CeBIT 2007: Utimaco To Launch a New World of Data Security
SafeGuard Enterprise 5.0: Multi-Platform Data Security With Central Management

OBERURSEL, Germany, February 8 /PRNewswire/ -- Utimaco will be launching its SafeGuard Enterprise security suite at CeBIT 2007 (March 15th - 21st). With this new product generation from the Data Security Company organisations and companies can, for the first time, benefit from a fully integrated security suite that meets all current and future demands on data security. No matter where information is saved, or who it is being exchanged with, SafeGuard Enterprise secures data on mobile and fixed computing devices, on removable media, servers and in e-mails. The core of the brand new security suite is the central Management Center which for the first time enables companies to simply and effectively implement security guidelines across platforms to meet regulatory compliance requirements.

SafeGuard Enterprise 5.0 targets mid-sized to large corporations that need to store and process their data on different devices and platforms and secure their confidential information at all times. SafeGuard Enterprise is based on an open, modular architecture that enables companies to add security functions to their IT infrastructure using a single, auditable administration module. Additionally, SafeGuard Enterprise supports companies and authorities to reduce costs and risks: Different administrations and key management systems will be consolidated under a central management platform.

At CeBIT, Utimaco will be presenting SafeGuard Enterprise 5.0 to the public for the first time. Version 5.0 comprises the SafeGuard Management Center and the SafeGuard Device Encryption security module.

With the SafeGuard Management Center module companies can implement security guidelines centrally and administer them across the company, and across all platforms. The SafeGuard Device Encryption module transparently encrypts data on notebooks, PCs and removable media. In addition to supporting authentication hardware such as tokens its modern algorithms ensure maximum security. The SafeGuard Management Center module enables companies to protect all data in the network against misuse and unauthorized access.

Selected international test customers have evaluated the beta version of SafeGuard Enterprise 5.0 thoroughly over the last few months. "The users have confirmed their approval of the solution. We were given the best feedback for the ActiveDirectory integration and installation, and also for the Policy Management", said Olaf Siemens, Head of Software Development at Utimaco.

SafeGuard Enterprise 5.0 is available from Utimaco and certified partners after CeBIT. During CeBIT, interested trade fair visitors can get detailed information about the Security Suite from Utimaco in Hall 7 / Stand A 28.

Further modules rounding off Utimaco's new data security suite are added in later product versions:

SafeGuard File & Folder Encryption secures user data that is exchanged between working groups. In addition, it can be used to encrypt both local disk drives and network servers at file and directory level, and assign them individual access rights.

SafeGuard Configuration Protection offers central control over all fixed and mobile computing devices and protects against malware, inappropriate software use, and unauthorized configuration changes.

SafeGuard Data Exchange guarantees the secure exchange of confidential data with business partners and customers.

For more information about the portfolio of solutions, go to

http://www.utimaco.com/products


Further information:

Utimaco Safeware AG -
The Data Security Company.
http://www.utimaco.de
Rieke Bonisch
Tel: +49-(0)6171-88-12-10
E-Mail: rieke.boenisch@utimaco.de

OT: It's official: Broadcom's in Apple's iPhone

February 08, 2007

After weeks of 'no comment' and 'not at liberty to say,' Broadcom's Henry Samueli spilled the beans in federal court that yes, Broadcom's chip is in the Apple iPhone.

Our super-sleuthing Broadcom reporter John Gittelsohn dug up this tidbit after examining the court transcript from the recently concluded Qualcomm v. Broadcom trial. That's Case No. 05CV1958-B(BLM), if you want to look it up yourself in the US District Court in San Diego. The two were fighting over intellectual property. The transcript (I've taken liberties below and highlighted Samueli's statement from the transcript) says little more about the iPhone other than it's not the chip in dispute, the H.264 chip.

http://news.google.com/news/url?sa=t&ct=us/5-0&fp=45cb640b8ebdfeef&ei=auvLRdVIxIbDAf7Bxa....

OT:TiVo, Amazon.com Offer Video Downloads
Wednesday February 7, 7:44 am ET
By Curt Woodward, Associated Press Writer
TiVo, Amazon.com Offer Video Downloads That Can Be Viewed on TV Sets


SEATTLE (AP) -- Amazon.com Inc. and TiVo Inc. have jumped into the digital download wars -- with a twist. The new partners will beam movies and TV shows directly to their customers' living rooms.
The companies said a test version of their new service, called Amazon Unbox on TiVo, will begin Wednesday with an unspecified number of TiVo customers.


The full service is expected to debut later this year, available for the 1.5 million TiVo digital video recorders with broadband Internet capability. Officials refused to give a target date for the service's launch.

Thousands of movies from several major studios and TV shows from CBS and Fox will be available, said Bill Carr, Amazon.com's vice president of digital media. Both companies expect agreements with more studios and networks in the future.

"We think this is a breakthrough," Carr said. "We're providing people with the simplest way to actually play back their digital content on a television set."

Unbox on TiVo joins a rash of new digital download services from retailers and entertainment companies, and builds on the Unbox service that Amazon.com launched last year.

Wal-Mart Stores Inc. entered the market Tuesday, when it unveiled an online movie download store. Other competitors include Movielink, which is owned by five studios, and CinemaNow.

Most online download services, however, leave content essentially trapped on the customer's computer. TiVo and Amazon.com's major advantage is their ability to deliver movies and TV shows directly to the TiVo box, observers said.

"Frankly, nobody else has the solution that allows you get something over an Internet connection and watch it with the click of the button," said James McQuivey, principal analyst at Forrester Research Inc. "If it's that easy, then they'll be the first. They'll be able to plant their flag."

Apple TV, the new set-top, video-streaming box coming this month from Apple Inc., should be a top rival. Like Unbox on TiVo, Apple TV is designed to move digital content from a user's computer to their TV set.

But Unbox on TiVo may have an advantage in the customers who already have broadband-ready TiVo hardware in their homes. While a new Apple TV box will cost around $300, the only additional cost for a TiVo user will be the price of a movie or TV show over the existing Unbox download service.

TV episodes will sell for $1.99, with most movies priced between $9.99 and $14.99, the companies said. Movie rentals will start at $1.99. No extra hardware purchases are required, and there will be no additional subscription fees, the companies said.

Although the technology has yet to catch on broadly with consumers, Internet downloading is expected to generate about $4 billion in annual sales in five years, compared with an estimated $27 billion from DVD rentals and sales, according to Adams Media Research.

TiVo and Amazon.com are betting that their ability to integrate downloads with the existing choices on a TiVo video recorder will give them a distinct advantage in grabbing a share of the market.

"I suspect we will see a parade of similar kinds of devices over the next several years," said Larry Gerbrandt, general manager of Nielsen Analytics.

Shoppers who want to downloaded a video program through the new service will place the orders through the existing Unbox video download service, company officials said.

Videos may be sent to a TiVo box or a computer and can also be used on portable devices. Videos also don't have to be stored permanently on a customer's hard drive -- they can be downloaded again from Unbox after being purchased.

Initially, the companies will offer videos from CBS, Fox, Lionsgate, Paramount Pictures, Universal Studios Home Entertainment and Warner Bros.

Unbox videos presently come with copyright protection based on Microsoft Corp.'s Windows operating system. Those sold through the TiVo service will use a different technology to allow them to play on the TiVo's Linux-based system, officials said.

TiVo had previously announced a downloading partnership with Netflix, the mail-order movie rental service, but that deal eventually fell apart.

TiVo Chief Executive Tom Rogers said TiVo decided to go with Amazon.com in its new venture because the online retailer had a large customer network and a large catalog of distribution rights, which Netflix couldn't deliver.

wavxmaster, thanks! Always follow the top talent. Given Thomas knows all the webs which Wave weaves, this can only be good.

Pickle

OT: Italian Power System Maker Uses ARM Based Chip In Data App

02 February 2007


Italian company RGM SpA has developed a system, incorporating an ARM based Atmel processor, to collect and transfer data from energy stations.

The system, which can perform data acquisition, routing and alarm monitoring and logging, is built around an ARM based Atmel AT91RM9200 processor and runs Koan’s KaeilOS, a Linux operating system.

Performance, cost, ability to work in critical environmental conditions and dimensions were key in developing the hardware and choosing both the operating system and Atmel processor, RGM said.

RGM’s system will be used to collect and transfer data from backup generating power stations in medical facilities, transportation and energy stations, for example.

Barge, you absolutely nailed this space just as CM has done for the government space. Thanks for keeping me focused on this side of the business when I was consumed with Enterprise.

Pickle

What a Monday! Pickle is Tickled!

OT: NTT DoCoMo, KDDI, NEC and Hitachi Develop Authentication Infrastructure for Mobile Phones


Tokyo, Jan 26, 2007 (JCN) - NTT DoCoMo, KDDI R&D Laboratories, NEC Corporation, and Hitachi Ltd. developed a highly secure authentication infrastructure which works for all mobile carriers. The research was commissioned by the National Institute of Information and Communications Technology (NICT) and took three years to complete.

Compared with conventional ID/Password authentication, the new technology utilizes Public Key Infrastructure (PKI) and uses electronic certification. An electronic certification prevents impersonation and falsification by a third party and alleviates the burden on users, who no longer need to register every time they use it).

The authentication infrastructure feasibility test will take place at the Mobile IT Forum on January 25, 2007. NTT DoCoMo, in collaboration with NICT, will open a public lecture on the mobile authentication infrastructure technology ("The future of electronic certification in the mobile commerce") on February 6, 2007.

NAC Vendors Vie Over Architecture, Product Direction
Courtesy of Network Computing

http://www.darkreading.com/document.asp?doc_id=115629&WT.svl=cmpnews2_1

JANUARY 26, 2007 | The network access control (NAC) market has finally matured enough that vendors and users can at least agree on the baseline features and functionalities required to make up a NAC solution. On deck for 2007: the battle of NAC architectures, an expected standards shake-out; and plenty of vendor posturing, positioning and - more than likely - consolidation.

That was the story at Network Computing's NAC Forum event, held Thursday in San Jose, Calif. The event brought together NWC real-world IT analysts, leading NAC vendors and users that have both deployed NAC and those still in the evaluation phase. Even though NAC feature sets and technology approaches remain in flux, several users detailed early successes in rolling out NAC in their enterprises.

Key business drivers included improving remote and guest access to corporate networks; avoiding catastrophic attacks and vulnerabilities; and locking down security policies and practices for regulatory compliance.

Cedars-Sinai Medical Center has completed a NAC deployment using NAC gear from Vernier Networks to manage how a wide variety of devices access its corporate network, including not only computers, laptops and handhelds but net-enabled medical instruments such as heart monitors and even task-specific robots. "In looking for a NAC solution, it's important to keep things in perspective. NAC isn't a magic pill," said Mazen Abu-Hijley, director-networking for Cedars-Sinai. "From an operational perspective, we were looking for something that was easy to put in and allowed us to apply and monitor the policies we needed."

The hospital is largely a Cisco shop, but turned to Vernier for a best-of-breed NAC appliance that it could deploy today without having to make massive changes across its installed base of routers and switches, Abu-Hijley said.

Medical device manufacturer Beckman Coulter is planning its own NAC deployment, with implementation planned to be rolled out on a site by site basis in the next 12 to 18 months, said Steve Campbell, the company's director of network services. "Our goal is fairly simple-keep visitors, contractors and interns off the network. We need to be able to control what they do," Campbell said, adding that the biggest surprise in planning the NAC deployment was that while IT had locked down remote access very tightly, "the thing that wasn't secure (from an access perspective) was the LAN."

Working with vendor Nortel, Campbell's team is taking a measured approach to its NAC roll-out, testing NAC piece-parts and overall interoperability in the lab before rolling out live deployments, beginning with its corporate headquarters. Campbell recommends that enterprises deploying NAC "spend a lot of time in the lab and test everything and look for unexpected effects."

Users have plenty of options when evaluating NAC solutions, including platforms and enabling technologies from infrastructure vendors such as Cisco, Microsoft and Nortel, which aim to make NAC essentials a core part of the network environment. Meanwhile point solutions have emerged in two main flavors, including "in-band" approaches that sit in between access and distribution switches (or act as a replacement switch themselves) and examine incoming traffic and "out-of-band" solutions that monitor link ports and control host access.

As NAC grows to become an almost all-encompassing framework for enterprise wide access control and intrusion detection, many enterprises will end up using combinations of these approaches, said NWC analyst Mike Fratto. "These are not exclusive technologies," he said. "Many of the products I've seen that hold the most promise for large enterprises support multiple NAC methods."

Indeed, even as NAC architectures continue to evolve, 2007 is expected to see some important NAC milestones, including progress on a standards-based NAC architecture and approach from the Trusted Computing Group/Trusted Network Connect. Meanwhile, Microsoft and Cisco will walk the line between cooperation and competition as elements of Microsoft's Network Access Protection (NAP) framework arrives on Vista desktops and Longhorn servers and Cisco's Network Admission Control architecture continues to evolve. The two vendors have pledged to cooperate on NAC interoperability, but with so much at stake there will undoubtedly be areas where they will set down stakes as well.

Look for Microsoft to demonstrate plenty of NAP interoperability with a variety of NAC partners at the upcoming RSA show, while the standards-driven TNC approach is driving toward interoperability demos at the Interop show later this year.

Meanwhile, NAC solutions continue to mature. In 2007, look for advances in how enforcement devices understand the state of the client, an area ripe for standardization, said Michelle McLean, senior director of product marketing for ConSentry Networks. Also on deck should be improved integration of NAC devices with standalone policy servers, McLean said. And don't be surprised if additional security functionality gets sucked into the NAC universe, in particular the integration of intrusion detection systems with NAC, enabling NAC platforms "to learn from or inform" IDS/IPSs, said Sanjay Uppal, president and CEO of Caymas Systems.

Thanks, Ispro!

America's Growth Capital and Soleil Securities are hosting the 3rd Annual America's Growth Capital Information Security Conference on Monday, February 5, 2007. The conference will feature leading public and private information security executives for our day-long program of panel discussions, management presentations and keynote addresses that will collectively illustrate the significance of information security to the IT landscape. Click here for the agenda. Confirmed keynote speakers include Fred Amoroso (President and CEO of Macrovision), Art Coviello (President of RSA, the Security Division of EMC) and Gene Hodges (President and CEO of Websense). As has been the case in previous years, our event precedes the RSA Security Trade Show and Conference, which should again provide us with an impressive gathering of industry professionals, both as presenters and attendees.

http://www.americasgc.com/Agenda020507.pdf

Also, looks like Renesas will be at RSA 2007 as well. Seems appropriate for one of Wave's many partnerships to formally come to light that week. My first choice would be Seagate, but not picky after that.


Renesas Seminars and Events

RSA 2007, February 5-9, 2007, Moscone Center, San Francisco CA, Booth #625

I know this was posted based on yesterday's discussion right?

Infineon First to Release Windows Vista-Ready TPM v1.2 Management Suite for Simple Manageability of Trusted Platforms in Enterprise Environments

MUNICH, GERMANY -- (MARKET WIRE) -- January 23, 2007 -- Infineon Technologies (NYSE: IFX) (FRANKFURT: IFX ), a leading supplier of integrated circuits and supporting software for secure computing and communications devices, announced availability of a new software suite version for management of computers using Trusted Platform Modules (TPM) in enterprise environments. Together with the currently shipping Infineon Trusted Platform Module (TPM) v1.2, the TPM Professional Package builds a comprehensive and Windows Vista-ready secure solution compliant with the Trusted Computing Group's (TCG) 1.2 specification.

The TPM Professional Package v3.0 features a wide range of secure management capabilities enabling system administrators in enterprise and SOHO (Small Office/ Home Office) environments to securely manage TPM-enabled desktops and notebooks, including setting policies, handling backup and restore, and securely migrating critical protected information from one TPM to another. The Infineon solution, which already supports several available operating systems, such as Windows® 2000, Windows XP, Windows 2003 Server, etc., is now Windows Vista-ready as a result of a close cooperation with Microsoft.

The Infineon TPM v1.2 solution simplifies customer data protection through support of Microsoft's BitLocker™ Drive Encryption. PC manufacturers benefit from the complete Infineon TPM hardware and software offering since it secures all core components of a security subsystem used for authenticity, integrity and confidentiality of stored data.

Integrated onto the motherboard of a stationary or mobile PC, the TPM helps shield the stored data against unauthorized access and improves the system integrity. This enables more secure data storage, secure online business information exchange and online commerce transactions while protecting privacy. The Infineon TPM is the industry's smallest for this type of device in a 9.7 mm x 4.4 mm package and it is also suitable for integration on mobile devices mainboards, such as handheld computers and PDAs.

"Security is one of the core driving factors for Windows Vista deployments since many of our customers are looking at the early adoption of Windows Vista due to its numerous security enhancements and functionality. As part of a myriad of pre-boot authentication options, BitLocker™ Drive Encryption leverages TPM 1.2 technology to bring data protection security value to users," said David B. Cross, director of program management for Windows security at Microsoft Corporation. "The Infineon TPM solution complements the increased security features of Windows Vista and provides significant value-add to our mutual customers."

Highlighted Links
Infineon Web Page

"Meeting the security needs of our business PC customers is a priority at HP," said Carol Hess-Nickels, director, worldwide business notebook marketing, Personal Systems Group, HP. "Integrating the Infineon TPM Professional Package as Embedded Security for HP ProtectTools across all of our TPM-enabled platforms provides customers with more secure protection of data and credentials. And with Infineon's support for Vista, customers will have access to a broader range of features designed to help keep their most sensitive data safe."

"As a technology leader in security, we are shipping the Infineon TPM Professional Package across all Fujitsu notebooks and selected desktops," said Yasushi Ashikaga, general manager of personal systems business unit for Fujitsu Limited. "We chose the Infineon solution because of the manageability features for enterprise and Vista-readiness, combined with the high-security standard that are critical features for our notebook customers."

The TPM Professional Package is also shipping in desktops and notebooks for several other brands including Epson Direct Corporation, Hitachi, Ltd., NEC Corporation, Sony Corporation, Sotec Co., Ltd, and others.

US market research company IDC predicts approximately 50 million TPMs to be sold in 2006, mainly in business desktops and notebooks. IDC anticipates the TPM market to increase to more than 250 million pieces in 2010. This equals an attach rate of more than 90 percent of all notebooks and desktops.

"Building on its strengths, Infineon provides the basis for privacy and protection of information as well as increased user comfort," said Peter Bauer, member of the management board and president for the Automotive Industrial and Multimarket business group at Infineon Technologies. "With an increased awareness for security, Infineon is determined to raise the bar for security and be a leader in this growing market."

Technical Details for the Infineon Professional Package v3.0 and TPM 1.2 (SLB 9635 TT 1.2) for Safer Computing

Infineon provides the highest possible performance for TPM systems consisting of secure hardware and complete system software and application software.

The TPM Professional Package v3.0 features application and management functionalities such as backup and restore as well as migration of secrets, policy settings and password handling. It supports multiple operating systems and specifically Microsoft's new operating system Windows Vista, in both its 32- and 64-bit versions. The multi-language solution provides management functions optimized for use in enterprise environments with central administration of TPM-enabled PCs and notebooks. Additionally, multiple applications are supported such as WLAN security file and folder encryption.

Infineon's TPM v1.2 is based on the company's proven family of 16-bit security controllers which was developed for use in high-security chip card applications. To securely store keys and passwords, the Infineon TPM offers state-of-the-art security features, such as an active shielding that sends a continuous stream of random data over the surface of the chip. Apart from active shielding, the chip features a true random number generator (RNG), hardware accelerated RSA crypto algorithms with key lengths of up to 2,048 bit and hash algorithms (where a document, file or computer drive is assigned a unique, cryptographically protected checksum which can be used to recognize manipulation), as required by the Trusted Computing Group specification.

Infineon's TPM has started the process to pass the world's strictest security evaluations for hardware security conducted according to internationally accepted standards and to achieve the industry's highest rating for digital security, the Common Criteria EAL 4+ (evaluation assurance level four plus).

Availability

The Infineon TPM Professional Package is available to desktop and notebook manufacturers now.

More information on the Infineon TPM solution is available at www.infineon.com/tpm.

About TCG Specifications

The Trusted Computing Group (TCG), with more than 100 member companies, is a not-for-profit organization formed to develop, define, and promote open standards for hardware-enabled trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications will enable more secure computing environments without compromising functional integrity, privacy, or individual rights. The primary goal is to help users protect their information assets (data, passwords, keys, etc.) from compromise due to external software attack and physical theft.

The Group was formed as a successor to the Trusted Computing Platform Alliance (TCPA), which was founded in 1999 by Compaq, HP, IBM, Intel and Microsoft. TCG has adopted the specifications of TCPA and will both enhance these specifications and extend the specifications across multiple platforms such as servers, PDAs, and digital phones. Further information on Trusted Computing Group (TCG) is available at www.trustedcomputinggroup.org

About Infineon

Infineon Technologies AG, Munich, Germany, offers semiconductor and system solutions addressing three central challenges to modern society including energy efficiency, mobility and security. In fiscal year 2006 (ending September), the company achieved sales of Euro 7.9 billion (including Qimonda sales of Euro 3.8 billion) with approximately 42,000 employees worldwide (including approximately 12,000 Qimonda employees). With a global presence, Infineon operates through its subsidiaries in the US from San Jose, CA, in the Asia-Pacific region from Singapore, and in Japan from Tokyo. Infineon is listed on the Frankfurt Stock Exchange and on the New York Stock Exchange (ticker symbol: IFX).

This news release and a press photo are available online at http://www.infineon.com/news/

Lincolnpark, Seagate is certainly hitting on all cylinders and FDE drives are going to be a big part over the coming years. Seagate's desire to extend this functionality across its product line illustrates this point. That is why the Wave's agreement with Seagate will be more comprehensive than some people realize. I am happy to ride the coattails of Trusted Computing, Seagate, or even Peter Pan if he wants to encrypt the whereabouts of Neverland and authenticate Tinkerbell and Wendy to his network.

Pickle

OT: Toshiba, Broadcom help ARM extend AMBA reach

John Walko
EE Times Europe
(01/23/2007 6:47 AM EST)

LONDON — ARM has extended its IP licensing deals with two major customers, Toshiba and Broadcom, with the former agreeing to use ARM's PrimeCell products in its SoC designs, as well as the AMBA Designer tool.

Toshiba plans to speed the development of infrastructure solutions using the design tool via a graphical user interface.

"Toshibas signing of a comprehensive agreement for the adoption of PrimeCell products is a major milestone for ARM that also underscores the growing importance of the AMBA specification in driving new levels of performance and efficiency throughout the industry," said Jonathan Morris, general manager, Fabric Division, ARM.

Broadcom has also added support for the PrimeCell AMBA 3 AXI interconnect technology across a range of products for wireless and mobile platforms, extending a long term relationship with ARM (Cambridge, England).

"The AMBA AXI specification, coupled with the versatility of ARM configurable PrimeCell infrastructure IP, helps us optimize system performance across a wide spectrum of applications, said Edward Frank, Corporate Vice President of Research and Development for Broadcom.

Frank added ARMs ability to deliver high performance on-chip interconnect would speed its efforts to develop key products for the wireless sector.

OT: Broadcom announces new generation of gigabit switches

22 January, 2007


Irvine CA-based Broadcom Corporation, which makes semiconductors for wired and wireless communications, has announced a new generation of multi-layer Gigabit Ethernet (GbE) switches designed to improve enterprise network security through a highly scalable and easy-to-manage security infrastructure. This latest generation of Broadcom StrataXGS III Gigabit Ethernet switches features new BroadShield security technology, which enables network admission control and supports Microsoft's Network Access Protection policy enforcement technology to achieve dramatically improved network security and manageability when compared to existing solutions.

The new product line is the Broadcom StrataXGS III BCM56510 series of multi- layer Gigabit Ethernet switches, a follow-on series to the company's widely deployed BCM56500 series. All products in the BCM56510 series are equipped with BroadShield security technology, a multi-layered security framework that includes a robust set of standards-based features to dramatically improve security while delivering unmatched scalability. The key security features include standards-based authentication, user quarantine, denial of service attack prevention, 'man in the middle' attack prevention, spoofing prevention, and support for advanced access control lists (ACLs).

"The breadth of security features in Broadcom's BroadShield technology addresses our customers' needs for a more robust and scalable enterprise security infrastructure," said Eric Hayes, Director of Marketing, Broadcom Enterprise Switching line of business. "Broadcom is setting the stage for standards-based networks where endpoints and switches can interoperate in today's complex multi-vendor environment."

Through BroadShield technology, Broadcom's new BCM56510 series of GbE switches is designed to support Microsoft Network Access Protection. Network Access Protection is a policy enforcement technology built into the Windows Vista and Windows Server operating systems that allows customers to better protect network assets from unhealthy computers by enforcing compliance with network health policies. Microsoft's Network Access Protection technology is publicly available with trial versions of Windows Vista, and available to select partners and customers with Beta 2 of the future version of Windows Server.

The BCM56510 series also enables network admission control which governs how security policies are enforced on any device on the network with the goal of minimizing the damage from emerging security threats. IT managers employing NAC have the ability to control network access for any client that accesses the network (for example, a PC, PDA or other endpoint device), granting the appropriate level of access based on the classification of the endpoint device.

OT: Sun Microsystems, Intel near chip deal-WSJ
Sun Jan 21, 2007 10:42pm ET29

NEW YORK, Jan 21 (Reuters) - Sun Microsystems Inc. (SUNW.O: Quote, Profile , Research) and Intel Corp. (INTC.O: Quote, Profile , Research) are close to an agreement where Sun would buy Intel chips for use in server systems, the Wall Street Journal reported on Sunday.

A deal, expected to be announced soon, may include an endorsement by Intel of Sun's Solaris operating system, the Journal reported, citing people familiar with the matter.

Sun's use of Intel chips would be a blow to Advanced Micro Devices Inc. (AMD.N: Quote, Profile , Research), which is Sun's exclusive source for chips based on the popular x86 design used in most personal computers and servers.

Santa Clara, California-based Sun would keep making computers based on AMD chips, the Journal said.

OT:CES 2007: Microsoft to showcase remote-controlled USB handsets and UMPCs

Latest news
Monica Chen, Taipei; Steve Shen, DigiTimes.com [Monday 8 January 2007]

Microsoft is expected to showcase a number of new consumer products at the 2007 International Consumer Electronics Show (CES), including remote-controlled USB handsets and Ultra Mobile PCs (UMPCs), according to sources at related Taiwan-based manufacturers, who also indicated that the launch of the products will benefit Taiwan's OEM companies.

The USB handset, which aims to compete with Skype-enabled handsets, will come with a remote controller that is able to integrate various functions being played by a PC, a TV interface and audio/video devices, the sources noted.

As indicated by the sources, Taiwan-based Accton Technology and Winbond Electronics will supply Bluetooth-enabled modules and chipsets, respectively, for the remote-controlled USB handset.

Meanwhile, the UMPC to be displayed by Microsoft at the CES will come with a C7-M processor from Taiwan-based VIA Technologies and will be manufactured by Arima Computer, the sources stated.

Sources at Microsoft Taiwan declined to comment on the report, but indicated that the UMPC products displayed at the CES, which will be Vista Ready, should come from Asustek Computer.

Liberty Alliance Announces Products from CA, Entr'ouvert, Ericsson, HP, NTT, NTT Software and Symlabs Pass Interoperability Testing

First event to test against the final version of ID-WSF 2.0 and Liberty People Service specifications

CGIDir
Wednesday, January 17, 2007; 03:31 AM

Liberty Alliance, the global identity consortium working to build a more trusted Internet for consumers, governments and businesses worldwide, today announced that products from CA, Entr'ouvert, Ericsson, HP, NTT, NTT Software and Symlabs have passed Liberty Alliance testing. With today's testing results, nearly 80 identity products and solutions from vendors around the world have now passed Liberty Alliance testing for SAML 2.0, Liberty Federation and Liberty Web Services.

"Interoperability of identity products and solutions is key to the successful and wide scale deployment of federation, Web services, SOAs and social networking applications," said Roger Sullivan, president of the Liberty Alliance Management Board and vice president of Oracle Identity Management. "Vendors passing Liberty Alliance interoperability testing offer their customers assurances that products can interoperate from day-one and deliver real business value over the long-term."

Today's news marks the first time Liberty Alliance has tested vendors for interoperability of ID-WSF 2.0, the latest version of Liberty Web Services specifications which was released as final in October 2006. ID-WSF 2.0 includes Liberty People Service(TM), the industry's first open Web services framework that allows consumers and enterprise users in any market segment to manage applications such as calendars, blogs, e-mail, instant messaging and photo sharing in a secure, privacy-respecting and trusted federated social network.

Liberty Interoperable(TM) products are deployed extensively by governments and businesses worldwide. Organizations can trust that products that have passed Liberty Alliance testing will deploy quickly and can immediately interoperate with other Liberty-enabled technologies. A snapshot of organizations deploying Liberty's open and proven interoperable identity standards is available at http://projectliberty.org/index.php/liberty/adoption. A list of all identity products that have passed Liberty Alliance interoperability testing is available at http://projectliberty.org/liberty/liberty_interoperable/interoperable_products

During testing held in France the week of December 4, 2006, the products and services listed below demonstrated interoperability with one or more of the following standards, Liberty Federation, which consists of ID-FF 1.1, 1.2 and SAML 2.0, and Liberty Web Services, which consists of ID-WSF 1.0, 1.1, 2.0 and Liberty People Service specifications.

CA -- CA SiteMinder 6.0 SP5 Federation Security Services (SiteMinder FSS) provides robust identity federation capabilities that enable organizations to easily interconnect with partners. By supporting a comprehensive set of federation specifications combined with broad Web access management capabilities, SiteMinder FSS provides a flexible federation platform that enables customers to quickly capitalize on new business opportunities while minimizing IT costs.

Entr'ouvert -- Lasso 2.0 is a Free Software C library, GNU GPL licensed. It works on GNU/Linux, Windows, Mac OS X and other UNIX systems and has complete language bindings for C, C++, ColdFusion, Java, Perl, PHP and Python. Lasso is built on top of standard and powerful libraries (libxml2, XML Security Library, Open SSL) and supports extremely important workload. Lasso implements ID-FF, ID-WSF and SAML 2.0 protocols. It is used by the French Administration and major worldwide companies. It supports strong authentication with the absolute respect of user privacy.

Ericsson -- Ericsson Identity Management EIM 1.0 is the user identity platform for service delivery that enables new business roles for the operators. EIC1.0 (Ericsson Identity Controller) is the product in EIM 1.0 solution that implements the Identity Provider functionality, as described in OASIS SAML v2.0, and so provides the ability to federate user identities internally between the user databases of different divisions of the operator as well as external content and service providers for the exchange of identity information.

HP -- HP Select Federation Software offers SAML 2.0, SAML 1.1, SAML 1.0, Liberty ID-FF 1.2, Liberty ID-FF 1.1 and WS-Federation support. HP Select Federation Software enables the comprehensive cross-enterprise SSO and sharing of identity details; greatly reduced effort to seamlessly integrate services and partnerships; rapid and low cost deployments through concurrent support of all the major federation standards; enhanced privacy and compliance through integrated privacy and end-to-end audit management capabilities; and opt-in user privacy control to help meet personal, corporate and regulatory privacy requirements.

NTT -- I-dLive is NTT's identity information sharing module, which implements an identity service platform for subscribers of new broadband network services provided by NTT group companies. A new version of I-dLive has just achieved certification for ID-WSF 2.0 including People Service, and SAML 2.0 OASIS Standard.

NTT Software -- TrustBind Federation Manager (1.0) delivers a complete, high-performance, carrier-grade SAML 2.0 solution in the form of a Java component module. With support for multiple OSs and middleware platforms, TrustBind allows for fast and inexpensive deployments.

Symlabs -- Symlabs Federated Identity Access Manager (FIAM) v3.1 is a complete Federated Identity solution conforming to SAML 2.0 and Liberty ID-WSF 2.0. Including simultaneous support for earlier versions and WS-Federation, FIAM provides a multi-protocol, multi-version identity management environment that enables a seamless on-line customer experience without compromising a company's control of identity and privacy requirements. A family of modules tailored to applications such as Telco or Medical and deployments like Identity Provider or Personal Profile ensure a perfect fit. For example, Symlabs FIAM People Service (PS), is a ready-to-deploy Liberty PS Web Services Provider that delivers cross-principal online interactions for a variety of scenarios, from consumers sharing personal content to businesses creating powerful role-based identity applications, all with full respect for privacy.

Liberty's next testing event will offer participants a variety of new testing capabilities and services. Liberty Alliance recently announced that it has selected Drummond Group (DGI) to manage and enhance the Liberty Interoperable program on a global basis in order to meet growing industry demand for identity products that have proven to interoperate across the widest possible range of deployment scenarios. The relationship with Drummond Group adds, among other services, full matrix and global Internet-based testing capabilities to the Liberty Interoperable program.

About Liberty Alliance

Liberty Alliance is a global identity consortium with a membership base that includes technology vendors, consumer service providers and educational and government organizations working together to build a more trusted Internet by addressing the technology, business and privacy aspects of digital identity management. The Liberty Alliance Management Board consists of representatives from AOL, Ericsson, Fidelity Investments, France Telecom, HP, Intel, Novell, NTT, Oracle, and Sun Microsystems. The Liberty Interoperable program is designed to test vendor products for true interoperability of Liberty Federation and Liberty Web Services specifications. The program is open to both Liberty member and non-member organizations. More information about Liberty Alliance testing is available at http://projectliberty.org/index.php/liberty/liberty_interoperable

Barge,

I posted that Netflix article a few days ago. I am glad you noticed. This is submarine warfare in teh consumer space.

Pickle

OT: Nortel and Microsoft CEOs Outline Transformation of Business Communications
Wednesday January 17, 11:31 am ET
Ballmer, Zafirovski Share Joint Road Map for Voice Over Internet Protocol and Unified Communications Solutions

NEW YORK, Jan. 17 /PRNewswire-FirstCall/ -- Today, Microsoft Corp. (Nasdaq: MSFT - News) CEO Steve Ballmer and Nortel* CEO and President Mike Zafirovski announced a joint road map to deliver their shared vision for unified communications. The road map is the result of an alliance between Microsoft and Nortel announced in July 2006, and includes three new joint solutions to dramatically improve business communications by breaking down the barriers between voice, e-mail, instant messaging, multimedia conferencing and other forms of communication.

Speaking at an event at Studio 8H in Rockefeller Center to more than 100 customers along with reporters and analysts, Ballmer and Zafirovski outlined how companies can improve employee productivity and effectiveness and reduce the costs and complexity of communications. They also announced 11 new implementation services from Nortel and the opening of more than 20 joint demonstration centers where customers can experience the technology firsthand.

In just six months since the alliance was formed, the two companies have signed agreements with dozens of customers, and have developed a pipeline of hundreds of prospects who want to realize the benefits of unified communications.

"We are executing forcefully on the vision of this alliance and have made tremendous progress," Zafirovski said. "We completed the planning stages and are now delivering unified communications solutions to businesses around the world. Our goal is to close the gap between the devices we use to communicate and the business applications we use to run our businesses, giving employees the power to use information more quickly and effectively."

"The average employee gets more than 50 messages every day(1) on up to seven different devices or applications," Ballmer added. "Software can and will help address the ongoing challenge of managing communications and this challenge is the driving idea behind our alliance with Nortel. Together, we will evolve VoIP and unified communications to integrate all the ways we contact each other in a simple environment, using a single identity across phones, PCs and other devices."

New Solutions to Improve Communications and Collaboration

Microsoft and Nortel formed the Innovative Communications Alliance to help companies transform business communications by speeding up the transition to voice over Internet protocol (VOIP) and unified communications. Delivering on the vision they outlined in July, Microsoft and Nortel today introduced three new solutions:

*UC Integrated Branch. This new product from the alliance will incorporate
Nortel and Microsoft® technology on a single piece of hardware that
delivers cost-effective, high-quality and easy-to-deploy VoIP and unified
communications in remote offices. The UC Integrated Branch is planned to
be available in the fourth quarter of 2007.
*Unified Messaging. To simplify customer deployments, native session
initiation protocol (SIP) interoperability between the Nortel
Communication Server 1000 and Microsoft Exchange Server 2007 Unified
Messaging is planned to be available in the second quarter of 2007. The
solution includes Nortel professional services for design, deployment and
support.
*Conferencing. This new solution will extend the rich feature set of
Nortel Multimedia Conferencing to Microsoft Office Communicator 2007,
delivering a single, familiar client experience consistent across
applications such as voice, instant messaging, presence, and audio- and
videoconferencing. The on-premise solution is planned to be available in
the fourth quarter of 2007.

In 2007, the companies also plan to extend their current unified communications solution -- a unified desktop and soft phone for VoIP, e-mail, instant messaging and presence -- to the Nortel Communication Server 2100, a carrier-grade enterprise telephony product supporting up to 200,000 users on a single system.

In addition, Nortel and Microsoft presented a road map for 2008 and beyond for moving business communications onto a software platform designed to drive a higher-quality user experience and reduce total cost of ownership. The road map outlines several key applications and technology developments including a unified communications contact center, Nortel feature server, expanded hosted UC solutions, mobility and client solutions, and application-aware networking enhancements.

"Innovative communications and collaboration technologies are critical to fully enabling Royal Dutch Shell's global work force, and key to operating at top quartile in our industry. We believe in and support the vision Nortel and Microsoft have outlined," said Johan Krebbers, group IT architect at Royal Dutch Shell, who joined Ballmer and Zafirovski onstage for today's event. "Over the next several years, we plan to migrate our network to a software-based communications system built on technologies represented by the Nortel and Microsoft alliance."

Experiencing VoIP and Unified Communications Solutions

The companies announced that they have equipped more than 20 joint demonstration centers in North America, Europe and Asia, with more than 100 additional centers scheduled to open by midyear.

In a related announcement, Nortel added 11 core integration services to help customers build, deploy and support joint unified communications solutions, including end-to-end project management. Nortel already has more than 2,200 VoIP experts to deliver these services and will add more as deployment ramps up. This group is supported by the 10,000-strong Nortel global services team and a large ecosystem of services partners.

OT: Glimpse into the Future? Netflix to Be Delivered on the Internet


Netflix to Be Delivered on the Internet
Tuesday January 16, 7:30 am ET
By Michael Liedtke, AP Business Writer
Coming to a Computer Near You: Netflix Delivered on the Internet


LOS GATOS, Calif. (AP) -- Netflix Inc. will start showing movies and TV episodes over the Internet this week, providing its subscribers with more instant gratification as the DVD-by-mail service prepares for a looming technology shift threatening its survival.
The Los Gatos-based company plans to unveil the new "Watch Now" feature Tuesday, but only a small number of its more than 6 million subscribers will get immediate access to the service, which is being offered at no additional charge.

Netflix expects to introduce the instant viewing system to about 250,000 more subscribers each week through June to ensure its computers can cope with the increased demand.

After accepting a computer applet that takes less than a minute to install, subscribers will be able to watch anywhere from six hours to 48 hours of material per month on an Internet streaming service that is supposed to prevent piracy.

The allotted viewing time will be tied to how much customers already pay for their DVD rentals. Under Netflix's most popular $17.99 monthly package, subscribers will receive 18 hours of Internet viewing time.

The company has budgeted about $40 million this year to expand its data centers and cover the licensing fees for the roughly 1,000 movies and TV shows that will be initially available for online delivery.

Netflix's DVD library, by comparison, spans more than 70,000 titles, one of the main reasons why the mail is expected to remain the preferred delivery option for most subscribers.

Another major drawback: the instant viewing system only works on personal computers and laptops equipped with a high-speed Internet connection and Microsoft Corp.'s Windows operating system. That means the movies can't be watched on cell phones, TVs or video iPods, let alone computers that run on Apple Inc.'s operating system.

Despite its limitations, the online delivery system represents a significant step for Netflix as it tries to avoid obsolescence after the Internet becomes the preferred method for piping movies into homes.

"This is a big moment for us," Netflix Chief Executive Reed Hastings as he clicked a computer mouse to quickly call up "The World's Fastest Indian" on the instant viewing service. "I have always envisioned us heading in this direction. In fact, I imagined we already would be there by now."

Besides preparing Netflix for the future, the instant viewing system also gives the company a potential weapon in its battle with Blockbuster Inc. As part of an aggressive marketing campaign, Blockbuster has been giving its online subscribers the option of bypassing the mail and returning DVDs to a store so they can obtain another movie more quickly.

Since its 1999 debut, Netflix has revolutionized movie-watching habits by melding the convenience of the Web and mail delivery with a flat-fee system that appealed to consumers weary of paying the penalties imposed by Blockbuster for late returns to its stores.

After first brushing off Netflix as a nettlesome novelty, Blockbuster has spent the past few years expanding a similar online rental service that provoked a legal spat over alleged patent infringement.

Netflix has been able to maintain its leadership so far, building so much momentum that the world's largest retailer, Wal-Mart Stores Inc., abandoned its efforts to build an online DVD rental service in 2005.

In the last three years, Netflix has signed up nearly 5 million more subscribers to become increasingly profitable. Although Netflix won't report its 2006 earnings until later this month, analysts believe the company made about $44 million last year, up from $6.5 million in 2003.

Despite the company's growth, Netflix's stock price has dropped by more than 40 percent over the past three years, shriveling to $22.71 at the end of last week.

The erosion largely reflects investor misgivings about Netflix's long-term prospects.

Once it becomes more practical to buy and rent movies within a few minutes on high-speed Internet connections, few consumers presumably will want to wait a day or two to receive a DVD in the mail. If that happens, Netflix could go the way of the horse and buggy.

Online movie delivery already is available through services like CinemaNow, MovieFlix, Movielink, Vongo and Amazon.com Inc.'s recently launched Unbox. Apple Inc. also is emerging as major player, with hundreds of movies and TV shows on sale at its iTunes store and a new device that promises to transport media from a computer to a TV screen.

But none of those online services have caught on like Netflix's mail-delivery system, partly because movie and TV studios generally release their best material on DVDs first. The studios have had little incentive to change their ways because DVDs still generate about $16 billion of highly profitable sales.

Like already existing online delivery services, Netflix's "Watch Now" option offers a lot of "B" movies such as "Kickboxer's Tears." But the mix also includes critically acclaimed selections like "Network," "Amadeus," "Chinatown" and "The Bridge On the River Kwai."

The studios contributing to Netflix's new service include NBC Universal, Sony Pictures, MGM, 20th Century Fox, Paramount Pictures, Warner Brothers, Lion's Gate and New Line Cinema.

"We are going into this with the knowledge that consumers want to watch (media) in various ways and we want to be there for them," said Frances Manfred, a senior vice president for NBC Universal. "For now, though, we know television is the vastly preferred option."

With its eight-year-old service on the verge of mailing out its billionth DVD, Netflix has been in no rush to change the status quo either.

But Hastings realizes Internet delivery eventually will supplant DVD rentals shipped through the mail, although he thinks it will take another three to five years before technological advances and changing studio sentiment finally tip the scales.

By then, he hopes to have 20 million Netflix subscribers ready to evolve with the service.

Ramsey2 and Julio. Thanks. Great reference posts. Kinda like gasoline. No matter what car you buy, we sell the fuel.

Pickle

I am confused. Is BitLocker's only importance to Wave in that it drives adoption of TPMs or does Wave have an opportunity to manage the keys? Now that MSFT has made this functionality available via the internet as some of the earlier posts here today has described, does that limit Wave's opportunity. I guess what I am asking to is who will be managing the BitLocker keys?

TIA
Pickle

Nokia Announces New NFC Phone

Handset maker Nokia this week announced plans to launch its long-awaited follow-up NFC mobile phone, which it touts as becoming the first commercially available handset with built-in NFC features.

Nokia made the announcement early this week at the giant Consumer Electronics Show in Las Vegas, Nevada, predicting its NFC-enabled 6131 model will be on the market during the first quarter. NFC is a short-range wireless technology that allows phones and other devices to act like contactless payment or ticketing cards. It also enables them to download data from “smart tags” embedded in posters, among other features. Nokia, the world’s largest handset maker, is a strong backer of the technology.

“NFC is a market in 2007 (and) will see broader acceptance,” Gerhard Romen, head of NFC market development for Nokia, tells Card Technology. “We will see quite some pilots going on but also the first deployments. 2008 and 2009, the volume markets will begin to grow.”

Nokia’s earlier NFC phones: its 3220 model, used in most of the NFC pilots to date, and its lesser-known 5140 handset, were retrofitted with detachable shells containing NFC chips and short-range radio antennas, along with separate secure chips to store applications. The new NFC phone comes with all of this built-in, supporting the technology in the handset’s operating software. With the 6131, among other things, subscribers or mobile operators will be able to easily download applications over the air to the handsets, including transferring applications to replacement phones, Romen says. The 6131, although not a new phone itself, offers other features subscribers might want, such as a built-in digital music player, FM stereo radio, 1.3-megapixel camera and a slot for removable microSD cards to store music and photos. Nokia began shipping the non-NFC version of the mid-tier 6131 last May.

But whether the real customers for the NFC version of the 6131–the mobile network operators–will want it remains to be seen. The phone, like the earlier 3220, comes with an embedded chip to securely store payment, ticketing and other applications. But large operators that are backing NFC have stated a clear preference for putting these applications on the SIM card, which they issue to subscribers for network access. Using the SIM would make it easier for the operators to collect revenue from the rollout of services on NFC phones.

“The secure element in the phone, going forward it will be on the SIM,” says Romen. “At the moment, there are no standards allowing the secure element to be on the SIM.”

Jonathan Collins, a senior analyst in London for U.S.-based ABI Research, doubts the new Nokia phone will be used for many NFC rollouts.

“It was clearly time for a new phone, but again, it’s not that there’s a market yet,” he tells Card Technology. “This is a phone that is primarily going to be used in trials.”

That would give it more in common with NFC “prototypes” from other handsets makers, including rival Samsung, he says. Mobile operators, which will be the ones ordering most of the NFC phones that Nokia, Samsung and other handset makers will sell, are still working on the business case, he says.

ABI predicts operators eventually will see the justification for subsidizing the NFC phones. While last fall the research firm downgraded its projection for the penetration of NFC handsets in the market over the next five years, it still predicts handset makers will ship 450 million units by 2011.

Nokia’s Romen expects a new standard for the SIM interface with the NFC chip to be adopted within in the next six months or so. “For the next devices and next versions, we can implement whatever is the new (SIM) standard,” he says.

But Nokia “decided to move ahead” with the 6131 and expects to get a lot of mileage out of it. It forecasts a roughly two-year life span for the phone.

–By Dan Balaban (2007-01-11)

Does Apple's iPhone have an ARM chip? Want ad hints yes
January 11, 2007 5:10 PM PST


Everyone wants to know what's in the Apple iPhone. One of the company's want ads provides a hint that it could be an ARM chip.

An ad on the company's Web site for a Bluetooth/Wi-Fi engineer says that an "additional success factor" is experience with ARM. In all, Apple has 33 want ads up for iPhone engineers.

ARM makes complete sense and was actually the pick of many people here at CNET News.com (including me). ARM chips are found inside over 90 percent of the world's cell phones, and generally the chips provide better battery performance than x86 chips. Intel's ultra low power x86 chips aren't out yet. (ARM, companies it has acquired and Apple also have a long history together that predates the release of the Newton.) ARM doesn't make chips. Instead, it licenses chip designs to Samsung, Texas Instruments and Intel, among others.

If the phone does have an ARM chip in it, it does raise interesting compatibility nuances. Apple's computers run on Intel x86 chips. ARM chips run lots of OS's, but they don?t make a native x86. Apple has of course made operating systems for both, but it now leads with the x86 platform. Not using an x86 chip complicates software support for plug-in technologies such as Java or Flash.

Great stuff, RWK. This is my favorite Wave market. HUGE potential.

New Intel Processors Expand Quad-Core PC, Server Line-Ups
Monday January 8, 11:00 am ET
Intel(R) Core(TM) 2 Quad Processor Jump Starts Digital Applications, Software and Devices; Two More Server Quad-Core Products Introduced


LAS VEGAS--(BUSINESS WIRE)--Intel Corporation formally introduced three more quad-core processors, including the first to carry the Intel® Core(TM) 2 Quad processor brand name that begins the expansion of quad-core PC sales to mainstream buyers. Intel now offers a total of nine quad-core processor versions in the desktop and enterprise market segments.

The Intel Core 2 Quad processor packs four brains in every PC and delivers the immense speed and responsiveness that is increasingly required to process today's most demanding media-intensive applications. This processor is available in PCs and in the reseller channel immediately. Intel also announced two quad-core processors for single-socket servers. Today's announcement builds on the company's revolutionary Intel Core 2 Duo and quad-core microprocessor families, with 29 dual and quad-core processors for sale in the desktop PC, laptop and server market segments.

"Today Intel delivers another breakthrough -- quad-core technology for anyone's PC," said Intel President and CEO Paul Otellini. "The performance once requiring a supercomputer is now on the desktop, allowing you to do new and amazing things."

Intel's multi-core processors are designed to enhance the computer user's experience from start to finish. These microprocessors, which are based on the Intel® Core(TM) microarchitecture, target performance desktop and gaming PCs and will benefit from highly threaded software applications that target these market segments. Intel is actively working with software developers on threading applications and next-generation games that will be able to take advantage of quad-core microprocessors. The four cores make quad-core based computers the ideal choice for processor intensive, highly threaded applications such as Adobe After Effects(1), Premiere Pro 2.0(1), Windows Media Encoder(1), Snapstream(1) and Win DVD(1). Combined with the availability of Microsoft Windows Vista(1), this launch marks a rare occurrence in which new processors and a new operating system hit the market about the same time.

In addition to new levels of performance, these products bring consumers multitasking capabilities that enhance the way they create, experience and enjoy digital entertainment. Computers with the Intel Core 2 Quad processor are excellent for high-definition video entertainment and are multimedia powerhouses for demanding software applications run simultaneously. With four compute cores, the processor is uniquely designed for running multiple digital streams throughout the home -- making it the ultimate entertainment engine for Intel® Viiv(TM) technology-based PCs.

New Quad-Core Server Processors

Intel also introduced today the Quad-Core Intel® Xeon® Processor 3200 series for single-socket servers. Built on the Intel Core microarchitecture, these products will bring new levels of energy-efficient performance to entry server applications such as e-mail, Web, file and print. Two new processors are available today with clock speeds of 2.4 and 2.13 GHz with a 1066 front side bus and 8 MB of L2 cache.

Intel has made this next step in the computer's ongoing evolution as fast and easy as possible through continued investment in silicon process and manufacturing technology. Intel's advanced processes can help reduce the amount of energy required to run computers and "shrink" a processor's make-up to place multiple cores inside one product at more affordable prices.

Pricing and Availability

The new Intel Core 2 Quad processor Q6600 (2.4GHz) has been announced and is currently being demonstrated at CES. It is available now at $851 in 1KU quantities. Quad-Core Intel® Xeon® processor pricing includes the X3220 (2.4GHz) at $851 and the Quad-Core Intel® Xeon® Processor X3210 (2.13GHz) at $690.

Intel, the world leader in silicon innovation, develops technologies, products and initiatives to continually advance how people work and live. Additional information about Intel is available at www.intel.com/pressroom.

(1) Intel, Intel Core, Xeon and the Intel logo are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others.

OT:? Microsoft and Broadcom Deliver Combined Hardware and Software Platform for More Cost-Efficient HD DVD Players
Monday January 8, 3:01 am ET

Leading companies Lite-On and Jiangkui are on board to use Windows CE 6.0-based Broadcom complete reference design starting in the second quarter.


LAS VEGAS, Jan. 8 /PRNewswire-FirstCall/ -- Today at the 2007 International Consumer Electronics Show (CES), Microsoft Corp. (Nasdaq: MSFT - News) and Broadcom Corp. announced a joint effort to support a hardware and software reference design for more cost-efficient HD DVD playback. The new platform uses Microsoft® Windows® CE 6.0 and Broadcom's BCM7440 system-on-chip solution, allowing consumer electronics manufacturers, original design manufacturers and systems integrators to more easily and affordably deliver HD DVD playback. Several of the more innovative, high volume electronics companies that plan to use this new hardware and software platform to speed the production of HD DVD players include Lite-On IT Corp. and Zhenjiang Jiangkui Group Co. Ltd./ED Digital.

In less than a year, HD DVD is already transforming the way people watch movies. With several hundred thousand HD DVD players in homes and more than 240 movie titles to choose from, studios are taking full advantage of the pristine video and audio quality and the ability to add interactive features to blockbuster films. HD DVD movies have received reviewers' top ratings among high-definition media, and consistently outsell and outrank similar titles of competing optical disc formats.* To keep up with demand, major studios have announced more than 300 HD DVD movies for 2007.

"One of the critical steps in bringing HD DVD to the mass market is driving down the price of the units while maintaining flawless quality," said Peter Besen, vice president, Consumer Electronics, Broadband Communications Group, from Broadcom. "Our BCM7440 chipset brings multiple processors, dual decoders and dedicated graphics engines to the table. Combined with the power of Windows CE 6.0, we're able to offer a complete reference design that dramatically reduces development time for our manufacturing partners."

The Microsoft and Broadcom platform also ensures a high level of compliance with the HD DVD specification and compatibility with other HD DVD platforms, including the Xbox 360(TM) platform. With fully functional HDi(TM) interactivity and navigation software, and support for all mandatory HD DVD codecs including the industry-leading VC-1 codec, the hardware and software platform meets the requirements for the playback of advanced HD DVD interactive content already in production by leading Hollywood studios.

Through the support of Lite-On, HD DVD will benefit from one of the most experienced systems integrators backing high volume consumer electronics manufacturers that offer customized OEM solutions. Combined with Jiangkui's experience as one of the largest high volume Chinese DVD manufacturers, the Microsoft and Broadcom platform is already poised to significantly impact the HD DVD landscape in 2007.

"We've seen strong sales of HD DVD players and movies so far, but using this new platform, companies can produce HD DVD players in record time, resulting in more choices for consumers," said Amir Majidimehr, corporate vice president of the Consumer Media Technology Group at Microsoft. "The power and high integration of BCM7440, combined with the Windows CE 6.0 HD DVD platform, results in even lower cost players for consumers than the high value products already in the market."

The first players incorporating the new platform are expected from manufacturers in the second quarter of this year.





Announced today is the Broadcom BCM7440 Blu-ray/HD DVD SoC that offers OEMs a high performance single-chip media player design, which integrates a multiple-core MIPS® architecture, a multi-stream HD video decoder, dedicated graphics engines, DSP-based audio processors, a security processor, DDR2 interfaces, integrated video and audio outputs and a complete array of system and network connectivity interfaces. The BCM7440 is supported with a complete reference design, the BCM97440 and software stack, which includes support for all Blu-ray and HD DVD profiles.

Thanks for the reports! The govt has obviously made this a HUGE priority to the extent the largest hard drive manufacturer in the world has reserved for them the FIRST batch of FDE drives (in the name of national security?).

Pickle

OT: Nortel Networks Wins USD 2bn Contract from Verizon Wireless

Thursday, 28 December 2006

Nortel and Verizon Wireless, a wireless service provider, have signed an expected five-year, USD 2 billion agreement for Nortel equipment and services that will contribute to continued improvements and expansion of Verizon Wireless' network...

Nortel and Verizon Wireless, a wireless service provider, have signed an expected five-year, USD 2 billion agreement for Nortel equipment and services that will contribute to continued improvements and expansion of Verizon Wireless' network.

The planned Verizon Wireless network expansion comes as business and consumer adoption of services that utilise broadband networks such as the company's V CAST video and music services and BroadbandAccess high-speed Internet and e-mail offering—are resonating in the marketplace, officials at Nortel said.

"The popularity of Internet services like user-generated videos, online gaming, music and video is driving an explosion in bandwidth demand," said Richard Lowe, President, Mobility and Converged Core Networks, Nortel. "Consumers expect more from their mobile devices than voice communication and text-messaging. Nortel is making it simple for Verizon Wireless to expand its network to meet this demand and to competitively drive new services to market that their customers will enjoy."

"This expansion underscores our focus on investing in innovative technology and leveraging long-term, strategic relationships with leaders like Nortel to continually enhance our subscribers' mobile communication experience," said Ed Salas, network planning vice president, Verizon Wireless. "This means true mobility for our customers, allowing them to take their PC experience with them wherever they go and enjoy things like V CAST Music, V CAST video, great mobile games and high-speed file transfers on the nation's best wireless network."

Under this agreement, Verizon Wireless plans to deploy additional CDMA2000 radio base stations, switching, IP platforms, optical networking solutions and related equipment with the help of professional services from Nortel. In addition, this agreement builds on the contract announced in July 2006, whereby Nortel was selected to supply Verizon Wireless with CDMA 1xEV-DO Revision A technology. The ability for CDMA networks to provide significant performance enhancements through simple upgrades is a key advantage of the underlying technology.

"This contract confirms Nortel's leadership in supplying innovative CDMA mobile broadband technologies and driving advanced communication services," added Lowe. "It's our long term partners that know us best, so we're particularly proud when an industry leader like Verizon Wireless asks us to be part of their team for another five years."

This new agreement also presents an opportunity for Verizon Wireless and Nortel to further develop and deploy next-generation IMS-based applications and services. In addition, Nortel, Verizon Wireless and other industry suppliers will continue to work together to enhance industry standards and define an IMS architecture that lays a foundation for the efficient roll-out of advanced services.

Nortel has been a key supplier to Verizon Wireless' nationwide network for more than a decade. Nortel has been a leader in CDMA since 1995 and has launched more CDMA networks than any other vendor, according to the CDMA Development Group.

Security: A year of reassessment
Anti-virus nears breaking point, IPS tests limits, and the worm still turns

By Paul F. Roberts
January 01, 2007
E-mail E-mail print this Printer Friendly reprints Reprints Text Size: Default Text Large Text

New products and press fascinations come and go (mobile worms, anyone?), but IT security managers will stick with what works -- until it doesn’t. A few years from now, we may look back on 2006 and 2007 as that kind of turning point, when enterprise IT security folks took a good hard look at some of the products that were mainstays of their defensive strategy and asked whether they are pulling their weight.

Anti-virus software is likely to get the most scrutiny. In addition to being haunted by Microsoft’s entry into the anti-virus software market, the likes of Symantec and McAfee face an even bigger challenge in the enterprise: namely, a sense among security experts and enterprise IT staff that anti-virus software, as we’ve known it, has lost its edge against sophisticated malware that exploits previously unknown (“zero day”) software vulnerabilities. Look for more CISOs to seek alternative forms of protection in 2007 -- such as the use of behavioral analysis to spot compromised machines -- to try to get in front of zero days and other threats.

IT developments in the government space don’t typically foretell those in the private sector. But the government’s push to implement Homeland Security Presidential Directive (HSPD) 12 could have a spillover effect in the enterprise space, according to security experts. That directive, which went into force in October, requires a single, secure form of identification for all federal workers that can be used for both physical and logical access. It also affects defense contractors that do business with the government, and those companies may find it more affordable to standardize on some form of HSPD 12-compliant ID than to try to create a special ID just for their government contractors.

Intrusion detection and prevention is another area where enterprise security folks will be pressed to make the numbers add up. After sinking millions into IDS and IPS deployments over the past few years, companies have found themselves wading through vast seas of events that, in some cases, actually obscured attacks. In the case of IPS, security managers found themselves wary of turning their new hardware into “block” mode for fear of slowing or disrupting legitimate network traffic. With the stakes of network intrusions and data loss higher than ever, look for enterprises to ask their IDS and IPS vendors to put up or shut up (literally) when it comes to spotting and blocking attacks.

On the threat landscape, anti-virus peddlers have been making much of the shift from worms and virus outbreaks to lower profile attacks. But all that talk masks a sad truth: Worms and viruses never really went away; Nyxem and Warezov were two major worm outbreaks in 2006, amid a sea of smaller ones. In 2007, however, self-replicating code will be harder to ignore. Even if enterprises are well prepared, social networking Web sites MySpace and Facebook serve as great mediums to spread malicious code, and application-based attacks like those that infected unpatched Symantec anti-virus installations and the Skype VoIP application can easily go unnoticed. After all, the underlying economics that gave birth to the mass mailing worm and the Internet worm haven’t changed one iota: Compromised systems are valuable launching pads for botmasters and spammers, and worms continue to be a fast and effective way to build networks of compromised systems.

Finally, the past year has brought plenty of news on promising NAC (network access control) technology, but surprisingly little clarity. The picture got a bit clearer in June, when Cisco and Microsoft announced progress on integration between Cisco Network Admission Control and Microsoft’s Network Access Protection architecture, a key component of its coming Longhorn server. But Cisco’s insistence on major LAN or WAN infrastructure updates to realize the NAC features built into its routers and switches will be hard to swallow for many enterprises. Microsoft has been playing both sides of the field, as well, working with Cisco on NAC-NAP integration, while also saying it will support the open Trusted Network Connect architecture in Longhorn. The problem cries out for cooperation, but the indecision around NAC is likely to continue in 2007.

Paul F. Roberts is a senior editor at InfoWorld.

OT: Top 10 Storage Markets to Watch

The storage networking market includes a range of key vertical segments, each with its own set of requirements and buying patterns. During 2006, some loomed larger than others, boding well for more growth in 2007. Below, in order from smallest to largest slice of the pie, is our take -- empirically, if unscientifically, derived from our own observations -- on where the top storage buyers are located:

No. 10: SMBs. Suppliers have finally wised up to the fact that this huge market requires specially tailored gear. Instead of stripping down existing midrange wares and then forcing users to upgrade later, the vendors are seeing the potential in SMB volume sales. The segment's demands are also paving the way for new kinds of NAS-plus-iSCSI gear. (See Dell, Microsoft Team on NAS-Plus-iSCSI.)

No. 9: HPC. High-performance computing may be a niche market, but it's giving birth to a strain of high-end storage gear we'll soon start to see in areas like financial services and manufacturing. The HPC market is also tied into government and education segments, where massive R&D projects influence the shape of tomorrow's storage products.

ADVERTISEMENT

No. 8: Service Providers. Managed services of all kinds are getting more popular in IT, and storage is no exception. Ask Seagate, which just shelled out $183 million to buy EVault. (See Last Minute Shopping for Seagate.) Under increased pressure to organize and protect data, IT pros are turning to outsourcers for help with everything from online backup to email archiving. (See Managed Storage Moves On.) And providing for the providers is a key focus for storage vendors. Just ask 3PAR. That vendor claims that about half its "growing customer base" comprises providers of managed storage services. (See Managed Services Resurge.)

No. 7: China and India. OK, these are geographic regions, not industry segments, but these areas of the world contain some of the hottest growth markets for storage. Cisco and EMC have earmarked India for investment. (See Cisco Updates Investment.) Huawei-3Com is pursuing a sizeable IP SAN market there. (See Huawei Sets Sights on IP SANs.) And Hitachi, which knows these markets, noted in its first-half 2006 earnings report that "Asian economies grew strongly, reflecting a high growth rate in China and other factors. European economies, meanwhile, staged a moderate recovery." Storage, by the way, was listed among Hitachi's key growth markets. (See Hitachi Sees Growth.)

No. 6: Government. The top 20 IT contracts for which the U.S. federal government has issued RFPs for fiscal 2007 amount to over $120 million, according to an October 2006 report by research firm INPUT. That's a sizeable chunk of change, and we think plenty of it goes to storage.

IDC says government, including federal, Department of Defense, and state and local entities, accounted for 11.9 percent of storage spending in the U.S. in 2006. IBM is one example of a vendor that's glommed onto the opportunity. (See IBM: In a State.) But there's little doubt that other leading storage players are keeping government in their sights.




No. 5: Healthcare. While the healthcare market accounts for 5 percent of all IT spending, according to Goldman Sachs, we think the segment is bigger than that when it comes to consumption of storage. Indeed, IDC says healthcare is the vertical for which the most storage growth is forecast worldwide.

A large part of storage for healthcare is driven by better record-keeping, as mandated by HIPAA and other regulations that call for data on patients to be saved forever, literally. (See Service Providers Target Healthcare.) We see no waning here.

No. 4: Energy. Oil and gas firms are flocking to clustered storage to cope with loads of data pertaining to the discovery and development of geological resources. (See Energy Firms Clamor for Clusters.) That's no surprise: This is an area where massive scaleability is called for -- fertile ground for new kinds of technologies. Look for seismic growth (pun intended!) in archiving and CAS.

ADVERTISEMENT

No. 3: Broadcasting and Media. Roll 'em! This vertical accounted for over 10 percent of all storage spending worldwide in 2006, IDC reports. And depending on whether you include ISPs and Web-hosting providers as well as movie companies and firms like AOL, Time Warner, Turner Broadcasting, and Fox, the figures could come close to those of manufacturing or financial services.

Cisco has declared video, the coin of this realm, to be a top driver of its telco and carrier business. And video calls for lots of storage. This is also where clustered NAS firms like Isilon, Panasas, and OnStor have staked their claim. (See Turner Exec Explains Overhaul, Panasas Hires Marketing Chief, and Fox, IBM Expand Archive.) And considering Isilon's successful IPO this month, it's been a safe bet. (See Double-Take, Isilon Go Public.)

No. 2: Manufacturing. Here is a world where storage is key. We're talking enormous computing requirements, complicated workflow systems powered by technologies like RFID, and voluminous design and engineering data. Case in point: automobile giant General Motors, which has undertaken an ambitious $15 billion five-year IT outsourcing plan based on six big-name vendors, including EMC, HP, and IBM. (See GM's Eggs, IBM Picks Up $500M GM Deal and HP Grabs $700M of GM Biz.)

IDC says discrete manufacturing (including IT, automotive, electronics, and aerospace) accounted for 13.1 percent of U.S. storage spending in 2006. The firm sized the market at $1.5 billion in 2005. Can you say cash cow?

No. 1: Financial Services. This is the vertical of verticals, the primary target for nearly every storage networking vendor. Besides having the biggest dollar power, this market depends on IT for its lifeblood. Not that other sectors don't -- but let's face it, the economy is what sustains the rest of the verticals, and without the necessary machinery, investors are stumped.

According to a report issued by Goldman Sachs Research in September 2006, financial companies account for 21 percent of all IT revenue. IDC figures concur and put the market at over $2 billion annually. According to IDC senior analyst Daniel Corsetti, banking alone was the highest worldwide spender in the 2006, accounting for 14.2 percent of all worldwide storage spending.

Financial services require all kinds of storage support -- from fast and scaleable primary storage to fully manageable archives befitting a highly regulated industry. (See New Tools for New Rules.) Even if spending next year is 2 percent above that, the pickings will definitely be sizeable.

— Mary Jander, Site Editor, Byte and Switch

OT: Juniper Unveils 40gig Interface Between Optical Transport, IP Gear
By Khali Henderson
Posted on: 12/18/2006

Juniper Networks Inc. on Monday announced a new card for its T-series routers that enables service providers to meet growing bandwidth demands by sending 40gbps traffic over 10gbps optical transport networks.

“It removes the barrier to deploying 40gbps,” said Alan Sardella, product marketing manager for Juniper Network’s T-series routers. “The transport layer is stuck at 10gbps. Carriers are loath to upgrade that. It’s essentially like ripping up the highway.”

Instead, Juniper’s new 4xOC192 physical interface card (PIC) uses inverse multiplexing to transport 40gbps as four discrete OC192 connections over standard 10gbps XFP optical transponders common to most transport networks.

“These interfaces offer a feature that no one else can give us – we can integrate seamlessly with optical transport equipment while maintaining our existing management operations,” said Doug Junkins, vice president of the IP Engineering Global IP Network Business Unit for NTT America, in a press statement. NTT America has been using Juniper’s NGN solutions for its backbone since 1998.

Sardella explained that the alternatives to this interface are to transport 40gbps traffic outside of the DWDM system using a passive mux. The result is an unmanaged alien lambda. “That’s the rub,” he said. “You can’t tell what’s going on until you lose the signal.”

With Juniper’s solution, the 40gbps stream is split evenly using a framer chip. The resulting four 10gbps streams are able to pass through the DWDM system and be recombined at 40gbps at the T-series router on the other end.

The system can be used initially for 10gbps (OC192) traffic; a software command initiates the inverse multiplexing when greater bandwidth is required.

Sardella said the card enables carriers to put off upgrading their transport networks for a few years and to potentially skip over the 40gbps upgrade and go straight to 100gbps. “When the transport network is up to 100gbps, this [PIC] can be moved to the edge,” he added.

Juniper Networks Inc. www.juniper.net

Can Your Storage Be Trusted?
December 19, 2006
By Drew Robb

http://www.enterpriseitplanet.com/storage/features/article.php/3649931

Let’s face it; do you really know what your storage is up to once you walk out the building at 5 PM each day? When you are provisioning storage in one array, how you know what is going on in the other arrays? And with backups now being staged to disk to reduce the length of backup windows, isn’t it possible that your storage could be out partying all weekend?

Those may seem like some of the issues being confronted by the Trusted Computing Group (TCG) via its Trusted Storage initiative. But in actual fact, the challenges are much more critical to every day operations.

“Trusted Storage is crucial as storage devices are where the data and programs reside,” says Dr. Robert Thibadeau, chief technologist at Seagate Technology and chair of the Trusted Computing Group’s Storage Work Group. “They constitute a last bastion of defense against identity theft, stolen corporate secrets, stolen laptops and misplaced enterprise disks, and many other all too common problems in today’s society.”

He makes the point that no trusted computing platform can possibly exist without trusted storage. Thus the trust boundary must be extended to all the peripheral devices that are connected within any environment. Just like a chain is no stronger than its weakest link, so any storage network is as secure as the individual drives.

The Storage Work Group is building upon existing TCG technologies, focusing on standards for security services on dedicated storage systems. One objective is to develop standards and practices for defining the same security services across dedicated storage controller interfaces. This includes ATA, Serial ATA, SCSI, Fibre Channel, USB Storage, IEEE 1394, Network Attached Storage (TCP/IP), and iSCSI.

The organization is also acting as TCG liaison to other storage industry standards groups that have jurisdiction over interface standards. Interestingly, TSG member companies include all major storage industry vendors working to create an industry specification for trusted storage that protects data at rest.

A total of 39 of the 115 TCG member companies are participating in the development of the storage specifications. These vendors run the gamut. As well as flash storage and major hard drive manufactures, there are storage management players and storage integration specialists. A complete list of members is online at the Trusted Computing Group website.

Why not just leave it up to the individual vendors to each sort out their own security issues?

“We are operating to develop a specification precisely to allow all vendors who want to have a voice, to have a voice,” says Thibadeau. “Since trusted storage means changes to the hardware and firmware in disk drives and other storage devices, a standards group is the appropriate place to let everyone sort out the details.”

The spec itself, according to Thibadeau, is scheduled to appear in the spring, and is said to be relatively complete. The Trusted Storage Group lays out three areas where the spec will have broad applicability: the trusted attachment of storage devices to their hosts; more general policy-driven secure control over features of storage devices such as storage locations and storage encryption; and secure, session-oriented messaging of such controls to storage devices.

One example of the value of the spec is when storage devices reach being repurposed at end-of-life. Ideally, any and all data on the device would be protected against the possibility of it ending up in the wrong hands. But that isn’t always the case. There are plenty of scandals around about the exposure of health records, social security numbers and other confidential data. That’s why the Storage Workgroup has focused on access controls.

A major feature, for instance, will be full disk encrypting drives.

“Its main feature is the ability to lock a particular disk drive to a particular platform in a fashion that if someone steals or otherwise moves the drive in an unauthorized way, the drive literally becomes unusable without proper authorization,” says Thibadeau. “It will not read or write data as everything is fully encrypted. This encryption function allows an authorized user to effectively erase and repurpose a drive in a matter of milliseconds, not hours as it is today.”

But putting out a spec is one thing, and seeing the benefits in the real world quite another. So how long before the spec finds its way into actual products? Thibadeau says the advantages will be apparent as soon as drive makers introduce encrypting drives.

“Seagate has announced a family of such drives already,” he says. “Hitachi, Fujitsu and Toshiba have also indicated similar plans.”

That is all the more reason to keep the powder ready because come January things starting moving ahead quickly (Seagate, Vista, DOD, etc.) Of course, Mrs. Pickle thinks we are sufficiently invested. It would be difficult, however, not to buy just a little more
before 2007 if the opportunity presented itself.

Pickle

Thanks, All. It just seems to scream killer app, or at least the first one. EOM

Pickle

Great Article: Sorry if posted!

Seagate: The Hard Drive, Reconsidered
By Scott M. Fulton, III, BetaNews
November 22, 2006, 6:59 PM

http://www.betanews.com/article/Seagate_The_Hard_Drive_Reconsidered/1164238838

Having a NAC for network security

Tim Greene, Network World

21/11/2006 11:21:05

Part 1 of 4 pages
Network access control stands out as one of the most promising security technologies, but it also is one of the most misunderstood. That's in part because vendors want in on the NAC buzz and are clamoring for attention, despite selling products that are only peripheral. This raises problems for companies that want to consider NAC but don't have a solid sense of what it is, what it might do for them and what kind of investment it requires.

Defining NAC

The first step in cutting through the hype is to define NAC. According to Forrester Research, "NAC is a mix of hardware and software technology that dynamically controls client system access to networks based on their compliance with policy."

NAC and you

Before you decide whether network-access control products are right for your enterprise, ask yourself:

* How much risk is posed to my network by endpoints that can become infected prior to connecting to the network?
* Which of the three major NAC schemes (Cisco, TNC or NAP) would most easily integrate into my existing security environment and can I afford to wait for standards and interoperability testing for my chosen scheme?
* How important is NAC compared with other security initiatives I am working on?
* How much network disruption can I afford when implementing NAC?

Ask your vendors

* Where does your product fit into the broad NAC architecture? Does it authenticate, scan endpoints, check policy compliance, enforce policy, create policies or manage policies as the status of individual machines changes?
* What is your road map for how your NAC products will evolve over time?
* Do you support mobile access?
* How much network infrastructure would need to be upgraded or replaced to support your NAC equipment?
* Can you demonstrate an ROI for your products?

Available products that fall into this category include those that make up Cisco's Network Admission Control architecture and Juniper's unified access-control environment. Single devices fitting the bill include products from ConSentry Networks, StillSecure and Vernier Networks. Other NAC vendors, such as Lockdown Networks and Mirage Networks, work in conjunction with partners.

The Trusted Computing Group (TCG), an industry group writing NAC standards to promote multivendor interoperability, also has a NAC scheme. The Trusted Network Connect (TNC) specifies product interfaces that vendors can use to fit their gear into the TNC architecture. The TCG defines NAC as "an open, nonproprietary specification that enables the application and enforcement of security requirements for endpoints connecting to the corporate network."

So, a vendor might build its products to TNC's NAC standards but rely on other products to flesh out an operable NAC deployment.

That's the high level. In practice, NAC is a process for scanning computers and other devices before they get on the network to determine whether they possess a security posture in line with corporate policy. Is their virus-scanning software up-to- date? Is their operating system patched? Do they have a personal firewall in use?

That process requires an engine capable of matching scan results to policies to see whether the device is qualified to gain access. And it entails devices that can enforce the policy engine's decision: to block access, to restrict access to certain resources or to allow access only to an isolated network segment where security functions can be brought up-to-date.


Page 1 of 4




http://www.arnnet.com.au/index.php/id;1673065148;fp;256;fpid;319049444

This is DOD focused but also seeks to remind those that may perceive Wave as Dell centric (TPM education??) that, hey, we work with HP as well.

DOD might also want some legal accountable from Wave given the contract will not be with Wave directly.

Pickle