After covering a half-dozenin the 1990s (including several for CNET News.com), I returned this year for the first time since 1999. Talk about a time warp.
As cybersecurity has become an ever larger concern,
Get Up to Speed on...
Get the latest headlines and
company-specific news in our
expanded GUTS section.
First, the hot stuff:
Appliances: Five years ago, software applications were all the rage; today, there are hardware appliances for almost any conceivable security need. Secure proxy appliances, firewall appliances, virtual private network appliances, antispam appliances. Just plug them in to a network, and they start protecting.
Software appliances: Not an oxymoron, apparently. specializes in software appliances, offering a kind of "virtual hardware" that gets installed on a server to create an instant appliance. Immunixthat can be filled up with any security application, making an appliance without the messy step of building special-purpose hardware.
Intrusion prevention: Five years ago, intrusion detection software was the latest thing. Today,is all the buzz. It certainly sounds better. Who wouldn't want to prevent a nasty intrusion instead of merely detecting it? The question is if the technology has really changed or if it's just more marketing hype.
Antispam: One reseller told me that there are now more than 200
You can divide the technology on display from the nearly 250 companies into one of two categories: "hot stuff" and "perennial stuff."
Proactive vs. reactive: Proactive software is the good stuff, which. Reactive software is the bad kind, which reacts to the problem you've just encountered. And the best software combines proactive and reactive solutions. That way, when the proactive software doesn't work, the reactive software can tell you what just happened to you.
Wireless: The wireless revolution has spurred a huge outpouring of security offerings for notoriously insecure wireless devices. Analyst Julie Ask of Jupitermedia says security concerns are crimping wireless adoption.
SSL VPNs: These are the good kind of virtual private networks, based on the Secure Sockets Layer protocol. Indeed,abound. The other kind of virtual private network is IPSec (Internet Protocol Security). SSL VPN like a dreaded legacy application.
Identity management: It used to be that PKI (public key infrastructure) systems and digital certificates would solve the problem of tracking who's who and what they're allowed to do on a computer network. No more. Now, the hot ticket isthat can handle all kinds of legacy stuff, including PKIs, and delivers single sign-on at the same time.
And now the perennial stuff:
Channels: It was hard to find a company that sold directly to end users rather than through resellers. It was also difficult to identify who these resellers are, because they did not turn out for the show.
Smart cards: Theseso many obvious advantages that they constitute the wave of the future--much as they have for the last decade.
Biometrics: Biometrics is the term for security systems that are based on something on your body:, fingerprint, face recognition, etc. Supposedly, they can't be broken, but this remains a work in progress.
Tokens: These are little devices you carry around and plug in to computers or other things you want to use. One, called a, fits on your keychain, and then you plug it into a Universal Serial Bus port on a computer to prove that you're really you.
Then, there's RSA's own SecurID token, a little gizmo that displays a number that you type into a computer to sign on. The number changes every 60 seconds. RSA has marketed SecurID for years without blockbuster success. Now, as a Windows sign-on. Will Microsoft's security endorsement hand RSA a smash hit?
Wake me up in another five years for another look.