Was pretty swamped with meetings with press, customers, partners,and analysts today at RSA so this will be a short summary of the day. There were 4 items I wanted to bring to light today.
– Solera Networks (www.soleranetworks.com):These guys are doing an interesting set of wirerate appliances forcollecting data inline to the network to perform analytics andforensics on the information from multiple sources and multiple streamsof information. A pretty interesting version of the appliance is forCALEA forensics, “The Solera CALEA Appliance is designed to provide alow-cost packet capture solution for ISPs and VoIP service providerswho must comply with CALEA (Communications Assistance for LawEnforcement Act). “
– Dave Dewalt, CEO of McAfee, spoke in a keynote session today. Thekey takeaways from the keynote speech were: The future isMulti-Layered, Multi-Correlated, and Real Time Visibility to securitythreats all the way from the infrastructure to the endpoint.
Interesting Evidence of the Existence of SkyNet and cyborgs (see The Terminator movies)
– In front of a pavilion of what seemed to be German companies,there was a glass enclosure with a set of robotic arms that were quitediligently emptying a bottle of beer into a stein. I didn’t hearanyone say “come with me if you want to live”, but if I did…hey,anything for a good glass of German beer!
Interesting Wireless Network Analysis by AirPatrol
– Using our Wireless Locator System today from the McAfee partnerpavilion, we observed a number of rogue and anomalous wirelessentities. Of particular note were 35 adhoc wireless networksdetected. The very notable characteristic of adhoc networks is thatthere is NO interaction by endpoint devices with infrastructuredevices, such as vulnerability assessment, content scanners, NAC/NAPplatforms, or other network-based security measures andcountermeasures. It is pure peer-to-peer interaction and connectivitybetween the endpoints. Adhoc connectivity mode is fully available onevery Windows OS based laptop and fully supported by IEEE 802.11standards. Seems like there must be endpoint-centric countermeasuresto eliminate and protect against the possibility of adhoc connectivitythat circumvents all the infrastructure-based security.
Ghost blogger for ComputerWorld Canada during RSA