. IBM Tivoli Federated Identity Manager's built-in SOA Identity Service provides the ability to manage and audit identities across a wide range of formats and vendors' applications to help maintain identity context throughout use in an SOA environment. This helps provide clients a unified approach to manage and report on user identities across shared applications, including portal environments.

The software now supports various user and application credentials such as RACF Passticket, Kerberos, SAML, WS-Security and platform specific credentials used by Microsoft .NET, IBM WebSphere, SAP NetWeaver, Oracle and CA. When combined with leading user-centric identity management technology and frameworks, including OpenID, Microsoft Windows CardSpace and Eclipse's Higgins Identity Frameworks, the software provides the required flexibility for business process and application owners to quickly and securely provide services to their business.

"Already a recognized leader in federated identity management, one should expect IBM's ability to extend its integration with other vendors' Web access management software and the major open standards and user-centric identity management approaches to help speed the adoption of secure SOA and federated identity around the world," said Sally Hudson, research director within IDC's security products and services group.

IBM's Tivoli security software helps prevent unauthorized access to valuable customer, employee and business data and facilitates compliance with corporate security policy and regulatory requirements. It is part of IBM's portfolio of service management software which automates some of the most challenging processes associated with managing complex IT environments, such as managing storage devices and deploying new software releases and patches. The software helps customers fight rising IT costs, manage constant change and meet the demand to stay competitive.

The new IBM Tivoli Federated Identity Manager will be generally available worldwide in June 2008.

For more information on IBM Tivoli Federated Identity Manager, visit www.ibm.com/software/tivoli/products/federated-identity-mgr/.

(1) IDC, "Worldwide Identity and Access Management 2007-2011 Forecast and 2006 Vendor Shares," Doc # 207609, July 2007.



_________________________________________________________________________________________



To submit Press Releases related to SOA Security send to: pr@soa2.com


For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>IBM today announced details of new application security software designed to help clients securely manage employee, partner and customer IT users and their access to company applications and information. - SOA Security Architect - THE SOA NETWORK Rohati Systems First to Rapidly Secure Broad Range of Applications with Network-Based Entitlement Control Platformtag:soasecurityarchitect.com,2008-05-19:d596607d-937b-4b17-a1c0-f29950530d35Gary E Smith - THE SOA NETWORK2008-05-19T08:33:18Z2008-05-19T08:30:00Z










Rohati Systems First to Rapidly Secure Broad Range of Applications with Network-Based Entitlement Control Platform
International Data Security, JDSU, and SK Telecom Embrace Rohati to Quickly and Cost-Effectively Secure Data Center Resources

SUNNYVALE, Calif. - May 19, 2008 - Rohati Systems today unveiled the industry’s first high-performance network-based entitlement control (NBEC) solution: the Rohati Transaction Networking System™ (TNS™) platform. Rohati’s breakthrough redefines entitlement management by enabling enterprises to easily define and enforce per-transaction policies across all types of users and applications. Rohati’s solution uses the policy-standard XACML (Extensible Access Control Markup Language) for the first time in a network platform, eliminating the need for client or server agents, or changes to network topology.

Combining the granularity of software-based entitlement management solutions with a high-performance networking platform, Rohati fills the gaps created by firewalls that are limited in the depth and relevance of controls they are able to provide, and by identity and access management (IAM) products that are too expensive and complex to be applied ubiquitously. Rohati’s TNS platform enables enterprises to quickly and cost-effectively support new business initiatives that rely on controlled collaboration, and dramatically reduces costs related to compliance audit and forensics, enterprise policy lifecycle management, and application deployment.

“Rohati fills in the missing piece of the puzzle for our business,” said Ken Choi, CEO, International Data Security. “We are building highly available data center environments for Fortune 500 enterprises, and the Rohati TNS platform allows us to quickly establish customer-specific secure zones defined by user- and application-based attributes on a massive scale.”

Increased Competition Drives New Approach to Entitlement Management

To compete globally and boost corporate responsiveness, enterprises have adopted new business models that rely on outsourcing, offshoring, and collaboration. The growing mobile and collaborative enterprise includes employees, contractors, partners, and suppliers, who need access to data assets from anywhere on the globe, from every type of device, that ensures access on a “need to know” basis. What’s more, their roles and responsibilities may change with each new project. “JDSU is significantly growing its international operations and looking at ways to scale business process flows and tightly manage operational expenses while controlling access to information,” said Bill Turner, information security officer, JDSU. “The approach that Rohati has taken with their TNS platform will help us to meet those rapid deployment, security, and cost-containment requirements.”

To support collaboration, enterprises are rapidly deploying applications such as Microsoft SharePoint and other Web 2.0 applications to streamline business processes. Without a new approach to entitlement management, critical data assets will be even more exposed and operate outside of IT control in a time when regulatory compliance issues and the need for data security are tightening.

“With a higher performing Internet WAN, the next challenge is security [combined with other elements]. Application entitlement management platforms like Rohati Systems’ will mitigate these concerns,” wrote Rob Whiteley, principal analyst and research director, Forrester Research, in his latest report titled “Today’s WANs Don’t Keep Pace with Applications.”April 2008. “Deploying them deep in the data center provides access control measures to protect unknown users coming in from public links to access sensitive application and data.”

Industry Experience Fuels Innovation

Rohati’s TNS platform is the culmination of ideas from the five founders of Rohati Systems, who are seasoned security, systems, and networking experts with more than 40 years of combined work experience at Cisco Systems. Designed for deployment in the data center, close to applications and resources, the TNS platform provides entitlement control on a per-transaction basis across an enterprise’s broad range of applications and resources.

Unlike network security devices that implement policies using Layer 4 access control lists (ACLs) that grant access based on the IP address and application identified by port number, Rohati’s solution is the first to support the much richer Layer 7 ACLs. This level of support provides granular entitlement definition and enforcement to support the new methods of business collaboration by expanding policy controls that encompass the business context of who, what, when, where, and how.

In another industry first, Rohati eliminates the need for the client or server agents required by IAM products, which dramatically speeds the provisioning and de-provisioning of entitlements for all classes of users across a broad range of applications and resources including Microsoft SharePoint, portals, and unstructured data on file shares. “The phenomenal adoption of Microsoft SharePoint has presented IT departments with the challenge of applying regulatory controls to unstructured data in a collaboration environment,” said Gerry Gebel, vice president and service director at Burton Group. “Entitlement control solutions offer an alternative approach by overlaying an access control layer over SharePoint, which can contain sensitive or regulated data.”

The Rohati TNS platform uniquely combines standards-based and proven technologies with an innovative approach that represents many industry firsts. Rohati benefits include:

  • A quick and cost-effective way to secure all data center resources
  • No changes to applications, servers, user clients, or network topology
  • Transaction-level policy enforcement based on the Layer 7 ACL
  • Extension of existing identity and policy investments through an integrated virtual directory
  • High availability at wire speed and low latency to ensure business continuity
  • Centralized deployment and management to ensure operational simplicity and low-cost operations and compliance audits

“As companies open up their networks, data, and applications to customers, employees, and partners, they must be able to cost-effectively administer and enforce entitlement policies in line with business intent across any and all applications and users,” said Shane Buckley, president and CEO of Rohati Systems. “Rohati is committed to product innovation that will continue to drive cost out of operating IT infrastructure and deliver the breadth of policy and control across a broad range of applications and resources to meet the rapidly changing needs of the business.”

Availability

General availability for the Rohati TNS platform is July 2008.

About Rohati

Rohati Systems, Inc. is the leader in high-performance network-based entitlement control (NBEC). Rohati solutions quickly and cost-effectively enable companies to define and enforce access and entitlement policies across all applications and classes of users from a single management console. Unlike traditional approaches to identity and access management that are time- and cost-prohibitive to deploy broadly, the Rohati solution resides in the data center, is network-based to ensure high performance, and does not require agents or changes to applications. Delivering numerous industry firsts, Rohati enables companies to safeguard all their data assets to protect their business and comply with compliance regulations. Rohati is backed by Matrix Partners and Foundation Capital, and is headquartered in Sunnyvale, California.

To learn more, visit www.rohati.com.



_________________________________________________________________________________________



To submit Press Releases related to SOA Security send to: pr@soa2.com


For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>Rohati Systems today unveiled the industry’s first high-performance network-based entitlement control (NBEC) solution: the Rohati Transaction Networking System™ (TNS™) platform. Rohati’s breakthrough redefines entitlement management by enabling enterprises to easily define and enforce per-transaction policies across all types of users and applications. Rohati’s solution uses the policy-standard XACML (Extensible Access Control Markup Language) for the first time in a network platform, eliminating the need for client or server agents, or changes to network topology. - SOA Security Architect - Securing SOA in a Connected World - THE SOA NETWORK OpenPMF 2.0 supports XACML authorization interoperability standardtag:soasecurityarchitect.com,2008-05-15:d916a225-921f-4993-a1bc-5de8e58aa77bGary E Smith - THE SOA NETWORK2008-05-15T06:22:42Z2008-05-15T06:10:00Z










OpenPMF 2.0 supports XACML authorization interoperability standard
ObjectSecurity's OpenPMF 2.0 security management product now supports XACML 2.0, an access control interoperability standard for Service Oriented Architecture (SOA).

ObjectSecurity, the leading solutions provider for Model Driven Security Management and secure information sharing in mission-critical industries today announced that its OpenPMF 2.0 security management product now supports XACML 2.0, an access control interoperability standard for Service Oriented Architecture (SOA).

OpenPMF 2.0 allows you to specify business-driven security requirements in an intuitive graphical way, and bridge the gap to fine-grained IT authorization management across heterogeneous, networked IT landscapes. By supporting XACML, OpenPMF 2.0 can bring security management for enforcement IT infrastructure from many different vendors back to the business: business-driven security requirements can be managed centrally for many different infrastructure technologies. A number of vendors offer XACML Policy Enforcement Points (PEPs) and Policy Decision Points (PDPs) that can be leveraged from OpenPMF 2.0.

ABOUT OPENPMF 2.0

OpenPMF 2.0 is an innovative software suite for business-driven information security management. The benefits include reduced cost, improved enterprise-wide security compliance, and low-maintenance security management for agile Service Oriented Architecture (SOA). OpenPMF 2.0 lets you manage security at a business-driven, intuitive high level of abstraction close to human thinking. OpenPMF 2.0 is fully customizable so that you can define customized policies in the way you think about security in the context of your organization. You can define policies consistently in one place and automatically enforce them across your IT environment. OpenPMF 2.0 can protect most IT systems, and reuse most pre-existing security infrastructure. You can deploy with lower upfront cost and risk thanks to innovative deployment options (software rental, appliance and remote “security as a service”). OpenPMF 2.0's powerful, yet easy-to-use technology is the only 'model driven security management' solution in the market today. It is the most flexible, extensible, standards based, and easy-to-use enterprise security management framework on the market. The patent-pending technology is based on 9 years of solid research and development by leading experts who are currently driving international standardization of model driven security. OpenPMF 2.0 is the most thought-through solution on the market and listed as a promising high-impact technology on Gartner’s Hype Cycle for Information Security 2007.

ABOUT XACML

 XACML (eXtensible Access Control Markup Language) is a declarative access control policy language implemented in XML and a processing model that describes how to interpret the policies. It has been standardized by the OASIS standards organization in 2005, and version 3 is currently being standardized.


ABOUT OBJECTSECURITY

ObjectSecurity Ltd. is a Cambridge (United Kingdom) and San Jose (CA, USA) based world-leader in model driven security and authorization management. The company offers the ground-breaking model-driven OpenPMF enterprise security management ecosystem and various secure middleware platforms. ObjectSecurity provides services for model driven security, middleware security, SOA security, secure information sharing (e.g. CDM). Their customer base includes Agilent Technologies, BAA Heathrow Airport, Deutsche Telekom, ESG, European General Electric, Intel, QinetiQ, Royal Bank of Scotland, Real-Time Innovations, Twinsoft/Hewlett-Packard, US Naval Research Lab and others. ObjectSecurity specializes on information security for complex IT environments in mission-critical markets.

For more information: www.objectsecurity.com


_________________________________________________________________________________________



To submit Press Releases related to SOA Security send to: pr@soa2.com


For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>ObjectSecurity, the leading solutions provider for Model Driven Security Management and secure information sharing in mission-critical industries today announced that its OpenPMF 2.0 security management product now supports XACML 2.0, an access control interoperability standard for Service Oriented Architecture (SOA). - SOA Security Architect - Securing SOA in a Connected World - THE SOA NETWORK ObjectSecurity partners with Model Driven Solutions to provide joint service portfoliotag:soasecurityarchitect.com,2008-05-04:f0751ec0-7eab-4a05-9c3d-1020ca743891Gary E Smith - THE SOA NETWORK2008-05-04T07:52:29Z2008-05-04T07:48:00Z










ObjectSecurity partners with Model Driven Solutions to provide joint service portfolio
ObjectSecurity partner with Model Driven Solutions, a leading provider of professional services and products that leverage SOA & MDA

ObjectSecurity, the leading solutions provider for Model Driven Security Management and secure information sharing in mission-critical industries such as air traffic control, today announced that they partner with Model Driven Solutions, a leading provider of professional services and products that leverage Services Oriented Architecture (SOA) and Model Driven Architecture (MDA) techniques and standards. The partnership joins up the complementary products and services of both companies. While both companies work on Service Oriented Architecture (SOA) and Model Driven Architecture (MDA), ObjectSecurity’s focus is more security-related, while Model Driven Solution’s focus is more business-process related. Both companies are active in standards development organizations such as the OMG and are actively engaged in the Open Source community. Dr. Ulrich Lang, CEO and co-founder of ObjectSecurity says “We are excited to partner with Model Driven Solutions. It helps us to pool complementary capabilities and work together on opportunities related to SOA and MDA.”

ABOUT OBJECTSECURITY - ObjectSecurity Ltd. is a Cambridge (United Kingdom) and San Jose (CA, USA) based world-leader in model driven security and authorization management. The company offers the ground-breaking model-driven OpenPMF enterprise security management ecosystem and various secure middleware platforms. ObjectSecurity provides services for model driven security, middleware security, SOA security, secure information sharing (e.g. CDM). Their customer base includes Agilent Technologies, BAA Heathrow Airport, Deutsche Telekom, ESG, European General Electric, Intel, QinetiQ, Royal Bank of Scotland, Real-Time Innovations, Twinsoft/Hewlett-Packard, US Naval Research Lab and others. ObjectSecurity specializes on information security for complex IT environments in mission-critical markets.

ABOUT MODEL DRIVEN SOLUTIONS - Model Driven Solutions (formerly operating as Data Access Technologies, Inc.) is a leading provider of professional services and products that leverage Services Oriented Architecture (SOA) and Model Driven Architecture (MDA) techniques and standards. The company assists major organizations in achieving effectiveness and agility in a changing and collaborative world. Founded in 1996 as Data Access Technologies (DAT) the company has been a leader in the development of open standards and supporting products that result in SOA based Executable Enterprise Architectures (EEA). Model Driven Solutions' EEA focus helps drive information systems to quickly and cost effectively address business and defense initiatives. With customers like the US General Services Administration (GSA), the US Army, Raytheon, Lockheed Martin, Kaiser Permanente, Unisys and many others, Model Driven Solutions is at the leading edge of today’s software technology advances.



_________________________________________________________________________________________



For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>ObjectSecurity, the leading solutions provider for Model Driven Security Management and secure information sharing in mission-critical industries such as air traffic control, today announced that they partner with Model Driven Solutions, a leading provider of professional services and products that leverage Services Oriented Architecture (SOA) and Model Driven Architecture (MDA) techniques and standards. - SOA Security Architect - Securing SOA in a Connected World - THE SOA NETWORK Secure Computing Delivers Security Gateway Virtual Appliances for VMware Environmentstag:soasecurityarchitect.com,2008-05-02:32b9107c-234b-464e-beea-5ae18d95d90dGary E Smith - THE SOA NETWORK2008-05-02T08:12:31Z2008-05-02T08:00:00Z











Secure Computing Delivers Security Gateway Virtual Appliances for VMware Environments
Secure Computing Combines Security Gateway Appliances With VMware Virtualization to Simplify Security Implementation and Management

SAN JOSE, CA, Apr 29, 2008 (MARKET WIRE via COMTEX News Network) -- Secure Computing Corporation (NASDAQ: SCUR), a leading enterprise gateway security company, today announced it is working with VMware to provide customers with security gateway virtual appliances for organizations of all sizes. These security gateway appliances for VMware environments will provide customers with an easy way to implement and manage security for multiple virtual machines, or multiple applications within a virtual machine, through a single gateway. This enables customers to capitalize on the business benefits of VMware virtualization -- such as reduced capital and operating expenses, assured business continuity and a "greener" carbon footprint -- while ensuring security across the datacenter in ways not possible in a physical environment.

According to leading research firm Gartner Inc.'s report "Virtualization Changes Virtually Everything" (by Philip Dawson and Thomas J. Bittman, March 28, 2008), "Virtualization is the highest-impact trend changing infrastructure and operations through 2012. It will change how you manage, how and what you buy, how you deploy, how you plan and how you charge."

Through its relationship with VMware, all of Secure Computing's security gateway appliances can be deployed as preconfigured virtual appliances onto new or existing hardware without the cost and space required of traditional security implementations. Customers can deploy different Secure Computing appliances, each on its own virtual machine, on a single server.

Customers can also reduce administrative overhead by using Secure Computing's central management system, Secure Firewall CommandCenter to manage a pool of virtual security appliances protecting one or multiple customer environments. For example, customers or managed service providers can deploy up to 32 separate firewalls, each running on its own virtual machine on a single server, and manage all of them from a single point. With any of the scenarios, customers benefit from the ease of preconfigured security without the cost and space required to manage multiple appliances.

"VMware virtualization is the ideal platform for partners like Secure Computing to develop an easy way for customers to deploy their business-critical security solutions," said Dan Chu, vice president of emerging products at VMware. "Combining Secure Computing's security gateway virtual appliances with VMware virtualization allows organizations to scale out their security architecture and gain additional datacenter resources without added complexity."

"This relationship with VMware enables Secure Computing to be at the forefront of helping our customers incorporate green information technology into their core security strategy," said Scott Montgomery, vice president of global technical strategy, Secure Computing. "These integrated VMware-virtualized applications offer substantial cost savings and simplify the implementation and overall management of security in our customers' virtual environments."

Availability

Evaluation versions of virtualized Secure Firewall (formerly Sidewinder(R)), Secure Web (formerly Webwasher(R)) and Secure Mail (formerly IronMail(R)) are scheduled to be available by June 2008. Commercial versions of Secure Firewall, Secure Web and Secure Mail are scheduled to be available in the third quarter of 2008.

About Secure Computing Corporation

Secure Computing Corporation (NASDAQ: SCUR), a leading provider of enterprise gateway security, delivers a comprehensive set of solutions that help customers protect their critical Web, email and network assets. Over half the Fortune 50 and Fortune 500 are part of our more than 22,000 global customers, supported by a worldwide network of more than 2,000 partners. The company is headquartered in San Jose, Calif., and has offices worldwide.

For more information, see www.securecomputing.com.


_________________________________________________________________________________________



For more resources on Securing Service-Oriented Architecture: SOA SECURITY NETWORK


_________________________________________________________________________________________





_________________________________________________________________________________________

Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World
Check out THE SOA NETWORK for the latest SOA NEWS


THE SOA NETWORK
SOA Governance | SOA Management | SOA Networking | SOA Security | SOA Identity | SOA Test

SOA Verticals
SOA Finance | SOA Government | SOA Healthcare | SOA Insurance | SOA Manufacturing | SOA Retail | SOA Telecom | SOA Utilities



]]>Secure Computing Corporation (NASDAQ: SCUR), a leading enterprise gateway security company, today announced it is working with VMware to provide customers with security gateway virtual appliances for organizations of all sizes. These security gateway appliances for VMware environments will provide customers with an easy way to implement and manage security for multiple virtual machines, or multiple applications within a virtual machine, through a single gateway. This enables customers to capitalize on the business benefits of VMware virtualization -- such as reduced capital and operating expenses, assured business continuity and a "greener" carbon footprint -- while ensuring security across the datacenter in ways not possible in a physical environment. SOA Security Architect - Securing SOA in a Connected World - THE SOA NETWORK ObjectSecurity Named "Cool Vendor" by Leading Analyst Firmtag:soasecurityarchitect.com,2008-04-20:44ecae7b-2e0a-441f-bf04-2ed394945c25Gary E Smith - THE SOA NETWORK2008-04-20T07:34:46Z2008-04-20T07:18:00Z