The company, one of the biggest makers of BIOS (basic input/output system) software, unveiled the technology Wednesday at the Infosecurity Europe show in London. The utility allows hardware to be used in conjunction with a traditional login system to ensure that only someone who is authorized and is using a "trusted device" can gain access to the corporate network.
Get Up to Speed on...
Get the latest headlines and
company-specific news in our
expanded GUTS section.
Shiva Mandalam, director of security product marketing at Phoenix, said the Phoenix TrustConnector allows companies to extend the level of access control they have beyond usernames and passwords. It also authenticates the computer making the connection.
"This provides a way of representing a device as part of your application authentication, so when a user logs in to an application, the user and the device are getting authenticated at the same time," he said.
Mandalam said the TrustConnector generates an encryption key using information gathered from the notebook's hardware profile, and that key is passed on to the network when a connection is made. If the hardware can be authenticated, it is "trusted," and the person making the connection logs in with his regular username, password, smart card or token. If the person tries to log in using a different machine or has modified the device, access can be restricted or denied altogether.
"They can't use a different machine because the profile is different, so companies can set a policy so a trusted device can get onto the network and a non-trusted device can be allowed to access parts that do not contain any enterprise resources," he said.
Rob Enderle, principal analyst for the Enderle Group, said the increase in security threats means that device authentication has never been so important. "Until now, device authentication has been one of the missing links to this end-to-end network requirement," he said.
Munir Kotadia of ZDNet UK reported from London.