Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Interop 2007 demos
https://www.trustedcomputinggroup.org/news/events/interop_2007/Interop_2007_Demo_Docs_Final.pdf
Juniper UAC-Microsoft NAP Interoperability
Q1 Labs QRadar TNC Demo
TNC@FHH - An open source based implementation of TNC
IF-IMC and IF-IMV Demo by Fujitsu
Wave Systems Best-In-Class Network Access Control (NAC)
PatchLink Update: TNC-Based NAC System
Microsoft - IPSec based Network Access Protection
TNC: Standardizing NAC
Overview of the TNC Demonstrations at Interop Vegas 2007
Symantec Raises the Bar for Enterprise Security with Symantec Endpoint Protection
http://www.symantec.com/about/news/release/article.jsp?prid=20070613_01
New solution integrates multiple security technologies into a single agent, managed by a single console to strengthen and simplify security for businesses of all sizes
LAS VEGAS – Symantec Vision 2007 –
June 13, 2007 –
Symantec Corp. (Nasdaq: SYMC) today announced a significant step in its Security 2.0 vision with the introduction of Symantec Endpoint Protection 11.0 and Symantec Network Access Control 11.0 (codenamed Project Hamlet). Symantec Endpoint Protection – the most significant update to Symantec’s market-leading enterprise antivirus product in years – combines Symantec AntiVirus with advanced threat prevention in a single agent delivering unmatched defense against malware for laptops, desktops and servers. Symantec Endpoint Protection is available today in public beta at www.symantec.com/endpointsecurity.
In order to protect customers from both today’s threats and tomorrow’s emerging threats, Symantec Endpoint Protection includes proactive technologies that automatically analyze application behaviors and network communications to detect and actively block attacks. Customers are provided integrated antivirus, antispyware, firewall, host- and network-based intrusion prevention solutions (IPS), and application and device control into a single solution that is easy to install and easy to manage.
Symantec Endpoint Protection reduces administrative costs associated with managing multiple endpoint security products by bringing together award-winning technology from Symantec, Sygate, Whole Security and Veritas. This provides operational efficiencies and gives customers a best-of-breed, yet fully integrated solution that works across platforms and is supported by a single vendor. It is also backed by Symantec’s Global Intelligence Network with eight Symantec Security Response Centers, four Symantec Security Operations Centers, 120 million systems and more than 40,000 sensors deployed in 180 countries.
“Symantec Endpoint Protection makes it easier for businesses to adopt a more effective multi-layered security solution and extends the power of antivirus to address today’s evolving threat landscape,” said Tom Kendra, group president, Security and Data Management, Symantec. “It resets the bar for endpoint security, reducing overhead, time and costs so that customers can efficiently manage security and gain confidence that corporate assets and business are protected.”
Symantec Endpoint Protection is the only product that offers the benefit of essential security technologies (antivirus, antispyware, desktop firewall, intrusion prevention and device control) via a single integrated agent and administered from a single management console. Symantec Endpoint Protection features the new simplified management console, Network Access Control (NAC) enablement out of the box, and a range of training and support offerings to speed implementation for partners and customers.
Today, Symantec also introduced a new version of its Symantec Network Access Control product. Symantec Network Access Control 11.0 is an optional module tightly integrated with Symantec Endpoint Protection to help customers discover and evaluate the status of endpoints, provision the appropriate network access and provide remediation capabilities to ensure security policies and standards are met. Both Symantec Endpoint Protection and the new version of Symantec Network Access Control are expected to be available worldwide in September.
Brian Rosario, vice president, support systems manager with BankUnited, the largest bank headquartered in Florida, added, “BankUnited makes it a priority to deploy the most advanced, multi-layered security measures to protect the highly sensitive financial data of our customers. Symantec understands that security is more than antivirus and helps us ensure the security and availability of our business-critical systems and protect the integrity of our customer information. The fact that Symantec Endpoint Protection can be deployed, managed and maintained from a single location across our 81 branch offices is a key benefit for our company.”
Strengthening Endpoint Security
Symantec Endpoint Protection was designed from the ground up to ensure a truly integrated experience for customers, resulting in broader and stronger endpoint protection. The solution is designed to be more resource friendly by reducing the memory footprint by more than 80 percent. The solution blends signature-based antivirus with new proactive threat detection technology to protect from both traditional and emerging threats. It includes the following:
Enhanced antivirus and anti-spyware technology – provides better real-time malware detection, blocking and remediation. It features improved performance, a new client interface and new deep-scanning technology from Veritas to find and remove rootkits which often evade detection.
New proactive threat protection – protects against unknown (or zero-day) threats by utilizing behavioral-based scanning. By checking both good and bad behaviors the algorithms significantly reduce the rate of false positives. Also includes Proactive Threat Scan, a unique technology acquired from Whole Security that detects and blocks malware without signatures to prevent outbreaks before they happen. Device control allows users to restrict access to devices (USB memory keys, back-up drives) in accordance with designated security policies, mitigating the risk of data loss.
New network threat protection – incorporates Generic Exploit Blocking (GEB), utilizing unique vulnerability-based IPS technology. Because this IPS technology is embedded at the network level, malware is blocked before it enters the system. Unlike traditional exploit-based IPS technologies, GEB blocks all new exploits of a vulnerability (including variants) with a single signature to improve detection and speed remediation. Also provides a new rules-based firewall acquired from Sygate. The firewall dynamically adjusts port settings to block threats from spreading, and inspects both encrypted and cleartext network traffic.
Simplifying and Extending
With a widening group of users tapping into corporate resources, the need to secure endpoints and ensure compliance with security policies can no longer be separated. Symantec Endpoint Protection comes NAC-enabled out of the box. By integrating NAC and security into a single endpoint agent, Symantec enables customers to more quickly and easily deploy Symantec Network Access Control, and provides significant operational efficiencies such as single software and policy updates, unified reporting, and unified licensing and maintenance.
“Enterprises want to reduce the cost of protecting their business environments and of complying with regulations and policies,” said Andrew Jaquith, senior analyst, Yankee Group. “By combining compliance, network access and threat protection into a single client, products like Symantec Endpoint Protection reduce complexity and simplify the job IT has to do.”
To help customers and partners maximize the value of their investments, Symantec Global Services is offering a range of consulting, education and support services that guide customers through the migration, deployment, operation and management of Symantec Endpoint Protection. These services include Symantec Endpoint Protection 11.0 and Symantec Network Access Control 11.0 implementation and migration services that are available for a single site deployment for small and mid-size businesses through global multiple site deployments for large enterprise customers. In addition, Antivirus Residency Services to help customers augment their IT staff and refocus existing resources on strategic business priorities, and Antivirus Operational Services to help clients confidently meet their Services Level Agreements through cost-effective outsourcing of antivirus activities.
Symantec Education Services provides hands-on technical training on new migration, administration, and advanced features for Symantec Endpoint Protection and Symantec Network Access Control. To complement these courses and to stay up-to-date through continuous learning, customers can subscribe to Symantec's regularly updated Endpoint Security Tech Center - a self-paced, online training offering that covers key features, common questions, and advanced topics specifically on Symantec Endpoint Protection and Symantec AntiVirus Corporate Edition. In addition, Symantec Enterprise Support Services offer customers three levels of protection designed to meet the needs of the small business to the large enterprise.
Licensing and Availability
Symantec Endpoint Protection 11.0 and Symantec Network Access Control 11.0 are expected to be globally available in September, and can be purchased directly or through Symantec’s worldwide network of value-added authorized resellers, distributors and systems integrators. For more information on these products and to download the public beta of Symantec Endpoint Protection, visit: www.symantec.com/endpointsecurity.
About Security 2.0
Security 2.0 is Symantec’s vision for the future of security. As security evolves to be more of an enabler than inhibitor, solutions must protect consumers and businesses at every connection, giving them confidence that their information and interactions are protected everywhere they go. Security 2.0 is about helping customers both protect themselves and take advantage of new opportunities in this increasingly connected world.
About Symantec
Symantec is a global leader in infrastructure software, enabling businesses and consumers to have confidence in a connected world. The company helps customers protect their infrastructure, information and interactions by delivering software and services that address risks to security, availability, compliance and performance. Headquartered in Cupertino, Calif., Symantec has operations in 40 countries. More information is available at www.symantec.com.
NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.
A Robust Solution for Wireless Security
http://www.wave.com/webinars/index2.html
Duration: 17:26
Windows Media Player
http://www.wave.com/webinars/WirelessSecurity.wmv
A Cost-Effective Approach to Safeguarding
Your Wireless Local Area Network from Unauthorized Users.
With an increasingly mobile workforce, the demand for wireless technology has never been greater. By allowing employees to work where and when they need, wireless networking has extended the edge of the network into common areas and employees' home offices alike. But as the popularity of wireless networks grows, so have the security vulnerabilities. Enterprise networks are only as safe as their weakest link, and a non-secure wireless network can have catastrophic effects on network security. To mitigate the threat of unauthorized users gaining access to the enterprise network, firms must proactively implement strong security measures.
Positive trend for web traffic & visitors to wave.com
http://snapshot.compete.com/wave.com#
http://alexa.com/data/details/traffic_details?url=www.wave.com
Dell OptiPlex 740 business PC
June 13, 2007
http://www.pcadvisor.co.uk/reviews/index.cfm?reviewid=945
http://www.pcadvisor.co.uk/reviews/index.cfm?reviewid=945&pn=2
The Dell OptiPlex 740, is a business desktop PC. The OptiPlex 740 comes in minitower, desktop (horizontal orientation) and ultracompact versions. The inexpensively configured Dell OptiPlex 740 minitower we tested had an inoffensive design, using mostly matte-black plastic but also a few shiny black pieces.
The ultracompact version of the Dell OptiPlex 740 (which we did not look at) takes up about one-third the space of the minitower, and with an adapter, you can mount it on the back of Dell's 17in LCD monitor to save even more space.
Hard drives mount perpendicularly to the side of the minitower Dell OptiPlex 740's case, in plastic sleds with rubber mounts to reduce vibration (although the mounts use less rubber than we used to see in Dell systems). If you pinch the sides of the mounts, the drives slide out easily; we had a slightly harder time getting them back in, however.
Clips on the side of the air scoop route the SATA drive cables neatly. The cables are precisely the right length for their connectors to reach the drive bays. If you were to premount drives in the sleds, you could probably have a new drive installed in the Dell OptiPlex 740 is less than a minute.
Slots cut into the interior of the Dell OptiPlex 740's case let you slide in optical drives without screws. Simply press a button to pop the front bezel off and release a drive. You can install or uninstall an expansion card rapidly, thanks to a fairly good quick-release adaptor; the power supply comes out without tools, too. The case's side panel pops off when you pull a lever (with a hefty integrated lock) on the top of the case. The Dell OptiPlex 740's side panel is much easier to reattach than those of the other two systems. You simply insert the panel's bottom edge into the side of the case and then tip the panel up and slam it shut, instead of sliding it on.
The Dell OptiPlex 740 system we reviewed did not have a chassis-intrusion-detection mechanism installed, but Dell offers it as a no-cost option. You can buy a security sleeve for mounting the desktop or ultracompact versions under a desk or on a wall, but with the tower system, you'll have to rely on a cable lock.
The Dell OptiPlex 740's motherboard has an embedded Trusted Platform Module security chip; you can use this chip along with the included software to encrypt passwords and document folders. The Dell OptiPlex 740's chip works with Vista's Bit Locker security feature, which lets you encrypt your entire hard drive.
The Dell OptiPlex 740 configuration we tested had integrated graphics, and it allowed only a single, VGA-monitor connection, although Dell sells an internal DVI (digital visual interface) adaptor card for around a fiver that you can use to connect dual displays.
But if you are willing to spend a bit more money, however, you might as well opt for discrete graphics: Dell charges around £30-£40 for a 128MB ATI 1300 card. Our test configuration also included Dell's low-end 20in wide-screen monitor, the E207WFP; we didn't subject it to a formal evaluation, but it had no obvious visual flaws. The monitor does not allow height adjustments or swiveling, however.
Adding a discrete graphics card might help the system's overall performance, if only because it wouldn't steal from system memory. Our test system had plenty of RAM, but in our WorldBench 6 Beta 2 tests, the Dell OptiPlex 740's score of 70 only barely beat an identically configured Lenovo 3000 J115.
But while the Dell OptiPlex 740 earned a Superior rating for performance, it was competing only against the J115 and an HP Compaq dc5750, three Vista value systems we've tested recently. Compared with the power Vista systems we've tested, all of these systems are quite slow - the fastest Vista system we've tested to date scored around 130 on our benchmark.
Verdict
The Dell OptiPlex 740 is far from the fastest Vista system you can buy, but its innovative, quiet case design makes it a top choice among business systems, especially if noise reduction is a priority for your office.
Updated and new Wave support articles
(in no particular order)
Document Manager and Office 2007
Article ID: DM-013
Last Reviewed: June 1, 2007
Revision: 1.01
http://www.wave.com/support/CSC/CustomerService/Documents/DM-013.htm
Login to Windows using enrolled Biometrics (Fingerprints) Fails
Article ID: ESC-023
Last Reviewed: May 29, 2007
Revision: 1.00
http://www.wave.com/support/CSC/CustomerService/Documents/ESC-023.htm
I encountered an "Error enrolling fingerprint to database" or other fingerprint enrollment errors
Article ID: ESC-024
Last Reviewed: May 25, 2007
Revision: 1.00
http://www.wave.com/support/CSC/CustomerService/Documents/ESC-024.htm
How do I upgrade/repair/reinstall the Embassy Trust Suite that came shipped with my Dell?
Article ID: PBA-002
Last Reviewed: June 4, 2007
Revision: 2.03
http://www.wave.com/support/CSC/CustomerService/Documents/PBA-002.htm
After installing Embassy Trust Suite on my Vista machine, I can't connect to the network!
Article ID: ESC-021
Last Reviewed: May 15, 2007
Revision: 1.00
http://www.wave.com/support/CSC/CustomerService/Documents/ESC-021.htm
Where is my activation code, and what happens if it isn't accepted?
Article ID: ESC-025
Last Reviewed: May 8, 2007
Revision: 1.00
http://www.wave.com/support/CSC/CustomerService/Documents/ESC-025.htm
Errors enrolling fingerprints - Possible reasons and resolutions
Article ID: ESC-020
Last Reviewed: April 11, 2007
Revision: 1.00
http://www.wave.com/support/CSC/CustomerService/Documents/ESC-020.htm
Running Login Scripts with the Wave GINA
Article ID: ESC-019
Last Reviewed: May 31, 2007
Revision: 1.00
http://www.wave.com/support/CSC/CustomerService/Documents/ESC-019.htm
Unable to use biometric authentication with a Remote Computer
Article ID: ESC-015
Last Reviewed: February 02, 2007
Revision: 1.00
http://www.wave.com/support/CSC/CustomerService/Documents/ESC-015.htm
Deploying EMBASSY® Trust Suite in a cloned system
Article ID: ESC-016
Last Reviewed: February 1, 2007
Revision: 1.10
http://www.wave.com/support/CSC/CustomerService/Documents/ESC-016.htm
EMBASSY® Trust Suite and Vista Compatibility
Article ID: ESC-017
Last Reviewed: March 30, 2007
Revision: 1.03
http://www.wave.com/support/CSC/CustomerService/Documents/ESC-017.htm
Document Manager Vault Commands
Article ID: DM-003
Last Reviewed: February 02, 2007
Revision: 1.1
http://www.wave.com/support/CSC/CustomerService/Documents/DM-003.htm
McAfee VirusScan Enterprise v8.0
Article ID: DM-009
Last Reviewed: February 02, 2007
Revision: 1.04
http://www.wave.com/support/CSC/CustomerService/Documents/DM-009.htm
Trusted Network Connect timeline
revised May, 2007
https://www.trustedcomputinggroup.org/groups/network/TNC_timeline_rev_may_2007.pdf
New SiS Chipset Details Revealed
Anh Huynh - June 8, 2007 2:49 AM
http://www.dailytech.com/article.aspx?newsid=7602
SiS prepares new single and dual-chip chipsets for Intel's "Penryn"
SiS plans to unleash a new family of single-chip and dual-chip chipsets for Intel Penryn dual and quad-core processors next year. The single-chip family consists of the SiS 680-series, in five different variants. SiS plans to cater the 680-series towards performance, mainstream and entry-level market segments.
The top dog of the SiS 680-series is the 680SCD with support for 1333 MHz front-side bus Penryn processors. The SiS 680SCD features a DDR2 memory controller with support for DDR2-800 and 1066 MHz memory. The single-chip solution is designed with single-graphics in mind with support for a single PCIe x16 slot. Other notable features of the 680SCD include support for four PCIe x1 slots, ten USB 2.0, four SATA 3.0 Gbps ports and Gigabit Ethernet.
On the mainstream side of things are the SiS 680SCE and 680SCH. The two chipsets are identical with the exception of front-side bus support. The SiS 680SCE supports 1333 MHz front-side bus while the 680SCH is limited to 1066 MHz, officially. The SiS 680SCE and 680SCH add a new Mirage 4 graphics core with HDMI output capabilities.
The SiS Mirage 4 graphics core is fully HDCP compliant for Blu-ray and HD DVD video playback. The SiS Mirage 4 graphics core is DirectX 10 compliant with hardware H.264 and VC-1 acceleration. Aside from the integrated graphics core, the SiS 680SCE and 680SCH are identical to the 680SCD.
At the bottom of the SiS single-chip Intel chipset lineup are the 680SCP and 680SCL. Once again, the SiS 680SCP and 680SCL are identical with the exception of front-side bus and memory support. The SiS 680SCP supports 1333 MHz front-side bus processors while the 680SCL is limited to 1066 MHz. The SiS 680SCL only supports DDR2-800 memory as well. The SiS 680SCP and 680SCL do not support HDMI and HDCP, however, the chipset feature an integrated TMDS transmitter for DVI output.
All SiS 680-series chipsets can use the same pin-outs and are drop-in compatible.
SiS plans to support DDR3 memory with its dual-chip designs. The upcoming 665, 673FX and 673 add DDR3-1333 memory support to an identical feature list as the single-chip parts. However, the upcoming SiS 665, 673FX and 673 will have a new 969 south bridge to pair up with.
The new SiS 969 features ten USB 2.0, one PATA133 channel, four SATA 3.0Gbps with RAID 0, 1, 5, JBOD and 0+1, one PCIe x16, four PCIe x1 and high definition audio support. The SiS 969 will also accept a trusted platform 1.2 module as well.
Expect SiS to begin sampling the new single-chip chipsets in Q4’2007 and the dual-chip versions in the first half of 2008.
Analyst: BitLocker Not a Silver Bullet
DATE: 06-JUN-2007
By Lisa Vaas
http://www.channelinsider.com/article/Analyst+BitLocker+Not+a+Silver+Bullet/209097_1.aspx
News Analysis: Windows Vista's full-disk encryption solution is attracting much customer attention, but deployment isn't foolproof, advises a Gartner analyst.
WASHINGTON—When the phone rings in the office of Gartner analyst Neil MacDonald, chances are good that if it's a client calling with a question about Windows Vista security, it will be about BitLocker.
BitLocker is an implementation of full-disk encryption designed to protect system files and data, and it's easy to see why businesses are clamoring for encryption, given the stream of organizations that have had the dubious pleasure of appearing in headlines such as "Lost Laptop" and "Confidential Data Missing" over the past few years. Notable examples include the theft of a Veterans Affairs laptop in May 2006 and the Transportation Security Administration's loss of a hard drive carrying 100,000 employee records in May 2007.
On the plus side, BitLocker delivers on a handful of points when it comes to encryption, MacDonald said in a presentation called "Planning and Deploying the Security Features of Windows Vista" at the Gartner IT Security Summit here June 4.
First, for users who subscribe to Microsoft's Software Assurance program, it's free. It also features tight integration with Microsoft's GPOs (Group Policy Objects), a collection of settings that define what a system will look like and how it will behave for a defined group of users, and with its Active Directory, MacDonald said.
Another positive is that BitLocker has a TPM-based (Trusted Platform Module-based) feature called a "Static Root of Trust" to prevent tampering. The TPM, itself an implementation of a Root of Trust, is a hardware/software chip or function built into a laptop or desktop. All commercial-grade machines shipping now include this chip, often built into the chip set on the motherboard.
The advantage of the TPM is that it gives a hardware alternative to rooting trust in software that can be hacked by other software. It is, after all, difficult to root trust in software that has to validate itself, whereas hardware can be made robust against attacks. A TPM, which is certified to be tamper-resistant, can "ensure that keys and secrets are only available for use when the environment is appropriate," according to Microsoft, based in Redmond, Wash.
BitLocker's encryption also has an optional diffuser algorithm that can make the encrypted data more resilient to attacks. (Wikipedia defines the cryptographic term diffusion as being associated with "dependency of bits of the output on bits of the input. In a cipher with good diffusion, flipping an input bit should change each output bit with a probability of one half.")
The BitLocker encryption technology also entails little overhead and little user involvement, MacDonald said.
For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internet's Security IT Hub.
However, there are also things to watch out for about BitLocker. License restrictions forbid the use of BitLocker where operating system virtualization is installed; it supports only single volumes; and it requires a healthy bite of partition at 1.5GB, MacDonald said. BitLocker also lacks support for both USB drives and CryptoAPI (a set of dynamically linked libraries that isolates programmers from data encryption code).
One of the more important negatives to note is the fact that BitLocker can only be acquired by subscribing to Software Assurance or by buying the Ultimate version of Vista, MacDonald said, given Gartner's estimate that two-thirds of Windows users don't subscribe to SA. "To date it hasn't really paid off," MacDonald said. Indeed, Microsoft faced objections from SA customers about the program's perceived lack of value, given that many of the service plans were set to expire in 2004.
Vista's lack of support for multiple drives is another big negative, MacDonald said. "If you're like Gartner or many companies, you carve your system into multiple drives," MacDonald said, and not being able to do that is "a big limitation."
Microsoft is aware of the limitation and offers code to address it: The manage-bde.wsf tool, a command-line tool in Vista Enterprise and Ultimate, can be used to configure BitLocker. Microsoft notes, however, that using manage-bde to configure a data volume is not supported. Instead, Microsoft recommends using EFS (Encrypting File System) to encrypt data volumes. For more on BitLocker's encryption of more than the operating system volume, check out Microsoft's FAQ.
BitLocker's lack of support for USB drives is an issue for organizations concerned about code being transported off the premises on thumb drives. "If you want to expand your encryption policy [to encrypt USB devices], BitLocker won't do it," MacDonald said.
Regarding how to best deploy BitLocker, Gartner's advice is to start out with TPM-based protection of the decryption key, given that its protection is "very strong," MacDonald said.
Alternatively, you can have users store insert a USB stick to unlock their hard drives, with a code stored on the USB. But if organizations rely solely on users having their passwords stored on memory sticks, MacDonald asked, where will people keep those sticks? The likely answer is that users will keep the USB sticks, if not in the computers themselves, then in their bags or purses nearby, making theft a possible scenario.
Given that possibility, "the TPM key is the best way to implement" BitLocker, he said.
MacDonald also advised that when deploying BitLocker, enterprises should clarify how OEMs implement anti-hammering on TPM access attempts. Anti-hammering technology typically involves geometrically increasing the time between PIN guesses so that the amount of time required for a brute-force attack becomes unreasonable.
Some points to remember when deploying BitLocker
Use 128-bit encryption in conjunction with the diffuser algorithm; where required by regulation or policy, use 256-bit encryption with the diffuser algorithm.
Use GPOs to ensure that BitLocker is deployed according to policy.
Supplement BitLocker with EFS (a file system with encryption, available in Windows 2000 and later operating systems). This technology allows for transparent file storage on NTFS (NT File System, the standard file system of Windows NT and later operating systems) systems to protect confidential data from attackers with physical access to the computer, when data is located on separate partitions or when multiple users share the same machine.
If not subscribing to SA, consider third-party [encryption] alternatives.
BitLocker Lessons
Mark Minasi / June 6, 2007
http://www.windowsitpro.com/mobile/pda/Article.cfm?ArticleID=96242&DepartmentID=723
Windows Vista takes some getting used to. Perhaps the feature that requires the most getting used to is BitLocker Drive Encryption, which encrypts all of the C drive and tucks away the decryption key in a Trusted Platform Module (TPM) version 1.2 chip, which you'll find only on relatively new hardware.
BitLocker offers you the comfort of knowing that if you leave your laptop on a plane or in a cab, no one can get to your data. However, BitLocker exacts a price. This feature requires the still-unusual TPM chip and $100 more for the "Ultimate" version of Vista compared with the Business version. To find out if these costs are worth it for frequent travelers like me, I've been testing out BitLocker. It's been entertaining.
BitLocker loses track of your hard disk's decryption key, which can be a somewhat frightening experience: You turn on your laptop to learn that BitLocker has failed in some way, and you're prompted to attempt recovery. "Recovery" means to punch a 48-digit code into your system so that it can continue booting. If you were lazy and didn't print this 48-digit code when you first encrypted your disk with BitLocker, just open up an elevated command prompt and type cscript c:\windows\system32\manage-bde.wsf -protectors -get c: and press Enter. Print out the 48-digit code and put it somewhere in your luggage that isn't your laptop bag. Do it. Trust me.
I found that BitLocker was unable to start the boot process on my laptop about one out of every three times--requiring me to punch in the 48-digit recovery code. Then I realized that I was doing something wrong. For the TPM chip to cough up the decryption key, it must first verify that certain things on the laptop haven't changed. Doing so proves that the hard disk hasn't been transplanted to some other computer. BitLocker checks the boot code, BIOS, Master Boot Record of the boot disk, and a number of other things. If any of those have changed by as little as a byte, the TPM chip won't release the BitLocker code, therefore protecting your data.
So what had I done wrong? Simple: I had my laptop's boot disk order set to first boot from the CD-ROM drive, then the hard disk. If I have a disc in the CD-ROM drive, the Master Boot Record of that disk would be analyzed and found to not match the one that the TPM chip expected. The solution? Reconfigure my laptop to first boot from the hard disk.
I learned my second lesson when I called HP to ask when the company would release the Vista driver I need to use all of my RAM. (I'm running 64-bit Vista on 64-bit hardware with 4GB of RAM, but Vista only sees 2.9GB. One simple driver would make my purchase of an HP nx6325 a good move instead of the foolishness that it seems now.) The HP tech support person--"Ray"--whom I spent an hour on the phone with did his best to deny that the laptop takes more than 2GB, until I showed him three pages on the HP Web site that proved otherwise. He asked again what my exact problem was. I explained that I was running 64-bit Vista Ultimate with a BitLocker-encrypted drive and simply wanted to use the $1,100 worth of RAM I'd purchased. He consulted his experts. Their suggestion? Flash my BIOS. Now, I already had the latest BIOS, but imagine if I'd actually followed Ray's advice. The BIOS would've changed, and I wouldn't have been able to get to my data. The lesson? Simple: Don't assume that people supporting business-class computer hardware have any kind of clue how their suggestions affect your BitLocker-encrypted system. (Or perhaps it's "Don't buy an nx6325." Sigh.)
LG’s Ultra Sleek New XNote C1 Tablet PC unveiled in India
Tuesday, May 22nd, 2007
http://www.techshout.com/laptops/2007/22/lgs-ultra-sleek-new-xnote-c1-tablet-pc-unveiled-in-india/
LG Electronics has announced the availability of the uber-sleek and stylish XNote C1-Tablet PC. LG’s latest launch is touted to be a perfect amalgamation of design, performance, entertainment and security.
The new LG tablet PC is empowered with powerful graphics (NVIDIA GeForce Go7300) and high-definition sound quality (SRS WOW HD, 24bit), the LG Express Dual-core processor-based notebook is gracefully designed giving users the pleasure of handling a well-made elegant and technologically-rich laptop.
This LG Notebook model features a 10.6 wide screen finger touch LCD panel with finger touch input. It is 27mm thin and weighs 1.31kg. It has a standard keyboard, which provides ultimate typing comfort.
Speaking about the new product, R Manikandan, Product Group Head IT Division, LG Electronics, said, “We at LG believe that with these new LG Express Dual Notebooks, customers will have a unique experience of great combination of design, performance, entertainment, and security. These ultra light weight tablet notebooks will help redefine the style quotient of consumers.”
Furthermore, the notebook is equipped with enhanced security features like TPM (Trusted Platform Module) and HDD security.
The LG XNote C1-Tablet PC will make your wallet lighter by Rs 99,990.
Considering BitLocker for remote server encryption
http://searchwinit.techtarget.com/originalContent/0,289142,sid1_gci1255989,00.html
Windows Server 2008 (Longhorn)
By Margie Semilof, News Director
22 May 2007 | SearchWinIT.com
LOS ANGELES – BitLocker drive encryption on Windows Server 2008 is a promising means of protecting data in branch offices or anyplace that does not have a lot of physical security.
But before Windows Server 2008 becomes available early next year, there are a number of steps IT managers should take to determine whether this technology will be truly useful for security in lightly protected locations.
BitLocker drive encryption in Windows Server 2008 is an optional technology where additional bits must be installed to make it work. BitLocker requires the Trusted Platform Module (TPM) 1.2 chip on the motherboard or a BIOS that supports reading a USB device. Two NT file system partitions are also needed on the hard drive, according to Tony Ureche, a program manager for Microsoft, speaking at the Windows Hardware Conference here last week.
For IT managers, there are various aspects to the planning process, Ureche said. First, an IT shop must conduct an informal audit to see what kinds of hardware they have. "Is this the time to purchase new hardware," he said. "Will you do it soon?"
Also, it's important to take an inventory to determine what types of security policies are in place and what you have for existing security tools. IT managers must also ask themselves what type of authentication they want. Some departments need just baseline security, while other departments may need more levels of encryption, Ureche said.
Data security strategy: Do you want users to create keys?
There is also the need to determine a key management and recovery procedure. Do you want users to create keys? As far as a recovery strategy is concerned, IT shops must map out a plan for when something goes wrong, he said.
Although BitLocker is available only on Windows Vista Ultimate and Enterprise editions, it is available on every version of Windows Server 2008, Ureche said. All of the specific SKUs for Windows Server 2008 have not yet been disclosed by Microsoft.
There are three new BitLocker features for Windows Server 2008 that do not exist in Windows Vista, he said. There is support for Data Volumes, which are any partition that does not contain the current operating system. Data Volumes require BitLocker to be enabled on the operating system volume.
There is also support for authentication of TPM, USB and PIN, which is three-factor authentication, and USB Floppy Interface for 64-bit machines only are supported.
BitLocker is a good idea for protecting physical data in data centers at unsecured sites -- at least in theory. Whether it works as advertised remains to be seen, said John Enck, an analyst at Gartner Inc. in Stamford, Conn.
On client machines, BitLocker drive encryption is helpful particularly in the case of protecting laptops, Enck said. It's also useful on servers in transit, where IT managers can encrypt the data on the server before it is sent and then send the key out of band for a far-flung retail location or any lightly protected area. Enck said he has yet to perform a real world BitLocker evaluation on the server.
cm: re: Comply and Connect
Comply and Connect: The Next Step in Securing the Air Force NIPRnet
http://www.airforcesymposium.com/LinkClick.aspx?link=Docs%2fPresos%2fBreakouts%2fMorello-Fetty_Airfo...
From your find, it shows a NAP strategy and timelines
Sheldon, thanks for your reply.
Are these the answers to my questions:
1. Yes
2. Yes
3. No
Thanks again
GSA and DoD questions:
Does Wave's solution comply with the Federal Information Processing Standard 140-2?
Is Wave's solution compitable with the PKI components of DOD’s Common Access Card and the Personal Identity Verification card required by Homeland Security Presidential Directive 12?
Is Wave's software capable of automatically encrypting data that is transferred to removable storage media without user intervention or circumvention?
Encryption is the last defense for data in a digital world
April 12, 2007
http://www.securecomputing.net.au/feature/3422,encryption-is-the-last-defense-for-data-in-a-digital-...
Open Source players show a knack for NAC
Mar 29, 2007
Page 1
http://www.networkworld.com/news/2007/032907-open-source-swarms.html?t51hb
"...NAC has proven so popular that Infonetics projects commercial vendors will reap $3.9 billion in NAC sales by 2008, but open source alternatives probably won't share in the payday, says Rob Whiteley, an analyst with Forrester Research."
Page 2
http://www.networkworld.com/news/2007/032907-open-source-swarms.html?page=2
Page 3
http://www.networkworld.com/news/2007/032907-open-source-swarms.html?page=3
Carnegie Mellon mentioned
Page 4
http://www.networkworld.com/news/2007/032907-open-source-swarms.html?page=4
Page 5
http://www.networkworld.com/news/2007/032907-open-source-swarms.html?page=5
"It will take a champion of some kindo for this to make the leap to enterprises," Whiteley says.
Interesting to re-read this after today's news with Digital Persona.
Hopefully, the link works for everyone.
The document is titled:
The Case for Biometric Authentication
by Wave Systems
Published on Dec 01, 2006
http://productfinder.gcn.com/shared/write/collateral/WTP/51853_00627_13776_BiometricsWP5.pdf?ksi=145...
Here are a few of my favorite paragraphs.
"...The cost of reliable silicon sensors has dropped substantially and they are now available on a significant number of business-class laptops and PCs. The number of Dell PCs equipped with fingerprint sensors slated for shipment in 2007 alone is projected to be in the millions. Robust, low-cost software is also now commercially available. This off-the-shelf software is capable of matching fingerprints with unparalleled accuracy.
This whitepaper focuses on the emergence of fingerprint biometrics as an economical and feasible form of strong authentication for businesses - large and small alike."
"...With respect to administration, fingerprint authentication systems have made huge headway in recent years and are easy to deploy and maintain. Passwords and their hassles may even be eliminated entirely when the biometric validation is done at a central server. A server-based biometric implementation benefits network administrators by allowing them to enroll a user's fingerprints at a remote station. When fingerprint enrollment is done at a central location and the fingerprints are automatically distributed to the user's account across the network, the system administrator can verify the user's identity when he or she enrolls his or her fingerprint. In this scenario, users are also free to "roam" or, in other words, to log into different computers, all with a single fingerprint enrollment. To alleviate the fears that users may get "locked out" of their computers, administrators are able to specify a backup method of authentication in case of sensor failure, which is uncommon..."
"...Forrester Research has identified biometric authentication as one of the top ten identity management trends to watch in 2006 and predicts that it will go mainstream - extending beyond the market of early adopters. This prediction is coming true as sales of laptops with embedded biometric sensors have exceeded the expectations of major PC manufacturers.
Biometric sensors' lower cost and inclusion in PCs has caused fingerprint authentication to suddently become affordable and convenient. Many corporate users enjoy the convenience and novelty of using their fingerprint and trends indicate that biometric authentication will gain widespread adoption in the near future as a form of strong authentication in the corporate environment."
Digital Persona
It appears that the digitalpersona server product "U.are.U" is just authentication. There is no backup and recovery of the keys.
http://accessories.us.dell.com/sna/productdetail.aspx?c=us&l=en&s=biz&cs=555&sku=A01....
U.are.U® Pro from digitalPersona® is a fingerprint authentication system for enterprises that want to eliminate the burdens and security problems of password based authentication. It uses advanced fingerprint recognition technology to heighten security and replace passwords. U.are.U® Pro Fingerprint Authentication System for Active Directory is specifically designed to take full advantage of the enterprise-class directory services and management capabilities of Microsoft® Windows® 2000 Active Directory. This package includes a Server Software CD, an Administrator Guide and 25-User Authentication Licenses.
Manufacturer Part# : 63001-001
Dell Part# : A0198351
Highlights
Specifically designed to take full advantage of the enterprise-class directory services and management capabilities of Microsoft® Windows® 2000 Active Directory
Includes a Server Software CD, an Administrator Guide and 25-User Authentication Licenses
Tech Specs
Software Type Product Family
Security Application
U.are.U® Pro Fingerprint Authentication System for Active Directory
Product Line Series Model System Type
U.are.U® Pro Fingerprint Authentication System for Active Directory - Server Package - 25-User Authentication Licenses Server
Required Memory Required Operating System
10 MB with an additional 1 KB to 5 KB Active Directory database storage per registered user Windows® 2000/2003 Server
Required Disk Space Required Processor Class
10 MB (1 KB - 5 KB for Active Directory Per User) Pentium®
==============================================================
According to the announcement today, Wave provides backup, recovery, and migration of the keys for Digital Persona. I believe this development will help drive sales for both products.
For instance, if a company has already implemented Digital Persona and they are considering deploying TPMs, they may go ahead and purchase Wave's server products.
AND vice versa
If a company already has Wave enabled TPMs and they are considering fingerprint authentication for their enterprise, it may drive them to picking Digital Persona as their biometric choice
http://biz.yahoo.com/bw/070328/20070328005277.html?.v=1
"This support will allow enterprises using Wave's ETS Enterprise products to use the DigitalPersona Pro Server to centrally manage fingerprint authentication policies and credentials via Active Directory. The synergy of DigitalPersona products with Wave Systems' TPM remote management, key recovery, escrow and migration products for Active Directory provide important security back-office components for the enterprise customer," commented Brian Berger, executive vice president of marketing and sales for Wave Systems.
Peter McCoy, vice president of business development for DigitalPersona added, "Enterprises are beginning to take a holistic approach to security, combining the authentication of both the machine and the user. DigitalPersona is excited to work with Wave Systems to provide the power and flexibility of our DigitalPersona Pro fingerprint authentication server component. We believe this combined offering provides a valuable asset to enterprise IT."
head IT guy at TCF Bank...
what did he say?
Trustworthy Content Push
============================================================
Protection of DVB Systems by Trusted Computing
Nicolai Kuntze
Andreas U. Schmidt
Fraunhofer Institute for Secure Information Technology SIT
64295 Darmstadt, Germany
andreas.schmidt@sit.fraunhofer.de
nicolai.kuntze@sit.fraunhofer.de
February 2007
http://arxiv.org/pdf/cs.CR/0702086
============================================================
Trustworthy Content Push
Nicolai Kuntze, Andreas U. Schmidt
11 Dec 2006
http://arxiv.org/pdf/cs.CR/0612061
Cross-Domain Information Sharing in a Tactical Environment
March 2007 Issue
Mel Crocker, General Dynamics Canada
http://www.stsc.hill.af.mil/crosstalk/2007/03/0703Crocker.html
re: Alcatel, Microsoft and AT&T
I spoke with a friend of mine who is planning to start consulting for this joint venture on Monday. He stated this was a 10 year project. He also said that they are planning to roll out 10 cities with IPTV. These cities would be totally run on Microsoft software (which I find unusual for a "telecom" deployment).
at least for these cities, Microsoft is flipping the bill to ensure their software is used. But who knows what will happen in other cities - if they use Alcatel's software.
Wave.com traffic
Traffic Rankings and reach per million user stats are improving:
http://www.alexa.com/data/details/traffic_details?url=www.wave.com
Wave.com
I don't think I've seen these on the site before:
Dell Security Setup Guide
http://www.wave.com/support/CSC/DellSecuritySetupGuide/welcome.html
User's Guide:
http://www.wave.com/support/csc/ets-support/
Wave.com updated
From the main page select "EMBASSY® Security for Dell Platforms" under "OEM Spotlight"
http://www.wave.com/products/new_services_dell.html
Not much changed, but at least Dell SKU #'s are listed and there are links directly to the Envoy site for purchase...
Wave Small Business Embassy Authentication Server – Quick Start
Dell SKU: A0503661
Package for 50 users
(ENV-WAVESBEASQUICK)
$5360.00
Wave Small Business Embassy Key Management -Quick Start Package for 50 Users
Dell SKU: A0625066
(ENV-WAVESBEKMQUICK)
$3830.00
Wave ETS Enterprise Security – Dell Edition 2.1
Dell SKU: A0618255
(ENV-WAVEDELLTRUST2.1)
$49.00
OT: Upcoming Juniper events
with Steve Hanna
===============================================================
http://www.juniper.net/company/events/speakers.html
http://www.juniper.net/company/events/world_events.html
Speaker: Steve Hannah
Date/Time: September 6, 10:30 a.m - 12:20 p.m.
Session: Identity and access management: What are the critical decisions and key points to explore in choosing an identity and access management strategy?
Web site: http://www.thesecuritystandard.net/press.html
===============================================================
September 26-28, 2006
Attend Intel Developer Forum for global access to technology, ideas, and people who will transform the future of technology and how the world uses it.
Speaker: Steve Hanna
Session: Co-presentation with Intel on TNC & Juniper's Use of TNC in their products
Date/Time: TBD
Web site: http://www.intel.com/idf/
===============================================================
http://www.interop.com/newyork/education/security_conference.php#1158638400
http://www.interop.com/newyork/education/network-access-control.php
Interop Conference: Network Access Control (NAC)
New approaches allow you to control access to your vital IT infrastructure based on a wide variety of policy information including the identity of the device, the identity of the user and the current state of the device (virus protections running, signatures up to date, etc). Learn how you can use NAC to protect your network.
ETS v5.2
Looks like 5.2 is now available. Not sure if anything else has changed other than Japanese language, which was recently mentioned by SS.
http://www.wave.com/products/ets.html
This version of the Embassy Trust Suite is for English versions of the Windows Operating System. In the near future, ETS will be released to support the following languages: English, French, Italian, German, Spanish, Japanese, Simplified Chinese, Traditional Chinese, Korean, Brazilian Portuguese and Russian.
http://www.sda-asia.com/sda/news/psecom,id,8771,nodeid,4,_language,Singapore.html
Juniper Access Control to Support TNC Open Standard
Juniper Networks Inc. has announced that its Unified Access Control (UAC) solution will support the Trusted Network Connect (TNC) open standards, a set of non-proprietary specifications that enables the application and enforcement of security...
Juniper Networks Inc. has announced that its Unified Access Control (UAC) solution will support the Trusted Network Connect (TNC) open standards, a set of non-proprietary specifications that enables the application and enforcement of security requirements for endpoints connecting to a network.
Juniper Unified Access Control solution, which included the Infranet Controller appliances and is based on the Enterprise Infranet framework, uses a combination of identity-based policy and endpoint intelligence to give enterprises real-time visibility and policy control throughout the network.
TNC is a subgroup of the Trusted Computing Group (TCG), an industry standards body formed to develop, define, and promote open standards for trusted computing and security technologies.
"The support of Juniper Networks and its contributions have been critical in developing the TNC specifications, enabling access control interoperability with robust visibility, policy control and security across the network," said Paul Sangster, co-chair of the Trusted Network Connect subgroup said.
Simon Newstead, Asia Pacific regional director for emerging technologies, Juniper Networks said, "Right now, many corporations in Asia Pacific are evaluating approaches to provide network access control and endpoint remediation. The standards-based approach we’ve taken with our Unified Access Control solution lowers deployment risk while also providing a flexible solution that leverages existing infrastructure, without requiring entire network overhauls.
TCG demonstrates interoperability among vendors
Security was a big theme at Interop
By Tim Greene, Framingham | Monday, 15 May, 2006
Securely controlling what devices and users gain access to corporate networks was a dominant theme at Interop, with the Trusted Computing Group demonstrating interoperability among multiple vendors’ gear, and individual vendors announcing mutual compliance with the TCG standard.
Elsewhere at the show, the Interop Labs demonstrated implementations of similar security schemes from Cisco and Microsoft.
The demonstrations all fell under the generic name network access control (NAC), which is verifying that computers and other devices meet network security policies before being admitted to corporate networks. This is done by scanning the machines for key configurations, such as updated operating systems, updated and operating virus scanning, and personal firewalls.
NAC then compares the scan to network policies, and enforces them. So if, for example, the policy says, “when the machine flunks, scan access must be denied”, an enforcement device blocks admission. This can be done by a switch that supports 802.1x authentication or by a VPN device.
TCG’s architecture, supported by 60 of its vendor members, is called Trusted Network Connect (TNC). At the show, Extreme, Juniper, IBM, Symantec, Meetinghouse, Nevis, Nortel, Enterasys, Wave Systems and other vendors joined together to demonstrate TNC at various demonstrations on the show floor.
Beyond TNC, the best-known efforts were from Cisco (called network admission control or NAC) and Microsoft (network access protection or NAP). Other vendors are developing their own architectures, with their own products and those of selected partners.
TCG’s booth hosted several demonstrations of TNC. One consisted of Juniper’s use of its Odyssey Access Client on remote machines, in conjunction with Symantec’s Host Integrity software scanning a PC for security compliance, before being allowed network access. The scanning data was passed on to a Juniper Infranet Controller which determined whether the scan results met policy criteria. That decision triggered whether the PC was granted access to an active corporate virtual LAN, controlled by an HP switch.
Similarly, Lockdown Networks demonstrated its Lockdown Enforcer appliance, in conjunction with Microsoft’s NAP architecture. The appliance authenticates machines, evaluates their security posture and enforces whether or not the device gains network access. Microsoft’s NAP, which is not generally available yet, includes software to communicate end-point status to policy decision points, such as Enforcer and Microsoft’s own Network Policy server, which is also not generally available.
During Interop, TCG announced it has completed three new standards necessary to its TNC architecture. The first is a client-server interface between the software, which gathers information from the machine accessing the network and the server that verifies policies. The second is the same interface carried over extensible authentication protocol (EAP). The third specifies how RADIUS servers and enforcement points, such as 802.1x switches, communicate.
None of these three architectures are complete yet, leaving business users up in the air about which if any to choose, says Steve Hultquist, who headed up the Interop Labs’ NAC initiative. “I’d say it’s an emerging technology, a technology in sort of revolution. What we’re going to see is more standards-based technologies available in the near term, the next 12 to 18 months,” Hultquist says.
“Users really aren’t quite sure what to think of it yet, in my experience,” he says.
“A lot of them haven’t even looked at 802.11x yet, which, in my opinion, is the precursor to NAC. If you haven’t done 802.1x that is the thing you should look at implementing right now. That’s your first step into network access control.”
Federal Plan for Cyber Security and Information Assurance
Research and Development
April 2006
http://www.nitrd.gov/pubs/csia/FederalPlan_CSIA_RnD.pdf
Many sections are interesting..
In particular - sections5.1, 5.2 and 7.1
NIST FIPs 140-1 and FIPS 140-2 certifications
Many new hardware components certified:
http://www.csrc.nist.gov/cryptval/140-1/1401val2006.htm
In particular I found this...
IBM eServer Cryptographic Coprocessor Security Module
Model 4764-001
Security Policy
http://csrc.nist.gov/cryptval/140-1/140sp/140sp661.pdf
The 4764 Coprocessor is an updated version of the 4758. The above document details the differences between them.
If you recall, Wave lists the IBM 4758 PCI Cryptographic Coprocessor as an optional to the Embassy Key Management Server:
http://www.wave.com/products/ekms.html
4764 was recently certified as FIPS level 4:
http://csrc.nist.gov/cryptval/140-1/140crt/140crt661.pdf
I wonder if we'll see Wave update their site, since IBM is retiring the 4758 and 4764 will soon become available.
Also, here is the FIPs 140-1 and FIPS 140-2 Vendor list. It was updated May 8, 2006.
http://www.csrc.nist.gov/cryptval/
Double Take: Benchmark Benefits, Foibles
Sunday, April 23, 2006
3:19PM
http://www.edn.com/blog/400000040/post/1340003134.html
Brian's Brain
EDN Senior Technical Editor Brian Dipert exposes, analyzes and opines on diverse topics in technology.
This blog post references my upcoming article 'Double take: Reassessing x86 CPUs in embedded-system applications' in EDN's April 27, 2006 edition.
All four variants of SiSoftware’s Sandra 2005 suite contain 29 benchmark modules: 10 local, nine PDA/Smartphone, and 10 remote. The free Light variant includes 52 total local modules, 10 total PDA/Smartphone modules, and 11 total remote modules, and the Professional, Engineer, and Enterprise versions of the utility bump those numbers up to 75 (including Itanium-processor support), 20, and 75, respectively. They also include varying degrees of remote control, network and database support, and commercial-use rights; see the feature matrix on the manufacturer’s Web site for more information.
BAPCo’s SYSmark 2004 SE (Second Edition) software suite mimics a computer power user’s workflow. As the Web site states, it is “an application-based benchmark that reflects usage patterns of business users in the areas of Internet-content creation and office productivity.” Internet-content-creation benchmark applications include Adobe’s After Effects, Photoshop, and Premiere; Discreet’s (now Autodesk’s) 3ds max; Macro-media’s (now Adobe’s) Dreamweaver and Flash; Microsoft’s Windows Media Encoder, Network Associates’ (now McAfee's) VirusScan; and WinZip Computing’s (now WinZip International’s) WinZip. Office-productivity benchmark applications include Adobe’s Acrobat, Microsoft’s Office 2002 suite and Internet Explorer 6, ScanSoft’s (now Nuance Communications’) Dragon Naturally Speaking, McAfee VirusScan, and WinZip.
SYSmark 2004 SE provides useful information, but it’s often a challenge to install and operate. You need to make sure that the system doesn’t already have any of the benchmark-suite programs installed, or any software that might conflict with them. In my case, the Latitude D820 came from Dell with Symantec’s Norton SystemWorks preinstalled. Instead of uninstalling SystemWorks first, I plunged ahead and put SYSmark 2004 SE (forgetting about its included McAfee VirusScan) on the machine. The two antivirus programs didn’t happily coexist, leaving the system in a locked state, and I couldn’t uninstall either of them in Windows’ Safe Mode. Fortunately, System Restore saved the day.
I also learned the hard way that several other preinstalled system utilities, specifically the Intel Wireless Configuration program and the TPM (trusted-platform-module)-cognizant EMBASSY Trust Suite from Wave Systems, also conflict with SYSmark 2004 SE. Those hiccups appended to a delay in Dell’s shipping me the system, a faulty installation disc from BAPCo, and a multi-day travel interruption, with the result that it was nearly two weeks after the originally-targeted date when I finally started obtaining SYSmark 2004 SE data. Fortunately, everything eventually ran smoothly, and I quickly got the results I needed.
My blog post 'Double Take: Bountiful Benchmark Statistics' provides per-system benchmark results for you to view and download on the following Sandra 2004 and 2005 tests:
Combined Performance Index Wizard
CPU Arithmetic Benchmark
CPU Multimedia Benchmark
File System Benchmark
Memory Bandwidth Benchmark, and
Cache and Memory Benchmark.
I also provide screenshots of each benchmark result graph, so that you can compare the measured numbers against SiSoftware’s analyzed scores on various system building blocks I’ve highlighted.
Panasonic introduces Toughbook-74 Notebook PC to the Middle East market
http://www.ameinfo.com/83482.html
Panasonic, the leading global manufacturer of consumer electronics, has announced the Middle East launch of its semi-rugged Panasonic Toughbook® computers.
The new release, Panasonic Toughbook CF-74, is designed to be a durable, reliable wireless computing solution for today's mobile worker.
The Toughbook-74 is the ultimate road warrior PC, built from the ground up for mobility. It incorporates the new 1.83-gigahertz Intel® Core™ Duo Processor T2400, an 80GB shock-mounted HDD and a standard 512MB SDRAM (DDR2), which is expandable to 4,096MB. With integrated local area wireless, the latest semi-rugged Toughbook offers high quality, reliable wireless access to data. The WLAN connection can be switched off at the touch of a button, a useful energy saving feature.
Built with a magnesium alloy case, integrated handle, spill-resistant keyboard, daylight-readable screen and battery life of approximately eight hours, Toughbook-74 comes equipped with an extra anti-reflex coating as a new security feature, and a Trusted Platform Module (TPM v.1.2) security chip, that help protect sensitive information.
'If Panasonic has become an industry leader in the technology segment, the reasons can be traced to the company's sustained focus on quality and a customer-driven development process,' said Asahiko Ono, General Manager, System solutions. 'At the same time, we believe bringing out upgraded versions of existing products by adding significant new features is vital to retaining our competitive edge.'
'Increased IT literacy levels and a new affluence have led to widespread popularity of notebook PCs in the Middle East. Panasonic has been able to successfully leverage this trend to its advantage, and we are confident that the launch of Textbook-74 will meet with enthusiastic response and thus allow us to further strengthen our market position in the region,' Ono added.
The Toughbook-74 is built on the success of its predecessor, the Toughbook-73, which has been deployed by hundreds of enterprises, government agencies, and mobile workers across all industries.
Wave - Supported TPM Platforms
It looks like the listed has been updated for ETS 5.1
www.wave.com
Following is a partial list of Personal Computers that have integrated Trusted Platform Modules (TPMs). PC manufacturers are continually updating system designs to include TPMs. Wave software is designed to be interoperable with all models of computers containing TPMs including ones not specifically listed below. If your model is not listed and you believe it contains a TPM, please contact the manufacturer for verification.*
Acer
Veriton 3600GT/7600GT
Dell
Latitude D410, D610, D620, D810, D820 and X1
OptiPlex GX280, GX520, GX620, 530 and 730
Precision M20, M65, M70, M90, 490, 690 and WS390
Fujitsu
Lifebook B6000
T4000 Tablet PCs
ST5020 Tablet PCs
Lifebook S7010 and LifeBook E8000 series
Gateway
E-4500S, E-4500D
E-6500D SB Series
M250ES, M280E, M460ES, M465E, M685E
Profile 6
HP/Compaq
dc7100, xw4200, xw6200, xw8200, dc7100 and D530 Desktops
nc6000,nc8000,nw8000, nc4010 notebooks (all models)
IBM
x-Series 366 server
IBM (Lenovo)
T40, T41, X41, T42, T43
Intel
Desktop Board D865GRH
Desktop Board D915GAV
Desktop Board D915GEV
Desktop Board D915GMH
Desktop Board D925XCV
Desktop Board D925XECV2
Desktop Board D945GNT
Desktop Board D945GTP
Desktop Board D945PWM
Desktop Board D955XBK
Mitsubishi
Apricot AL B2
Motion Computing
LS800, LE1600 Tablet PCs
MPC Corp.
ClientPro 565 and Millenia 940i
NEC
PC98-NX MATE/MATE J
VersaPro/VersaProJ
Optima
WorkPro D9 Series
Quay Corporate
Qclient G220
Samsung
Samsung's X-Series of laptops, as well as P40 HZM 750, P40 LVC 730 and P40 MZM 730
Sony
VAIO® BX Series
Toshiba
Portégé M205-S810
Dynabook SS LX
Tecra M3
* As of April 2006
ETS 5.1 and TDM (?)
So, does anyone want to speculate what is going to be in ETS 5.1? Will the main change be the TDM?
http://www.wave.com/news/press_archive/05/050614_Seagate.html
"Related to these trusted computing opportunities, Wave is developing a new Trusted Drive Manager module and enhancing its Key Transfer Manager products which are components of its EMBASSY Trust Suite (ETS) portfolio of trusted computing software."
CardTech SecurTech 2006
Wave listed as a participant for 2006
San Fran
http://www.sourcemediaconferences.com/conferences/CTST06/participants.html
Printers & TPMs
I seem to recall Steven talked about TPMs, computers and printers in an interview. He stated something to the effect that computers on the network would still be safe even if there was a printer on the network that was comprised (assuming there was a TPM in the computers). In the near term, TPMs would not need to be installed in printers. The TPM within a PC could be setup with rules to allow printers on the networks to only perform printer functions.
It's interesting this topic has come up again.
TVtonic and Rocketboom
http://lee.org/blog/
TVTonic on Rocketboom
April 9th, 2006 12:38pm. General
My company’s product, TVTonic will be featured on Rocketboom tomorow, Monday April 9, 2006.
(Rocketboom Archive)
If you don’t watch Rocketboom, well you should.