HP has ticket to security
HP rolls out Net-oriented security "ticket" products for intranets and the Internet, aimed at banks and phone companies.
Both offerings, part of HP's "="" rel="">Praesidium security framework, are being positioned for banks and phone companies.
The intranet product, called Security Service, eliminates the sending of passwords over private networks, substituting encrypted "tickets" that authenticate a user's identification for only a short time. It uses Kerberos-based encryption, often used in banking and telecommunications industries.
That prevents hackers, both outsiders and internal users, from gaining unauthorized access by stealing passwords as they move across the network. A stolen "ticket" would expire quickly.
"The sophistication of hackers encroaching on intranets is growing at an alarming rate," said Janice Chaffin, general manager of HP's General Systems Division. "Allowing confidential passwords to travel across this medium comes with greater and greater risks."
Security Service works with HP-UX, Hewlett Packard's version of the Unix operating system, to protect transmissions using Internet FTP (file transfer protocol), telnet, remote shell, remote copy, and remote log-in. Security Service is available now and ranges from $3,100 to $15,500 per server.
The Internet product, called Virtual Vault, builds on security technology HP bought in February from Atlanta-based SecureWare. Virtual Vault supplements firewalls, which guard the perimeter of a network from outside intruders, by limiting access within a corporate network to specific, authorized areas.
By granting selective access to sensitive data, Virtual Vault essentially compartmentalizes information a particular user or application can obtain by blocking efforts for data requests outside that particular area. Virtual Vault is available now for $75,000 for a single copy and $45,000 for six or more copies.