Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Hite Fusion Fund.
Maybe someone can confirm they took a new small position in Wave. Simon was a principle in Vector Capital, as in SafeNet?
Simon Langdon
Chief Operating Officer
Hite Capital Management LLC
New York
As Hite Capital Management's chief operating officer, Simon Langdon oversees the business operations and sits on the investment and risk management committees of the firm's Fusion Fund LLC, a multistrategy, multimanager managed account product.
Prior to joining Hite, Langdon was a principal of Vector Capital Management LLC, a multistrategy statistical arbitrage hedge fund, from 1997 through the end of 2003. He was also a principal of Vector Partners LP, a broker-dealer that specialized in algorithmic trading for hedge fund clients. Vector Partners LP was sold to the Bank of America. Before joining Vector, Langdon held a variety of senior level positions with Dow Jones & Co Inc, Telerate Systems Inc and Knight-Ridder Financial, creating market analysis, as well as trading systems and software for institutional traders, hedge funds and money managers. He started his career in the financial industry as a registered representative with Shearson and its successor companies in 1984.
Langdon holds a BS degree from Whitman School of Management, Syracuse University.
SafeNet to be Acquired by Private Equity Firm Vector Capital for $634 Million
Vector Capital Will Commence Tender Offer for All Outstanding SafeNet Shares for $28.75 Per Share in Cash
BALTIMORE, Maryland - March 5, 2007 -- SafeNet, Inc. (NASDAQ:SFNT), setting the standard for information security, today announced that it has entered into a definitive agreement to be acquired by an investor group led by Vector Capital in a transaction valued at approximately $634 million. The $28.75 per share price represents a premium of 12% over the SafeNet average closing share price during the 30 trading days ended March 2, 2007 and a 57% premium over its closing stock price on October 2, 2006, the last date before the Company commenced intensive efforts to explore its strategic alternatives.
Under the terms of the agreement, a subsidiary of Vector Capital (Stealth Acquisition Corp.) will commence a tender offer to acquire all of the outstanding shares of SafeNet common stock for $28.75 per share in cash. The offer is expected to commence on or before March 12, 2007, and will expire at midnight on the 20th business day following and including the commencement date, unless extended in accordance with the terms of the merger agreement and the applicable rules and regulations of the Securities and Exchange Commission ("SEC").
The Board of Directors of SafeNet unanimously approved the definitive agreement and recommends that shareholders tender their shares into the tender offer. Members of SafeNet's Board have agreed to tender their shares.
Walter Straub, SafeNet's Chairman and CEO, said, "Over the past five months, our Board of Directors engaged in an extremely thorough review of all strategic options available to the Company, including a broad solicitation process that resulted in significant competitive interest in our Company. Based on this comprehensive process, the Board determined that being acquired by Vector Capital and its partners represents a compelling opportunity that is in the best interest of our shareholders, customers and employees."
"In Vector, we have identified a partner that is committed to assisting the Company to fully realize its opportunities while we continue to address our issues and build momentum in our business," continued Straub.
Chris Nicholson, a Partner at Vector, said, "SafeNet's full suite of leading government and industry security solutions uniquely position the Company with its strong customer base, and we look forward to working with SafeNet's talented employees and management team to build lasting value for the Company and its customers."
David Fishman, a Principal at Vector commented, "The challenges of being a public company today can sometimes inhibit growth in companies like SafeNet. We believe SafeNet will significantly benefit from being a private company, and will be in a better position to help achieve its goal of providing leading security solutions to both its Government and Commercial customers."
The tender offer is conditioned upon, among other things, approximately 78% of SafeNet's shares being tendered in the offer based on the current shares and options outstanding. If the Company becomes current in its SEC filings, the minimum tender condition will be reduced to a majority of the fully diluted eligible shares.
The transaction is not subject to any financing condition. The transaction will be financed through a combination of equity and debt, with the debt financing committed by Deutsche Bank and Citigroup Global Markets and the equity committed by Vector and certain of its partners. Provided that the minimum tender condition is met, the transaction is expected to be completed during the second quarter of 2007, subject to customary closing conditions and regulatory approvals. There can be no assurance that the transaction will be approved or consummated.
Merrill Lynch is acting as financial advisor to SafeNet, Inc., and Wachtell, Lipton, Rosen & Katz is acting as the Company's legal advisor. Credit Suisse also was retained to provide certain financial advisory services to the Board of Directors of SafeNet. O'Melveny and Myers is acting as legal advisor to Vector Capital. Deutsche Bank served as lead financial advisor and co-lead arranger of the debt financing and Citigroup Global Markets Inc. served as co-advisor and co-lead arranger.
About SafeNet, Inc.
SafeNet is a global leader in information security. Founded more than 20 years ago, the company provides complete security utilizing its encryption technologies to protect communications, intellectual property and digital identities, and offers a full spectrum of products including hardware, software, and chips. UBS, Nokia, Fujitsu, Hitachi, Bank of America, Adobe, Cisco Systems, Microsoft, Samsung, Texas Instruments, the U.S. Departments of Defense and Homeland Security, the U.S. Internal Revenue Service and scores of other customers entrust their security needs to SafeNet. For more information, visit www.safenet-inc.com.
About Vector Capital
Vector Capital is a leading private equity firm specializing in buyouts, spinouts and recapitalizations of established technology businesses. Vector identifies and pursues these complex investments in both the private and public markets. Vector actively partners with management teams to devise and execute new financial and business strategies that materially improve the competitive standing of these businesses and enhance their value for employees, customers and shareholders. Among Vector's notable investments are Savi Technology, LANDesk Software, Corel Corporation (Nasdaq: CREL), Register.com, and Watchguard Technologies. For more information, visit www.vectorcapital.com.
SP3/NAP/NAC
So, maybe on April 28th we will find out more about - "We are the guys who turn on those TPMs for aruba. We worked with them to verify the solution. This is the kind of announcement that continues to drive TPM turn on."
Earlier this week, Microsoft also announced it will release the Windows XP SP3 on April 29.
Microsoft is not adding significant Windows Vista functionality to Windows XP through SP3. However, SP3 does include Network Access Protection (NAP) to help organizations to work with the new features of the Windows Server 2008 operating system
Windows XP SP3 with NAP coming soon
XP SP3 to be useful for customers looking to deploy NAC without involving separate clients
03/06/2008
Coming soon: Windows XP Service Pack 3 featuring, network access protection, which is Microsoft's answer to NAC.
It’s been a long time coming. Microsoft initially issued the NAP client for XP last year, then reissued it a few months later with some upgrades, then promised the final version with SP3, which seemed delayed and delayed and delayed.
With its arrival, users of XP - apparently very loyal and in some cases unwilling to switch to Vista - who adopt Windows Server 2008 will be able to deploy NAP using the NAP endpoint-reporting software. The upside is that it eliminates some of the client-deployment issues that discourages many who are considering this form of NAC.
Had the NAP upgrade to XP come out earlier, XP users could have deployed NAC that is in compliance with informal standards that make it possible to blend NAP elements with NAC elements to produce endpoint checking. Server 2008 would not have been a necessary element in such a deployment.
Even so, whenever Microsoft does release XP SP3 it will still be possible to implement a multivendor NAC deployment that doesn’t rely on Server 2008 as the policy server.
SP3 adds many other improvements that customers have been clamoring for, so it attracts much more than NAP-only interest.
Overall, SP3 will extend the life of XP for a significant number of customers and as part of that may prove useful to that segment looking to deploy NAC without having to distribute a separate client for it.
http://www.networkworld.com/newsletters/vpn/2008/0303nac2.html?fsrc=rss-windows
The TCG @ Interop Las Vegas 2008
Trusted Computing Group (TCG) Sponsors NAC Day
When: Monday, April 28, 2008 9:00am - 4:30pm
Location: Lagoon L, Mandalay Bay Convention Center
NAC Day Agenda:
• 9:00 - 9:45 What is NAC?
• 10:00 - 11:00 Deploying NAC
• 11:15 - 12:15 NAC Enforcement Options
• 12:15 - 1:15 LUNCH
• 1:15 - 2:15 Sponsor Panel
• 2:30 - 3:10 Standards‐based NAC
• 3:25 - 4:15 Hard Questions about NAC
• 4:15 - 5:30 NAC Day Sponsor Reception
Come to NAC Day and Learn:
• What NAC is, and the underlying technologies that make it happen
• NAC enforcement options, and when to use various options
• NAC architecture and solution choice strategies
• Implementation issues
• Solid strategies for adding NAC, and pitfalls to avoid
Speakers: Steve Hanna, Juniper Networks and Trusted Network Connect (TNC) Co-chair
Denzil Wessels - Technical Marketing Manage - Juniper Networks
Chester Wisniewski - Global Product Specialist, Global Sales Engineering - Sophos
Manlio Vecchiet - Group Product Manager, Windows Server Division - Microsoft
Brendan O'Connell - Senior Manager, Product Management - Cisco
Instructor: Joel Snyder - Senior Partner - Opus One
Visit TCG and its Members in Booth # 421 and in InteropLabs to see Multi-vendor Hands on Demonstrations!
Aruba Networks
ArcSight
Avenda Systems
Enterasys Networks
Identity Engines
Infoblox
Juniper Networks
Lumeta Corporation
McAfee
Microsoft
nSolutions, Inc.
ProCurve Networking by HP
Q1 Labs
Symantec
Trapeze Networks
Wave Systems Corp
Microsoft Delivers Windows Vista SP1 Automatically
April 24th 2008
Microsoft has started to distribute Windows Vista SP1 automatically to the users who have the Automatic Update feature turned on.
On March 18th, Windows Vista SP1 was made available for customers who chose to manually download and install it from the Microsoft Download Center or Windows Update in English, French, German, Spanish, and Japanese.
Still, not all the Microsoft clients that have the Automatic Update turned on will receive Windows Vista SP1 update.
“While we're beginning automatic distribution today, you might not see it right away since the distribution process is very gradual. As I called out on April 7th, we'll be distributing the service pack slowly so that we can help Windows users have a good experience,” wrote Chris Flores on Windows Vista Blog.
According to Microsoft, Windows Vista SP1 will not add new features, but instead it will address key feedback received from its customers.
As Microsoft explained, the updates packed in Windows Vista SP 1 fall into three categories: Quality improvements, improvements to the administration experience and support for emerging hardware and standards.
Amongst other things Vista SP1 will enhance BitLocker Drive Encryption (BDE) by offering an additional multifactor authentication method that combines a key protected by the Trusted Platform Module (TPM) with a Startup key stored on a USB storage device and a user-generated personal identification number (PIN).
In addition, the update will add support for upcoming standards and hardware, such as Direct3D 10.1, Secure Sockets Tunneling Protocol (SSTP), Extensible Firmware Interface (EFI), and the Extended File Allocation Table (exFAT), a file system for Flash drives.
The service pack will include support for Secure Digital (SD) Advanced Direct Memory Access (DMA), which will be on compliant SD host controllers soon, to improve transfer performance and decrease CPU utilization.
Many of the changes in Windows Vista SP1 will address also the administration Experience. Administratos will surely appreciate the improvements to Group Policy management.
In the SP1 timeframe, administrators can download an out-of-band release that will give them the ability to add comments to Group Policy Objects (GPOs) or individual settings and search for specific settings.
The new update will help the users to install their legal copy of Windows Vista without having the same problems as before. In case they have an illegal copy of Windows Vista users will get pop up messages, which notify them about the status of the software along with information about how to make the software legal.
Microsoft launched the consumer version of its Windows Vista operating system on January 30 last year and it’s considered the most expensive software programme in the world which took five years and 7 billion dollars to develop. In January, Microsoft announced it has sold 100 million copies of Windows Vista so far.
Earlier this week, Microsoft also announced it will release the Windows XP SP3 on April 29. Windows XP Service Pack 3 (SP3) includes previously released Windows XP updates, including security updates and hotfixes. It also includes select out-of-band releases, and a small number of new enhancements, which do not significantly change customers’ experience with the operating system.
Microsoft is not adding significant Windows Vista functionality to Windows XP through SP3. However, SP3 does include Network Access Protection (NAP) to help organizations to work with the new features of the Windows Server 2008 operating system.
NAP is a policy enforcement platform built into Windows Vista, Windows Server 2008, and with which a user can better protect network assets by enforcing compliance with system health requirements. Using NAP, the users can create customized health policies to validate computer health before allowing access or communication and automatically update compliant computers to ensure ongoing compliance.
Besides NAP, Windows XP Service Pack 3 will include Management Console 3.0, which appears in Windows Server 2008 and Vista and the new Windows Installer 3.1.
Wave to Demonstrate Endpoint Integrity Software Integrated with Microsoft Network Access Protection.
May 21, 2007
Demonstrations at Interop show how Wave Software uses Trusted Platform Module-based IPSec with Network Access Protection and Reports on the Integrity of the Network Access Protection Components
LEE, Mass. & LAS VEGAS -- Wave Systems Corp. (NASDAQ: WAVX) will demonstrate how its EMBASSY[R] software integrates seamlessly with Microsoft's Network Access Protection to offer hardware-based security designed to prevent "lying endpoint" attacks aimed at spoofing PC health.
Network access control systems involve enforcing security policy and restricting prohibited platform configurations on the network; identifying and containing platforms that are noncompliant with policy; and stopping malware and rootkits before they touch the network. Security researchers have recently discovered vulnerabilities when network access control systems aren't protected by hardware, leaving many enterprises vulnerable to attack.
One way to mitigate the problem of "lying endpoints" is to add a layer of hardware and software protection. Wave's EMBASSY software leverages industry standard hardware security chips called Trusted Platform Modules (TPMs), now shipping on most business-class laptops and PCs today. The EMBASSY client and server applications capture, report and validate platform integrity, along with validating the integrity of the network access control system.
"Bringing the benefits of TPM integration together with Network Access Protection will help enterprise customers by enhancing the reliability of system health checks for network endpoints," said Mike Schutz, Director of Product Management - Security and Access, Microsoft Corp. "Microsoft is pleased to be working with Wave Systems to help our customers' infrastructure be more secure."
"Wave is pleased to have worked with the Microsoft NAP team to closely integrate our Trusted Platform Module-based software solutions with Vista and the NAP server," said Brian Berger, executive vice president of marketing and sales at Wave Systems. "With the availability of TPMs in millions of business PCs, these software solutions can be broadly leveraged by the enterprise to enhance security."
See the Demonstration This Week at Interop
This week at the Interop Las Vegas Conference, Wave is showing TPM-based platform integrity with its EMBASSY software in Microsoft's Network Access Protection pavilion at booth (#1548). Representatives from Wave will demonstrate the use of a TPM to provide strong platform identity to the Microsoft Network Access Protection server. In addition, the EMBASSY software will securely measure, report on and validate the health of the Network Access Protection components and the state of the platform. This compliance data is used by Network Access Protection in making the access control decision.
Wave Systems also offers the EMBASSY Trust Suite, the EMBASSYKey Management Server, the EMBASSY Authentication Server and the EMBASSY[R] Remote Administration Server which are designed to deliver improved trusted computing features for enterprise and government markets. These features include network policy management, remote administration, data protection, and strong authentication using biometrics, smart cards and TPMs.
Microsoft NAP Partners
http://www.microsoft.com/windowsserver2008/en/us/nap-partners.aspx
Barge.
Isn't it McCreary rather than Eaglelake that will include the TPM? As in Lori McCreary?
Clickstar, Intel Announce Feature Film Broadband Premiere On Intel® Viiv™ Technology–Based PCs
‘10 Items or Less’ Starring Morgan Freeman; Directed by Brad Silberling
CONSUMER ELECTRONICS SHOW, LAS VEGAS – Jan. 5, 2006 – ClickStar, Inc., a digital entertainment venture founded by Revelations Entertainment, the production company headed by Morgan Freeman and business partner Lori McCreary, with investment from Intel Corporation, will release its first feature film, “10 Items Or Less,” starring Morgan Freeman and Paz Vega (“Spanglish”). This precedent–setting effort addresses growing consumer desire for premium entertainment and marks the anticipated launch of the ClickStar broadband entertainment service later this year. The A–list film will debut on ClickStar within weeks of its national theatrical release.
ClickStar’s core mission is to become the online destination for premium content, designed to give filmmakers a vehicle to connect directly to their fans with new ways of experiencing home entertainment in a very affordable and flexible way. ClickStar’s service plans to offer first–run, pre–DVD–release films and artist–created entertainment channels as part of its online services.
ClickStar’s service will target millions of broadband consumers worldwide using Intel® Viiv™ technology–based PCs. Typical ClickStar users will be able to enjoy full screen high–fidelity films conveniently on their big screen TV from the comfort of their homes or on–the–go through laptop PCs.
Intel President and CEO Paul Otellini made the announcement during his afternoon keynote at the 2006 Consumer Electronic Show. As a strong endorsement for this ground breaking service, Otellini, Freeman and ClickStar Chairman Lori McCreary were joined by Hollywood filmmakers Danny DeVito, Tom Shadyac, Tom Hanks and Brad Silberling.
“The announcement of ‘10 Items or Less’ and the plan to deliver it through the broadband into the living room just weeks after the movie’s theatrical release marks a key milestone in the vision we outlined just two short years ago at CES,” said Otellini. “We are excited to bring this vision to reality – and even more committed to making premium, first–run content available to consumers in the comfort of their own digital home theaters.”
Freeman said, “Our collaboration with Intel continues to grow, and ClickStar with Viiv technology offers a huge opportunity for filmmakers to reach audiences worldwide. With ‘10 items or less’ and ClickStar’s service, we can now offer film fans a choice – watch it in the theatre or anytime they want in the comfort of their home.”
Brad Silberling said, “For those who won’t make it to a movie theater, it’s a chance to enjoy a uniquely intimate viewing experience – an experience that’s as intimate as the story itself.”
“10 Items or Less” is a co–production between Reveal Entertainment and Revelations Entertainment and will be produced by McCreary, Silberling and Julie Lynn. The film begins shooting next month in Los Angeles.
About ClickStar Inc.
ClickStar Inc. is a broadband entertainment company founded by Revelations Entertainment in 2005. ClickStar’s core mission is to offer exclusive first–run feature films, artist–created channels from Hollywood’s biggest names with complete viewing flexibility and a unique opportunity to get closer to the stars. More information on ClickStar and can be found at www.ClickStarInc.com, and www.RevelationsEntertainment.com
About Intel
Intel, the world leader in silicon innovation, develops technologies, products and initiatives to continually advance how people work and live. Additional information about Intel is available at www.intel.com/pressroom and blogs.intel.com.
Aruba Network - Clients.
Microsoft Sniffs Out Aruba
JUNE 02, 2004
Microsoft Corp. is undertaking a major security upgrade on its worldwide wireless LAN network -- using an intrusion detection system from 802.11 switch startup Aruba Wireless Networks to try and stop unauthorized use of access points (APs) across its campuses.
For those of you who don't know, Microsoft runs one of the largest corporate wireless LAN networks in the world. The software giant has an installed base of 4,505 APs in its offices around the globe. Up to 18,000 users log on to this network daily.
Aruba Wins Microsoft Deal
JUNE 13, 2005
Enterprise wireless LAN startup Aruba Wireless Networks has won the hotly contested contract to supply Microsoft Corp. with 802.11 gear for its 277 buildings worldwide.
Microsoft will use Aruba software and controllers to manage 5,000 of its slimline access points. The deployment will cover more than 17 million square feet and replace Microsoft's original deployment of Cisco Systems Inc. Aironet standalone APs. A spokesman for Cisco told Unstrung that he couldn't comment on the deal.
Aruba started working with Microsoft on wireless LAN last June with a security overlay for its WiFi network (see Microsoft Sniffs Out Aruba ). Keerti Melkote, VP of product management for Aruba, says that security remains a key factor in Redmond chosing his firm, along with the scaleability of the Aruba system.
Melkote also suggests that the deal could mean more work between the companies in other areas. "You'll see better integration with Microsoft," he says, particularly around security, RF issues, and wireless LAN roaming capabilities in Microsoft's Longhorn client software.
Microsoft Puts Aruba Networks on The Map
June 13, 2005
UPDATED: Putting one vendor on its heels and another on the map, Microsoft will replace its Cisco wireless local area network (define) gear with equipment from Aruba Networks.
With more than 25,000 users on the network at any given time in 60 countries, Microsoft's WLAN is one of the world's largest. It is deployed in 277 buildings comprising more than 17 million square feet.
Aruba, which was chosen after independent labs tested its equipment against better-known rivals, will supply Microsoft with mobile controllers, software and 5,000 wireless access points.
The system will reduce the equipment needed and will eliminate the need for Microsoft to deploy overlay networks for voice-over-wireless, guest services, security and wireless location services, the companies said. Financial terms were not disclosed.
"It's a big win for Aruba, since Microsoft is a very visible, influential and sophisticated company, and made this decision after an extensive evaluation," Craig J. Mathias, principal with the Farpoint Group, told internetnews.com.
Mathias said Cisco is "undoubtedly disappointed," but its industry position won't be jeopardized by losing Microsoft's corporate WLAN business.
Ken Dulaney, an analyst with Gartner, agreed that the win means more for Aruba than the loss does for Cisco.
"This kind of deal is extremely important for Aruba," Dulaney said. "Since Cisco was in there on the first round, it is slightly negative for Cisco, but probably won't impact them all that much."
Cisco spokesman Charles Sommerhauser said Cisco cannot comment on customer decisions but said the company is very pleased with the state of the WLAN business. "Cisco has many satisfied customers; we are continuous market share leaders per analysts and are seeing strong business."
Aruba is based in Sunnyvale, Calif. It is privately held and has raised $59 million in three rounds from Matrix Partners, Sequoia Capital, TrinityVentures and the WK Technology Fund.
It counts German software giant SAP among its enterprise customers and also works with several colleges and universities, including Dartmouth and Yale.
Aruba recently signed a potentially lucrative partnership with French telecom giant Alcatel, which will resell its wireless switches. That move was prompted by Cisco's $450 million purchase of Airespace.
Helpful.
Anytime an enterprise turns on the TPM in order to use it for any applications, they will realistically need to have centralized management software like ERAS and key management like EKMS to provide the infrastructure, separate from the application usage such as Aruba’s clients. This is a good development for the industry to get TPMs turned on and used, and provides opportunities for Wave’s products.
Goepling.
I was told by Wave that "We are the guys who turn on those TPMs for aruba. We worked with them to verify the solution. This is the kind of announcement that continues to drive TPM turn on."
Siemens COM Selects Eracom's ProtectDrive for CardOS Smart Cards
12/13/2004 - Eracom Technologies, a leading pioneer of cryptographic announced the successful partnership and integration of the leading hard drive encryption solutiontechnologies and Siemens COM , ProtectDrive, with Siemens COM smart cards running under the Siemens operating system.
Leveraging the advanced security of Eracom Technologies’ ProtectDrive with the physical security of Siemens COM CardOSTM smart cards, this partnership delivers the first pre-boot PKI based two-factor authentication solution to the German market. Meeting government and enterprise needs for data encryption and user authentication for servers, workstations and laptops, Eracom Technologies will play an integral role with the already planned deployment of Siemens COM smart cards to all of German government agencies.
ProtectDrive, a world-leading security solution popular within enterprise and government segments for encrypting the entire hard drives of servers, PCs and laptops, is one of the most secure software products of its type. The integration of the Siemens COM smart card under the Siemens CardOsTM operating system, delivers benefit by heightening the security even further with two-factor authentication. This authentication process consists of the combination of ‘Mind and Hardware’; what you know (username and pass-phrase) plus the Siemens smart card. This combination is therefore required to certify pre-boot access to the computing device operating system and encrypted data stored on its hard drive. Single-factor authentication requires only a username and pass-phrase as pre-boot authentication.
A Siemens COM smart card device is uniquely issued to each individual user, containing an encrypted algorithm that secures and manages the PIN certificate, which is exclusive to the system it is authenticating to. The user must insert the smart card into their PC before the system proceeds to the user authentication stage. It is then that the user enters the pass-phrase and authenticates to the device itself (assuming the PIN is correct). ProtectDrive authenticates the pass-phrase with the smart card allowing the PC to boot the operating system and transparently decrypt data on the hard drive with the only user interaction entailing username and pass-phrase entry. All data is automatically encrypted when stored on a hard drive protected by ProtectDrive.
Maximum protection against data theft requires not only strong user authentication management and data encryption, but also protection of the master boot record. Data thieves can circumvent inbuilt security systems by removing the disk and installing it on another machine to read previously encrypted data via the new computers Windows’ permissions. ProtectDrive's 'Pre-Boot Authentication' feature totally eliminates this risk, securely authenticating the user prior to booting the operating system. Data is encrypted even when the PC is switched off, ensuring non-readability via another computer.
“Integrating with and supporting the Siemens COM CardOSTM was an important initiative for Eracom Technologies and forms part of our ongoing commitment to pioneer absolute, no-compromise security solutions for the German market and our German partners” said Ansgar Dodt, COO EMEA of Eracom Technologies. “CardOSTM support ensures this level of security to both Eracom Technologies and Siemens COM customers while the corporate partnership leverages a perfect match both in vision, and in delivering a solution that addresses the needs of governments and companies in Germany.”
http://www.embeddedstar.com/press/content/2004/12/embedded17526.html
SECUDE partners with Siemens to introduce new version of SECUDE secure notebook.
14 September 2007-
SECUDE partners with Siemens to introduce new version of SECUDE secure notebook
SECUDE International AG, a provider of IT security products and solutions, has released a new version of its hard disk encryption solution SECUDE secure notebook, a result of its technology partnership with Siemens, a communications technology manufacturer.
According to the company, SECUDE secure notebook 8.0.2 features Full Disk Encryption and Pre-Boot-Authentication to protect confidential business data on notebooks, desktops, and external mass storage devices from unauthorized third parties. In addition, the new version offers faster boot time.
As part of the partnership, Siemens CardOS API has been integrated into the solution, allowing Pre-Boot-Authentication to the notebook with a range of authentication devices from Siemens, giving companies more flexibility in choosing smartcards or security tokens.
Siemens CardOS is reportedly a multifunctional, certified smart card operating system that offers active and passive protection for stored data, certificates and cryptographic keys, while Siemens CardOS API is a crypto middleware for workstations and servers, offering necessary application interfaces to perform encryption, authentication and digital signatures in connection with the common business applications.
No financial details were disclosed.
http://www.allbusiness.com/technology/software-services-applications/5525845-1.html
SECUDE, Seagate, and GammaTech Team up to Deliver Ground-Breaking Encrypting Laptop PCs
FREMONT, Calif., July 11 -- SECUDE, Seagate & GammaTech (formerly Twinhead) are teaming to deliver best-in-class security solutions designed to prevent unauthorized access to data on lost or stolen notebook PCs. SECUDE's FinallySecure(TM) authentication technology, combined with Seagate's DriveTrust(TM) security featuring hardware-based full disc encryption, is now available on DURABOOK notebooks by GammaTech.
"SECUDE's FinallySecure(TM) provides total Data-at-Rest security with Seagate's Momentus® 5400 FDE.2 hard drive. The 2.5-in. notebook drive is the industry's first system to feature hardware-based full disk encryption, access control, and password management -- all without compromising performance," Dr. Heiner Kromer, CEO of Secude International AG.
The combined solution is the first link in the authentication chain, providing an Adaptive Technology with Risk Management and Productivity gains for end to end security. The SECUDE and Seagate security umbrella protects against loss of data, fines from non-compliance, and destruction of brand value. In addition, end user transparency results in an ROI from productivity gains and also allows for migration from single user to enterprise and software to hardware, all with central management. The solution allows GammaTech customers to survive, adapt, and grow in a heterogeneous IT eco-system.
"Seagate is pleased to see our current customer base leverage this technology to add security value to their current systems," said Tom Major, Vice President of Personal Compute Business, Seagate. "The market is hungry for this type of protection, and together we offer a robust best-in-class solution with little integration impact."
Seagate DriveTrust Technology is a next-generation security platform built into the hard drive that is considerably stronger than typical BIOS, OS, or ATA based hard-drive security solutions. DriveTrust combines strong, fully automated hardware-based security with a programming foundation that makes it easy to add security-based software applications for organization-wide encryption key management, multi-factor user authentication and other capabilities that help lock down digital information at rest. SECUDE has been an established leader in key & access management, authentication, and encryption technology for over a decade with a suite of products creating an end to end security platform including Single Sign-On, Key & Token Management, and encryption technologies. SECUDE has been a strong IT security partner of SAP for 10 years and is a leading provider of key and access management technologies for Seagate encrypted disk drives.
DURABOOK laptop computers from GammaTech, the newly named U.S. sales and marketing arm of Twinhead Corporation, feature spill-resistant keyboards, patented optical disk tray locks, anti-shock LCD screens and protected hard drives, all capable of meeting U.S. military MIL 810F standards for ruggedization. All DURABOOK laptops are protected by a magnesium alloy case 20 times stronger than ordinary ABS plastic notebook housings. The highly engineered laptops fill the fast-growing demand among professionals, students, and other active, mobile individuals for ultra-durable notebooks that can withstand the knocks, shocks, drops and spills of real life.
"With the ever increasing concern for security and data protection, the need for advanced access control and data security in laptops is obvious," said Steven Gau, president of GammaTech Computer Corporation. "This combined laptop security solution will be of immense value for a wide range of applications and for government and corporate users worldwide."
About SECUDE SECUDE International AG, the End-to-End IT Security Products & Solutions Company is a market leader in the areas of authentication & authorization, encryption, data integrity and the management of digital identities, delivering a higher level of IT Security to organizations around the world. We offer solutions in single sign-on and the security of documents, applications and transactions.
SECUDE is a member of IT SEC SWISS AG and was founded in 1996 out of a partnership between SAP AG and the Fraunhofer Institute in Darmstadt, Germany. This partnership resulted in the Secure Network Communication (SNC) module for SAP AG. Headquartered in Lucerne, Switzerland, we have a world-wide customer base and offices in the USA, Germany, Netherlands, Spain and United Arab Emirates.
Protect Drive / Cyberflex access cards.
US Army Selects SchlumbergerSema Smart Card Readers for Implementation of Department of Defense Common Access Card Program Represents Largest Single Deployment of Smart Card Readers in the US to Date
Austin, TX, September 20, 2001 - SchlumbergerSema today announced that Logicon has acquired nearly 60,000 of its advanced Reflex™ smart card readers for the US Army's implementation of the Department of Defense (DoD) Common Access Card (CAC) program. This new order complements the company's previous announcement that EDS purchased 600,000 of its leading Java™ -based Cyberflex Access™ smart cards for the overall DoD CAC program.
"The US Army's Secure Electronic Transactions - Devices (SET-D) Program Office chose the Reflex smart card readers after an internal evaluation and testing process," said John Gist, Logicon's program manager for the General Services Administration (GSA) Smart Access Common ID Card contract. "Readers are an integral part of smart card deployments to secure the link between users and networks." Gist noted that the contract represents the largest single deployment of smart card readers in the US to date and the first time the GSA contract has been used by one of the services to support its smart card requirements.
The US Army will utilize the Reflex 72 USB and Reflex 20 PCMCIA readers, which connect with desktop and portable PCs to authenticate smart cards used for secure network access, as part of their implementation of the DoD CAC program. The DoD CAC program is using highly secure, multiple application smart cards 'such as the SchlumbergerSema Cyberflex Access card' for physical identification, building access and network access in a multi-tiered program that is being rolled out throughout the DoD over the next few years. Both types of SchlumbergerSema Reflex readers are compliant with PS/SC standards to fully utilize the smart card handling capabilities of the Microsoft® Windows®.
SchlumbergerSema Reflex readers and Cyberflex Access smart cards are part of the company's extensive portfolio of smart card-based total solutions for information security, e-transactions and other applications used by government agencies, mobile communication operators, financial institutions, corporations and other types of businesses. The total SchlumbergerSema smart card-based offering includes cards, readers, terminals, software, servers, applications development, consulting, integration and other services.
SafeNet ProtectDrive Enterprise
(CC-EAL2, undergoing CC-EAL4, FIPS140-2)
SafeNet through the aquisition of Eracom Technologies pioneered full disk encryption technology in 1987, thereby laying the foundation for today's Privacy of Information products.
SafeNet has continued to innovate and refine the technology behind hard disk encryption to ensure the ultimate line of defence against the pioneering efforts of data hackers and thieves. This has enabled the ProtectDrive disk encryption solution to meet the evolving data security, deployment and management needs of the government and enterprise markets.
Today, ProtectDrive is one of the most advanced hard drive encryption solutions in terms of data security, usability and organisation-wide network deployment and management. ProtectDrive is used by governments and enterprises worldwide.
http://www.lightsourcetech.com.au/SafeNet/ProtectDrive-Enteprise.html
Eracom Technologies' ProtectDrive Delivers Full Disk Encryption Tailored for use with Axalto Cyberflex Smart Cards
08 February 2005.
Eracom Technologies, who pioneered full disk encryption software in 1987 for PC’s, laptops and servers, today announced the latest release of ProtectDrive version 7.2, now incorporating AES 128, 192 and 256 bit encryption and support for Axalto (Schlumberger) Cyberflex smart cards.
As one of the few full disk encryption solutions to utilize smart cards with X509 certificates for pre-boot authentication, the new ProtectDrive v7.2 now includes support for the Axalto (Schlumberger) Cyberflex Access smart card. Axalto is a leading provider of microprocessor smart card solutions with a global market share of 27% (Gartner 2003).
Organizations using Axalto Cyberflex Access smart cards will now be able to easily integrate ProtectDrive into their IT security infrastructure to secure confidential data on laptops, workstations and servers from unauthorized use. Using the X509 certificate function pre-installed within the Axalto Cyberflex smart card, two-factor authentication can be rapidly configured within the ProtectDrive full disk encryption solution. ProtectDrive facilitates this level of strong authentication security by requiring a user password log-in (what they know) as well as the physical security of a smart card (what they have).
The choice of encryption algorithms within ProtectDrive has been expanded within v7.2 to include Advanced Encryption Standard (AES) 128, 192 and 256 bit, in addition to tripleDES (3DES) and the IDEA algorithm. This enables organization’s even greater flexibility to configure a full disk encryption solution to suit their risk environment related to laptops, workstations and servers.
The incorporation of AES encryption is an important development for the ProtectDrive hard disk encryption solution. The demand for AES has increased considerably since its rating in 2001 within the Federal Information Processing Standard (FIPS) as the (U.S) federal government approved encryption algorithm. AES is often regulated as a standard encryption algorithm for use by many governments to secure confidential and ‘Secret’ level digital information, and this has encouraged its increased use within both government and private enterprise.
http://www.net-security.org/secworld.php?id=2903
Axalto U.S. Shipments of Cyberflex Access Smart ID Cards Surge
Axalto customer purchases of Cyberflex Access™ smart cards in the United States surged significantly in the last two years. The rapid growth shows that the use of smart cards as secure identity credentials and employee badges is taking off in the United States. Some of the large government organizations that have adopted Axalto’s two-factor authentication include the U.S. Departments of Defense, Homeland Security and Interior as well as the General Services Administration (GSA). Among the many corporate clients are the Royal Dutch/Shell Group of Companies, Nissan Motor Co., Ltd., Dell Inc. and Sun Microsystems, Inc., whose Axalto smart card-based corporate badge was cited in a recent Wall Street Journal article as one of the top ten technologies companies are using to keep their mobile workers connected and productive.
Forrester Research, one of the IT industry’s leading research firms, sees high growth in this sector as a trend that is likely to continue. In “Market Trends 2004: Enterprise Single Sign-On,” analyst Steve Hunt reported that there is no doubt that smart cards will become the authentication token of choice in the future, in part because they offer multiple functions in a single, familiar and easy-to-use form factor.
Karthik Nagarajan, a research analyst from Frost & Sullivan, also expects continued market growth. “The processing capabilities and robust security of microprocessor smart cards make it an ideal medium for achieving strong authentication. At the same time, smart cards store large amounts of data and can run multiple applications. With these advantages we expect smart card use to grow in health care as well as in the government and IT sectors,” said Nagarajan.
In the United States, system integrators and partners have been critical to the product’s successes, including ActivCard, Inc., Atos Origin S.A, BearingPoint, Inc., Electronic Data Systems Corporation (EDS), HID Corporation, MAXIMUS, Inc., Northrop Grumman Information Technology, RSA Security Inc. and Schlumberger Information Services (SIS). These partners have used Cyberflex Access cards as a secure platform upon which to deliver solutions of many kinds, including corporate badge applications, email and document encryption, identity management software, secure remote access (VPN) and administration of personal passwords, logons and preferences.
Solutions created leveraging Cyberflex Access smart ids have involved technologies as diverse as digital certificates, biometrics, thin clients and directories. Many of the deployments have also incorporated Axalto’s DeXa.Badge™ Card Management System platform to manage identities and control access of employees to systems and facilities. An increasing number are using the e-gate™ product which is available in both smart card andtoken form factor. The e-gate USB token enables affordable smart card deployment across virtually any computer via the Universal Serial Bus (USB) port.
Many Internet service providers, banks and e-commerce site operators are already considering the use of such cards. “Inserting a microprocessor smart card like Axalto’s Cyberflex Access into the security chain is the only reliable way to proactively address problems introduced by spam, phishing, key logging programs, identity fraud and other difficult-to-stop attacks on ID/password security,” said Paul Beverly, president Axalto Americas. “Driven by more frequent attacks from hackers using more sophisticated viruses and spam techniques, online communities will increasingly turn to smart cards. Smart cards are the only authentication devices that can offer personalization, convenience, and portability, along with high security, standardization and a high degree of integration with PC and workstations.”
Axalto is working with other industry leaders to facilitate deployment of identity-based Web services and is an active member of the Liberty Alliance Project (http://www.projectliberty.org). This is an alliance of more than 150 companies, non-profit and government organizations committed to developing open standards for federated network identity and identity-based services.
http://www.smartcardalliance.org/articles/2004/09/07/axalto-u-s-shipments-of-cyberflex-access-smart-id-cards-surge
LIFTING THE LID: Paid-for stock research scores with investors
Stock research commissioned by listed companies has traditionally gotten little respect. Institutional investors saw it as the bottom of the food chain, even below the Intemet-era reports peddled by brokerage firms that regulators showed were tainted by ties to investment banking business.
Lately, however, portfolio managers are overcoming their skepticism. They cite impressive performance and access to information on companies that the large Wall Street investment banks don't bother covering.
Although questions of objectivity and the potential for stock scams remain, experts say some of the research is on par with the best - and takes an independent line no matter who paid for it.
Taglich Brothers and J.M. Dutton 8 Associates, which both get paid by the companies they write about, were among the top five equity research firms last year, according to Investars, a Hoboken, New Jersey, firm that tracks the performance of analysts' stock picks.
"I'm more apt to look at a Taglich report than I am a major firm," said Evan Greenberg, who manages about $30 million at New York-based Meadowbrook Capital Management. "They're one of the best-performing brokerages I work with."
StarMine, a San Francisco-based performance tracker, gives two of Dutton's 18 U.S. analysts five stars for their stock picks over the last two years, a designation reserved for the top 10 percent of analysts.
Investors who followed the advice of energy analyst Les Childress, for example, got a 64 percent return, nearly 23 percentage points above the average return on the companies he covers.
LACK OF COVERAGE
Without Childress' direction, investors would have been hard pressed to find those companies. As Wall Street firms cut analysts' ties with their investment banking operations and struggle to support the high costs of research with trading commissions alone, they have pruned the number of companies they cover to the biggest names.
For companies whose market capitalization is less than $500 million, overall coverage is down by more than 35 percent since 2001, according to research firm Thomson First Call. And nearly 60 percent of all publicly traded companies in the United States get no coverage at all.
This severely hinders smaller companies' ability to attract capital, experts say.
In response to the drop in coverage, many small companies have sponsored their own reports. For $25,000 to $40,000 a year, they get third-party earnings estimates and stock ratings that are distributed on their Web sites, through broker-dealers, and on platforms such as Reuters Estimates, Thomson First Call and Yahoo Finance.
The opinions aren't always glowing, as evidenced by Fundamental Research Corp's downgrade on June 9 of technology company Resin Systems Inc. (RSSYF.OB: Quote, Profile, Research) (RS.V: Quote, Profile, Research) to "hold" from "buy" due to production delays.
"You're not buying the research to make your company look better than what it is," said Resin Chief Executive Greg Pendura. "You're simply going the awareness route. For small companies, it's very difficult to attract institutional attention."
Investors are listening. In May, more than 200 institutions, including Merrill Lynch Investment Management and BIackRock Advisors, downloaded Dutton's reports from Thomson First Call.
Meanwhile, New York-based Crystal Research Associates, which focuses on the health care industry, said it distributes its reports to more than 5,000 investors each month.
"If a company's looking for research coverage, usually there's a good story to tell, and it's not being told anywhere else;" says Meadowbrook's Greenberg. "I need this model."
CAVEAT EMPTOR
Strange as it may seem, sponsored research is considered independent because it has no ties to investment banking. And unless the research firm also happens to be a registered broker-dealer, as Taglich Brothers is, it is largely unregulated.
"This is obviously fraught with all kinds of conflicts of interest," says Jonathan Boersma, vice president of professional standards at trade association CFA, formerly the Association for Investment Management and Research.
His organization has proposed guidelines to help the nascent industry police itself. To ensure, objectivity, research firms should be paid upfront in cash, and companies should have no influence on the content of the reports, Boersma says.
Although those guidelines are not enforceable, the research firms do have to comply with SEC rule 17(b), which requires them to disclose their form of compensation to investors.
But concerns about the company-sponsored model remain.
"I think the desire for repeat business will cause many analysts to butter up their clients" with inflated forecasts and ratings, said John Coffee, a professor of securities law at Columbia University. "The disclosures don't end the real basic conflict, which is that you want future business."
To that fear, investors have one response: performance.
"You can only fool the buy-side once," says Adam Epstein, portfolio manager at San Francisco-based investment fund Enable Growth Partners. "Our job is to focus on substance, not form, no matter where that substance comes from."
Taglich.
Stocks With Only One Direction to Go
EBERHARD SCHÖNEBURG knows just how miserable life can be for a company that is on the Pink Sheets, the bargain basement of the stock market, and he knows how hard it is to move a company upstairs, where investors are more likely to notice it.
After the dot-com bust, his company, Artificial Life, a onetime Nasdaq high flier, found itself trading as low as a nickel a share on the Pink Sheets, an electronic quotation system for closely held, occasionally traded companies that do not meet the listing standards for the stock exchanges and often lack audited financial statements.
But Mr. Schöneburg successfully redirected his company into the development of virtual reality games for mobile phones, and by late last month, Artificial Life’s shares reached $3.20, though they have dropped recently.
It now trades over the counter, on the more respectable Bulletin Board, the first step toward Mr. Schöneburg’s goal of getting back on the Nasdaq exchange.
“It’s only recently that we’ve started to speak with investors,” he said. “It’s easy to knock on the door of the analysts when the stock starts to move.”
Attracting investors is a problem for all small companies, but especially for those, like Artificial Life, with a market value less than $250 million. Wall Street analysts do not deal with Pink Sheet outfits, and few cover Bulletin Board companies or even small Nasdaq concerns. Brokers usually cannot recommend these shares to retail clients because the stock prices are too low, and institutional investors are not interested in companies with small numbers of shares outstanding. For a small company to find investors, it must perform superbly and market that performance tirelessly.
“It’s a lot of work,” said Doug Burkett, the chairman, president and chief executive of Zila, a diagnostic company that sells an oral cancer detection aid. “You have got to do a good job of telling a strong story, and then you’ve go to go do it.”
To get the story out, you need help from firms specializing in investor relations; you also need research and analysis.
The role of the investor relations firm is to foster media interest in your company, get you ready for prime time and introduce you to investors. The firm will write news releases, create a press kit, focus your Web site and organize presentations.
Properly marketed, “boring companies with good numbers are not boring companies,” said Richard L. Stern, of Stern & Company, an investor relations company in New York.
Thomas Laughran of Fleishman-Hillard, which does public relations and investor relations, explained: “What we do is help you articulate your value proposition and put you in front of the right people who might be interested in it. And I’ll make sure you repeat that message every time you open your mouth in newspaper articles, press releases and investor conferences.”
There is a lot of mystery surrounding the supposedly proprietary lists of investors kept by investor relations firms. You could try to find these investors yourself, but the professionals have worked at cultivating them on clients’ behalf.
“There are 73,000 fund managers in our base of contacts,” said Dian Griesel of the Investor Relations Group. “We’re calling them all the time, asking what do you like these days and what are you passing on. Knowing the audiences and thinking carefully about how to target your client are essential.”
You will pay a lot for these services, at least $5,000 to $8,000 a month depending on your size and what you want done. You have to give a firm at least six months to start generating results, and you should reach agreement on measuring success. “What we want to see as a result of our work is some liquidity in the stock, so that people are trading it; sponsorship from institutions; and some analytic coverage,” said Marty Tullio of McCloud Communications.
Getting investors interested in your stock is literally a year-in, year-out process of talking to them. It’s not very likely that an analyst or portfolio manager will dash out of the room after your presentation and put in a big buy order — although that did happen to Brad Thompson, the chief executive of Oncolytics Biotech, a Canadian company that uses viruses to develop treatments for cancer.
Mr. Thompson was in the middle of an initial presentation to a portfolio manager when, he recalled, the manager said, “Stop.” Then he clicked a few keys on his laptop, looked up and said, “O.K., keep talking.” He had just put in a million-share order. “I said to myself, ‘That will never happen again,’ ” he recalled.
You can ask other people for referrals to investor relations firms or contact the National Investor Relations Institute in Vienna, Va., to find someone in your area. Interview members of the firm, ask for references and be sure to check them. You should meet the person who will be working on your account and understand exactly what the fees cover. No reputable firm will promise to get your stock price up, so be wary of one that does.
Your investor relations firm should be able to get you in to talk to the analysts who cover your industry. “It takes about nine months from the first meeting where they get the story before analysts will pick up coverage,” said Mr. Burkett of Zila. “They watch our execution and they do more due diligence on the company, ask more questions of management, and gradually the interest accelerates and you know that sooner or later they’ll come.”
Until then, there is another kind of coverage: company-sponsored or company-paid research reports. Wall Street denigrates these reports, but there are some legitimate providers. Two years ago, for example, Nasdaq formed a joint venture with Reuters, the news agency, and called it the Independent Research Network. It couples companies with analysts who have no vested interests in them; the analysts prepare four reports a year, timed to quarterly earnings releases. There is no guarantee that the coverage will be favorable. In fact, two analysts working through the network issued hold ratings — a Wall Street euphemism for “sell” — for a biotech company last summer. The cost of a two- or three-year contract is about $100,000 annually, but what you get is widespread distribution of the reports through Reuters, which has 425,000 subscribers.
Some brokerage firms also offer company-paid research. One is Taglich Brothers; it is highly ranked by Investars, which measures the performance of all research providers based on the success of their positive and negative recommendations. Taglich came in first over the last four years among research firms covering 100 to 500 stocks.
The firm charges clients $1,750 a month and agrees to write something every quarter and every time there is a material piece of news about the company. Again, there are no guarantees that the coverage will be favorable, and the company is not allowed to see Taglich’s earnings estimates and ratings before they are published.
“Taglich was the first to write research about us,” said Eric M. Reuter, former chief executive of Laserscope, a manufacturer of laser systems for surgery. “We used that report to market ourselves to investors. They also helped us to get to know the big investment banks.”
About six years ago, when Mr. Reuter became the chief executive, Laserscope was nearly bankrupt and selling at 66 cents a share. Last June, he sold the company to American Medical Systems for $31 a share, or $715 million.
Laserscope would have gone nowhere without superior products and performance, but there is a famous saying on Wall Street: stocks aren’t bought, they’re sold.
http://www.nytimes.com/2007/02/20/business/smallbusiness/20SHARES.html?pagewanted=print
Goepling.
Nice.
Wave Systems on Winning Team with Operational Research Consultants, Inc. for U.S. GSA Blanket Purchase Agreement Award
LEE, Mass. – Jan. 10, 2006 – Wave Systems Corp. (Nasdaq: WAVX - www.wave.com) announced today that the company is teamed with Operational Research Consultants, Inc. (ORC), a wholly owned subsidiary of WidePoint Corporation (OTC BB: WDPT), in connection with the first Blanket Purchase Agreement award issued under the new U.S. General Services Administration (GSA) "Authentication Products and Services" Category Special Item No. (SIN) 160 32, part of existing IT Schedule 70 (the "ORC ACES BPA"). The ORC ACES BPA is an indefinite delivery/ indefinite quantity (ID/IQ) program that has total ceiling value of $100 million.
Under the BPA award, ORC will provide certified credentialing for identity management solutions to federal, state, and local governments. In connection with an agreement between ORC and Wave, Wave expects ORC to provide federal government authorized Access Certificates for Electronic Services (ACES) capability, in combination with Wave's Embassy® Trust Suite secure software technology for use with compliant public key infrastructures. The terms upon which Wave will participate in the project are subject to the completion of a subcontract to be entered into between Wave and ORC.
The BPA recognizes ORC as a fully operational ACES and Shared Services Provider (SSP) as well as a provider of Homeland Security Presidential Directive (HSPD-12) products and services. Further, the BPA also recognizes the ORC team as the only provider of Personnel Identity Verification (PIV) ready solutions for HSPD-12 products and services. The combined products of ORC and Wave offer HSPD-12 ready solutions for both "logical" and "physical" security.
"ORC is working with Wave to make trusted computing solutions embedded with External Certificate Authority (ECA) and ACES digital certificates available to all branches of government," said Daniel Turissini, president of ORC. "The combination of Wave's Embassy software technology integrated with ORC's Trusted Third Party services provides another tool to ensure high levels of Information Assurance technologies in the ongoing efforts to protect personal information within the federal government."
"Authenticating a computer user into a network by using methods more secure than passwords is a continuing effort for network administrators within government and enterprises," said Steven Sprague, president and CEO, Wave Systems. "With the ORC ACES BPA, government administrators will now have easy access to Class 3 PKI certificates that can be used within a trusted Computing-based framework: a network of personal computers secured by industry standard Trusted Platform Modules and Wave's powerful and secure software technology."
Blockbuster wants to live in your TV
The movie rental behemoth has revealed a billion dollar bid for struggling electronics retailer Circuit City in a move to get into your next TV.
Blockbuster Inc. revealed Monday that it has made a $1.3 billion offer to purchase struggling big-box electronics retailer, Circuit City to set in motion a plan to sell devices that can be preloaded with or preconfigured for Blockbuster movies.
The offer was initiated in a private letter from Blockbuster CEO Jim Keyes, sent to Circuit City CEO Philip Schoonover in mid-February. "The combination of Blockbuster and Circuit City will result in an $18 billion retail enterprise uniquely positioned for the convergence of media content and electronic devices," Keyes wrote.
In a conference call with investors, Keyes called the combined company "the ultimate distribution channel for digital content." Keyes offered vague insight into what he called a content-enabled device that the combined entity might sell to consumers along with Circuit City's TVs, DVD players, and gaming devices.
Blockbuster, the Dallas, Texas-based movie rental and retail company operates over 6,000 stores in the U.S. and around the world. In the U.S., 95 percent of Circuit City's 682 stores are within 5 miles of a Blockbuster outlet.
Rumors have been circulating that the company has been in talks with device-makers, collaborating on a living room box that downloads and plays movies. The combination of the companies would open the market to content devices, "ones that fit in your pocket to ones that hang on your living-room wall," Keyes told investors Monday morning.
Since the news was revealed early Monday, Blockbuster (BBI, Fortune 500) shares have fallen nearly 12 percent to $2.76 while Circuit City (CC, Fortune 500) shares have risen more than 28 percent to about $5.00.
Circuit City has been struggling to compete with Best Buy, Wal-Mart and others in the discount electronics space. The retailer's revenue fell 5.5 percent in 2007 to $11.7 billion.
Nonetheless, Michael Pachter, an analyst with Wedbush Morgan Securities called Blockbuster's move "unrealistic and audacious". "Blockbuster is drunk with its own success," Pachter says.
Indeed, in recent years, the business has undergone a transformation, expanding its offerings beyond in-store VHS, DVD, and video game rentals. Those new initiatives have gone into hyperdrive under new CEO Jim Keyes who took over the company last July. The company now operates a combination mail-order and online movie rental business, which has been further enhanced by the Keyes's acquisition of Movielink last August.
As for Circuit City's response to the proposal, the company's board of directors acknowledges that it received Blockbuster's offer Monday. But the company's executives have questions. Circuit City's board said in a press release, "...to date Blockbuster has been unable to satisfy Circuit City and its advisors that Blockbuster's proposal could be financed."
Circuit City's board said it is "unwilling to provide Blockbuster with additional detailed due diligence information... until these questions are answered satisfactorily."
Despite some gloom and doom predictions, the movie rentalbusiness has been thriving. According to Digital Entertainment Group, Americans spent $1.4 billion renting DVDs in 2001; that grew to $7.5 billion in 2006.
Blockbuster - despite being one of the largest players in the business - has been unable to capitalize on that growth. Between 2001 and 2005, Blockbuster posted five consecutive years of net income losses.
In 2006, Blockbuster eked out a tiny net income of $54.5 million on revenues of $5.46 billion. Growth flattened in 2007, in part because of the rise of online downloads and video-on-demand services offered by cable providers. In the last year, Blockbuster's shares have plummeted by more than half. The S&P 500 has dropped just 3 percent over the same period.
Even so, Keyes has received plaudits for his work cutting costs and boosting revenue so far. A handful of observers believe Blockbuster has a chance to do well - if only in the next few years. The company's new Movielink subsidiary is key. The online movie download service was created in 2002 by a group of major movie studios including MGM Studios, Paramount Pictures, Sony Pictures (SNE), Universal Studios, and Warner Bros (which, like this Web site, is owned by Time Warner (TWX, Fortune 500)). Those studios poured a reported $100 million into creating the service's infrastructure but spent very little to promote it.
In the midst of poor uptake from consumers, Blockbuster stepped in and purchased the operation for $6.6 million in cash, according to the company's SEC filings. Although Movielink cannot yet be called a success, it does give Blockbuster the digital rights to some 6,000 films, and provides an infrastructure for digital downloads that it can use as part of its pre-existing Total Access service.
So, with the content in place, Blockbuster in now seeking a way to push those movies into homes. However, says Wedbush Morgan's Pachter, "There is synergy there, but I just don't think the future is in pre-loaded proprietary devices. Blockbuster has a vision that is just not real."
ProtectDrive - Gov.
SafeNet Expands Position As Leading Vendor of Full-Disk Encryption Products to the U.S. Government
SafeNet Offers Upgrade to 250,000 Copies of its Full-Disk Encryption Software Downloaded by U.S. Government Agencies
BALTIMORE, Maryland – July 25, 2007 – SafeNet, Inc., a global leader in information security, today announced that the company is expanding on its leadership position as a supplier of full-disk encryption products to the U.S. Government, having distributed 250,000 copies of ProtectDrive—SafeNet's full-disk encryption solution—to various Federal government agencies.
Last year, SafeNet offered no-cost licenses of ProtectDrive to all U.S. Government agencies in an effort to assist agency compliance with the Office of Management and Budget (OMB) directive M-06-16 that mandates encryption protection for sensitive data on laptops and workstations. More than 225,000 copies of ProtectDrive were downloaded in that offering. Since then, U.S. Government agencies have acquired an additional 25,000 copies of the solution.
Now that ProtectDrive was selected for U.S. General Service Administration's (GSA) SmartBUY program for full disk encryption solutions, SafeNet is offering an upgrade program available to the more than 100 U.S. Government agencies that previously downloaded ProtectDrive. The program provides an upgrade to the latest SmartBUY approved version of ProtectDrive at a discounted rate, enabling those services and agencies to benefit from the procurement savings they realized last year.
"This new program allows our U.S. Government users of full disk encryption to comply with data security mandates and SmartBUY while drastically reducing license costs," said Tim Russell, Vice President, Government Solutions, SafeNet. "This upgrade offer is unique in the security industry and underscores SafeNet's commitment to supporting the U.S. Government in securing sensitive data."
In June, the Department of Defense and the GSA selected SafeNet ProtectDrive as an approved full disk encryption solution for all federal government agencies and select state and local governments under the U.S. government's Enterprise Software Initiative (ESI) SmartBUY program. The DoD, the U.S. Internal Revenue Service, and scores of other government customers, already entrust their security needs to SafeNet.
Details on how to upgrade using SafeNet's ProtectDrive upgrade program are available at www.safenet-inc.com/SmartBUY.
About ProtectDrive
ProtectDrive, the full-disk encryption component of SafeNet's data-at-rest protection (DARP) suite, secures sensitive data on laptops, workstations, servers, and USB drives against theft or accidental loss. SafeNet ProtectDrive is offered under the SmartBUY program with benefits that no other vendor can match, including the inclusion of SafeNet ProtectPack, a file encryption utility also featuring FIPS 140-2 validation, as well as BSEC PK smart card middleware support.
ProtectDrive offers the following benefits:
Government Security Certifications – ProtectDrive meets the most stringent government security standards. ProtectDrive encrypts data with SafeNet's FIPS 140-2, Level 2-certified Cryptographic Extensions Library. ProtectDrive is Common Criteria (CC) EAL2 certified (EAL4 in process).
Easy Administration – ProtectDrive allows administrators to centrally manage disk encryption via Microsoft Active Directory. This significantly reduces the time and cost required to deploy and manage disk encryption. Unlike other solutions in the market, ProtectDrive does not require time-consuming decryption of the hard disk when installing updates. Furthermore, ProtectDrive enables seamless encryption upon deployment even when the disk is powered down during initial encryption.
Strong Two-Factor Authentication – For increased security, ProtectDrive easily integrates with strong two-factor authentication using a token or smart card, including the DoD Common Access Card (CAC).
ProtectDrive.
Just thinking, maybe a customer wants Wave to provide this as part of a bigger solution?
OMB, DoD, GSA Announce Data at Rest (DAR) Encryption Contracts
The Office of Management and Budget, U.S. Department of Defense and U.S. General Services Administration awarded 10 contracts for blanket purchase agreements (BPA) to protect sensitive, unclassified data residing on government laptops, other mobile computing devices and removable storage media devices. These BPAs could result in contract values
exceeding $79 million.
Awardees are MTM Technologies Inc.; Rocky Mountain Ram LLC; Carahsoft Technology Corp.; Spectrum Systems Inc.; SafeNet Inc.; Hi Tech Services Inc.; Autonomic Resources LLC; GovBuys Inc.; Intelligent Decisions Inc. and Merlin International.
Products are Mobile Armor LLCÕs Data Armor; Safeboot NVÕs Safeboot Device Encryption; Information Security Corp.Õs Secret Agent; SafeNet Inc.Õs SafeNet ProtectDrive; Encryption Solutions Inc.Õs SkyLOCK At-Rest; SPYRUS Inc.Õs Talisman/DS Data Security Suite; WinMagic Inc.Õs SecureDoc; CREDANT Technologies Inc.Õs CREDANTMobile Guardian and GuardianEdge TechnologiesÕ GuardianEdge.
The encryption of data-at-rest (DAR) information is now possible through these BPAs, which were successfully competed using DoDÕs Enterprise Software Initiative (ESI) and GSAÕs government-wide SmartBUY (Software Managed and Acquired on the Right Terms) programs.
DoD ESI and the U.S. Air ForceÕs 754th Electronic Systems Group at Maxwell-Gunter Air Force Base, Ala., will provide acquisition and contract support for the awards and administer the contracts throughout their five-year contract lives. GSAÕs SmartBUY program will provide all acquisition support for civilian agencies, including state and local governments.
ÒTodayÕs SmartBUY announcement demonstrates that we remain vigilant in our efforts to strengthen security and improve our efforts to safeguard sensitive and personal information across the board,Ó said Karen Evans. ÒThe government is accountable to AmericaÕs citizens for the privacy and protection of their sensitive information, while at the same time, improving services within the government. This agreement is critical to all levels of governmentÑFederal, state, and local. The DoD-GSA team solved a major data encryption issue and allows our state and local governments to share in the solution while saving substantial taxpayer dollars at all levels. This is a milestone that will help build public trust as we continue to improve security within our Information Technology systems government-wide.Ó It was EvansÕ OMB Memorandum 06-16, Protection of Sensitive Agency Information, in June 2006 that was a key impetus for federal action resulting in the agreements.
Protecting data-at-rest has become increasingly critical in todayÕs IT environment of highly mobile data and decreasing device size. Personal identity information or sensitive government information stored on devices such as laptops, thumb drives and PDAs is often unaccounted for and unprotected, and can pose a problem if these devices are compromised. In addition to saving taxpayer dollars, this enhances DAR information security and requires vendors to meet stringent technical and information assurance requirements.
Two months after OMB issued its memo, the DoD Data-at-Rest Tiger Team (DARTT) was developed to address technical requirements. The goal was to award multiple BPAs by mid-2007. Eventually, the DARTT evolved into an interagency team comprised of 20 DoD components, 18 federal agencies and NATO.
"This highly successful interagency team defined and agreed upon data-at-rest requirements, which enabled the government to establish these critically important BPAs," said David Wennergren, DoD's deputy chief information officer. "It is truly historic in that agencies from across all levels of the government came together to solve a problem and develop an acquisition solution to meet all federal and local government DAR security requirements in an incredibly short time-frame.Ó
The DARTT conducted an extensive threat/risk analysis and market survey prior to submitting recommendations to DoD military department chief information officers in October 2006. In November 2006, DARTT began the current acquisition process in conjunction with the DoD ESI. GSA SmartBUY and federal agencies joined the DARTT in December 2006 and NATO joined in January 2007, with state and local governments joining in March 2007.
ÒThese first-ever BPAs for data-at-rest encryption are also the first available for state and local government purchases,Ó said Jim Williams, GSAÕs Federal Acquisition Service Commissioner. ÒThe DOD-GSA team has leveraged the incredible buying power of the federal government to help state and local governments with their DAR solutions.Ó
State and local governments are participating under GSAÕs Cooperative Purchasing Program, which allows them to purchase IT products and services from both GSAÕs Multiple Award Schedule 70 and Consolidated Schedules that have IT special item numbers. Possible because Section 211 of the E-Government Act of 2002 amended the Federal Property and Administrative Services Act, cooperative purchasing is the means by which state and local governments have this first-time opportunity to join federal customers in purchasing encryption products fully compliant with FIPS 140-2. This federal standard defines national interoperability and security requirements for these governments electing to achieve this level for their networks.
"Protecting sensitive and private information, such as social security numbers and financial information, is an ongoing responsibility that New York State and its agencies are focused on each day," said Governor Eliot Spitzer. "By working with the federal government to protect this important information we have the ability to add another layer of protection, to New York's cyber security program, in an extremely cost-effective way."
Three categories of software and hardware encryption products are available under the BPAs - full disk encryption (FDE), file encryption (FES), and integrated FDE/FES products. All products use cryptographic modules validated under FIPS 140-2 security requirements, and have met stringent technical and interoperability requirements.
Licenses are transferable within a federal agency and include secondary use rights. All awarded BPA prices are as low as or lower than prices each vendor has available on GSA schedules, with cost avoidance to the government estimated at up to $73 million over the life of the BPAs. Additionally discounts on volume pricing range up to 85% for volume pricing, and volume pricing is based on tiers for 10,000, 33,000, and 100,000 users.
http://www.govpro.com/Classes/Article/ArticleDraw_P.aspx
SafeNet-Omap -TCG.
Wave Partners with SafeNet to Expand Enterprise Security Offerings for Data-at-Rest
Lee, MA — April 8, 2008 – Wave Systems Corp. (NASDAQ: WAVX; www.wave.com ) today announced it has completed a reseller agreement with SafeNet, Inc., a global leader in information security. Wave is now authorized to globally market and distribute SafeNet’s ProtectDrive line of software disk encryption products. Wave may also advise clients on the uses of SafeNet’s products in conjunction with its own software to enable both software- and hardware-based data protection throughout the enterprise.
“SafeNet is pleased to be partnering with Wave Systems on its ProtectDrive solution,” said Chris Holland, vice president of product management, SafeNet. “Wave’s focus on the broad market need for secure data protection, strong authentication and network security will enable companies of all sizes to benefit from our combined solutions. This market offering will allow businesses to address all their data protection needs across the enterprise under one management console provided by Wave.”
Wave’s EMBASSY client and server software leverages the security features of the Trusted Platform Module (TPM), an open standards security chip that serves as a tamper-resistant storage vault for user credentials. By leveraging Wave’s software in conjunction with the TPM, enterprises can immediately roll out strong authentication, including machine, biometric and smart card authentication, as well as instituting stronger network policies, key management and data protection. In addition, Wave provides management capabilities for fully encrypting hard drives to enable password setup and recovery, pre-boot authentication, remote deployment and lifecycle management. Wave’s automated compliance auditing features also allows an IT department to quickly verify that all data on a lost or stolen laptop was stored safely on the drive by using Wave’s enterprise server class software.
“SafeNet’s expertise in developing enterprise-class IT security and encryption technology makes them an ideal partner for us as we continue to expand our offerings to meet enterprise data protection needs,” said Brian Berger, executive vice president, marketing and sales, Wave Systems Corp. “We look forward to offering customers the ability to manage SafeNet’s ProtectDrive products, as well as trusted hardware security, using Wave’s EMBASSY solutions.”
From 2004
SafeNet has released a software development kit that allows designers to secure mobile phones developed around Texas Instruments' OMAP5912 baseband processor.
The new kit, called SafeZone, implements the Trusted Computing Group's (TCG) TSS architecture, which defines a trusted set of application programming interfaces for mobile applications. Specific APIs supported include the TSS v1.2 API, PKCS#11, Microsoft CAPI and Symbian CryptoAPI.
The software toolkit works with the crypto engines resident on the OMAP processor. When working with these engines, the toolkit allows designers to implement key management, digital signature, random number generation, hashing, and encryption/decryption capabilities to mobile designs.
The kit is available as portable C code or in a software trusted platform module (TPM) implementation for TI's OMAP secure mode architecture.
http://www.eetasia.com/ART_8800344066_480800_NP_67bad81d.HTM
AFCEA Belvoir's Industry Days - featuring PEO EIS.
Maybe more news?
Date: 4/16/2008 - 4/18/2008
Location: National Harbor, Maryland
Event Description: This two-day conference is an excellent way to meet with the U.S. Army PEO EIS Project Managers and their industry counterparts, as well as fellow AFCEA members from Washington DC, Maryland, Virginia and New Jersey. The event will feature a mix and mingle on Thursday night and two days packed with information regarding the present functions of the Army PEO EIS and it's future
Partial list of Vendors at this Event: Wave Systems Corp. Apptis, MPC, Dell.
See also posts 161945 and 161938.
http://www.fedpage.com/Event.asp?EventID=3004
From 2006.
Army requires security hardware for all PCs
Coming mandate specifies that new computers contain a standard Trusted Platform Module
Published on July 31, 2006
A new Army mandate to be published within weeks will require all Army computers to have a chip on the motherboard that is dedicated to performing security functions. The semiconductor, called the Trusted Platform Module (TPM), will interact with security features in Microsoft’s upcoming Vista operating system.
The Army’s Network Enterprise Technology Command gave its approval to act on the new requirement before issuing an announcement or guidelines. One of the first steps to acquiring the new security capabilities occurred in March, when the Army Small Computer Program purchased Dell and Gateway laptop PCs with TPM Version 1.2 installed.
“We haven’t fully integrated TPM with software yet, but we are pre-positioned with the hardware,” said Ed Velez, chief technology officer at the Army’s Program Executive Office for Enterprise Information Systems. The Army won’t be retrofitting older computers, Velez said.
If the Army succeeds in deploying TPM, the Joint Task Force for Global Network Operations might adopt the requirement for the entire Defense Department. “What you’re seeing is the services adapt to computer security threats and come up with solutions that are adopted as best practices for the joint community,” Velez said. “A lot of the security tools and processes we’re looking at are for joint operations.”
Developed by the Trusted Computing Group, TPM conforms to the group’s standard specifications. TCG was founded in 2003 to produce vendor-neutral, industry-standard specifications for hardware and software security that works across multiple platforms. The group has 141 industry members.
Wave Systems, a founding TCG member, provides software for managing trusted computing systems and devices. That software comes with Dell and Gateway TPM systems.The chief benefits of TPM include strong data protection and authentication to access the network, said Steven Sprague, Wave’s president and chief executive officer.
IDC estimates that 80 percent of all laptop PCs will come with TPM chips installed by 2009. Full activation of TPM, however, requires considerable work, experts say. “TPM is hardware,” said Charles Kolodgy, IDC’s director of security products research. “It needs software to make full use of it.”
Vista’s release will expand the software market and make TPM more valuable, Kolodgy said.
“TPM can be used to solve a lot of different problems,” said Ned Smith, a senior security architect at Intel. The applications for stolen laptop PCs are obvious, in that the technology can prevent unauthorized users from accessing data, Smith said. It can also protect desktop PCs. Although PCs are not as easy to steal, thieves can copy data to a CD, DVD or USB memory stick.
The differences between TPM and existing security technology are that TPM uses standards, offers a potential for uniformity and provides the ability to capture the integrity of the platform at a chip hardware level.
“For security to be meaningful, it has to be ubiquitous and based on standards everyone agrees to,” Smith said. “Otherwise, what you have is fragmented solutions, and it’s impossible for IT managers to have a comprehensive security strategy.”
http://www.fcw.com/print/12_27/news/95467-1.html
Linux TPM Support.
“Red Hat Enterprise Linux 5.2 Beta Now Available
March 12, 2008 10:03 AM
Sure Red Hat Enterprise Linux 5 is a stable distribution, but that doesn't mean that it doesn't change and improve - even inside of release cycles. Case in point is Red Hat Enterprise Linux 5.2 (RHEL) now available as a Beta.
The 5.2 release is the second incremental release since RHEL 5 was released in March of 2007 (RHEL 5.1 Beta appeared in August of 2007). With the 5.2 release Red Hat is adding virtualization enhancements including the ability to handle a 64 CPU system. Additionally the critical 'libvirt' technology which helps to manage the virtualization instances now gets remote management support.
IPv6 support also gets a boost in RHEL 5.2 with the addition of a DHCPv6 client and server (regular DHCP doesn't quite handle the longer IPv6 addresses all that well).
Red Hat has also improved on a long list of driver and architecture specific improvements in the 5.2 Beta.
A Beta is also a great place to try out new technology as well and that's where the 'Technology Preview' components come into play. Among the preview items in the 5.2 Beta is Trusted Computing Group (TCG) / Trusted Platform Module (TPM) Support. TCG/TPM is often a requirement in high security and government deployments and having it baked into the regular mainstream version of RHEL is likely to be very attractive for allot of potential customers.
Red Hat expects the beta testing period for Red Hat Enterprise Linux to continue until May 7, 2008
http://blog.internetnews.com/skerner/2008/03/red-hat-enterprise-linux-52-be.html
MPC to provide Coast Guard with computers.
NAMPA, Idaho, Jan. 9 Idaho-based MPC Computers announced it will supply desktop and notebook computers to the U.S. Coast Guard under prime contractor Apptis Inc.
MPC Computers is a subsidiary of personal computer vendor MPC Corp. The computers supplied by MPC are under a five-year deal Virginia-based Apptis has with the U.S. Department of Homeland Security.
"MPC is extremely pleased to partner with Apptis to meet the needs of the U.S. Coast Guard, whose active duty force encompasses more than 40,000 people," Mark Cox, MPC area vice president of federal sales, said in a statement.
"We have met the Coast Guard's needs for PCs for both administrative use and in Coast Guard vessels for the past eight years, backing our systems with a customized service and support program. We are gratified to be selected to continue this important relationship in partnership with Apptis."
Officials say as the prime contractor Apptis will administer the contract with the Coast Guard.
"We are looking forward to partnering with MPC on this contract," said Stu Strang, Apptis senior vice president. "We believe that our contract management, coupled with MPC's high-quality products will deliver tremendous value to the U.S. Coast Guard."
MPC reseller wins exclusive contract with US Coast Guard for desktop and notebook PCs Contract is worth over $100 million over five years At the Coast Guard’s request, the reseller is fulfilling 100% of the orders with MPC systems. http://www.secinfo.com/d17Bkz.u4m.d.htm
MPC Computers Wins Defense Logistics Agency Contract
NAMPA, Idaho, March 25, 2008 /PRNewswire-FirstCall via COMTEX News Network/ -- MPC Corporation (Amex: MPZ) today announced that it has been awarded a government contract to supply the Defense Logistics Agency (DLA) with desktop, notebook and tablet computers. The contract award positions MPC as a sole-source OEM supporting DLA users in the US and abroad.
The DLA contract is set up as an IDIQ (Indefinite Delivery, Indefinite Quantity) with additional one-year options, and is currently anticipated to average approximately $10 million a year in purchases. The computer products to be delivered include desktop and portable PCs from both the MPC and Gateway Pro product lines. MPC acquired Gateway's professional business in October 2007.
"This contract speaks to the strength of the relationships that both MPC and Gateway have formed throughout the government sector," noted Mark Cox, MPC Computer's sales area vice president of federal sales. "As a combined entity, we look forward to better serving our government customers through an even broader set of products and services."
About MPC Corporation
MPC Corporation (Amex: MPZ), a major US PC vendor since 1991, provides enterprise IT hardware solutions to mid-size businesses, government agencies and education organizations. With its October 2007 acquisition of Gateway's Professional business, MPC became the only top-10 US PC vendor focused exclusively on the $20 billion Professional PC market. For more information, visit MPC online at http://www.mpccorp.com.
Gateway Business, Government and Education Lines Transitioning to MPC
Gateway has sold its Small Business, Mid & Large Business, Government and Education operations to MPC Corporation as of October 1, 2007. Similar to Gateway's efforts in those segments, MPC targets customers in government, business and education and provides customized solutions including PCs, peripherals and services. The combined company will have a particular emphasis in mobile products, all-in-one desktops, servers and storage.
Headquartered in Nampa, Idaho and originally known as Micron Computers, MPC now owns the entire catalog of products and services of Gateway's professional segments and is making them available to both Gateway and MPC professional customers. Within one year, MPC will migrate products that are Gateway branded to the MPC brand as the company consolidates its notebook, desktop and server offerings; MPC will assume supplier relationships for unique Gateway products such as tablets. Gateway professional customers will be able to purchase from the entire catalog of MPC products and services.
Gateway professional-unit managers are already playing key roles in the new company, and virtually all members of the Gateway pro team have transitioned to MPC to continue their customer relationships. Also, all Gateway warranties and service agreements will continue forward without change and are now being administered in full by MPC.
Combining Gateway's professional business unit with MPC has created a powerful PC company with sales of more than $1.1 billion and 1,000 employees, including a force of 430 sales representatives—310 inside reps in two call centers and 120 field reps located across the country. This staffing will provide exceptional responsiveness, increased flexibility and a singular focus on the IT needs of the business, government and education segments. More information is available at the MPC website.
FAQ's
Q) Why is this merger occurring?
A) Like MPC, Gateway's professional unit targeted the business, government and education sectors. Gateway's strongest pro segments were education and state/local government; MPC's largest emphasis has been on the federal and business segments. The combined company has a larger overall footprint and a more balanced portfolio in the professional marketplace, allowing it to compete at a larger scale in the PC industry. For its part, Gateway will now be able to focus on its original core business of serving consumer needs with its award-winning line of home and home office computers, displays and accessories.
Q) What can I as a Gateway pro customer expect of MPC?
A) It was important to Gateway that we find a good home for our valued professional customers. Like Gateway, MPC takes pride in a history of excellence, as it has routinely won industry awards and accolades for the quality of its products and services. The collaboration between Gateway and MPC over the first year will further assure that the transition is smooth for Gateway's pro customers. And, because Gateway's pro sales and service people are moving over to MPC as part of the merger, you can expect virtually all your company contacts to remain the same.
The Defense Logistics Agency (DLA) is the largest agency in the United States Department of Defense, with about 22,000 civilian and military personnel throughout the world. The agency provides supplies to the military services and supports their acquisition of weapons and other materiel. http://www.pentagon.gov/dbt/priorities_dla.html
Through its contracting offices, DLA buys more than four million different items for Department of Defense (DoD) activities. However, DLA does not review or evaluate new items for possible use by the military Services nor does it issue research and development (R&D) contracts. http://www.dla.mil/db/
CITY OF NEW ORLEANS
Looks like this is from February of this year.
Invitation to Bid.
COMPUTERS for New Orleans Police Department
Partial list of specs:
TPM Software:
Embassy Trust Suite Gateway Edition 2.3 ST Micro
Trusted Platform Module:
TPM – Embedded security chip for user
authentication and data protection (version 1.2)
http://bids.centerdigitalgov.com/NAV_KCC_%202-11-2008_%2000009_100322.pdf
University of Pittsburgh at Titusville
Nursing Program
Gateway E-265M University of Pittsburgh@ Titusville Nursing Program
System Quote
Part Number: 1014330R
Operating System: Genuine Microsoft® Windows® XP Professional Edition
Operating System Software Backup Media: Genuine Microsoft® Windows® XP Professional Backup CD
Drivers Backup Media: E-265M Drivers and Applications CD
Application Software: Microsoft® Works 8.5
Security Software: Symantec 90-day subscription
Processor: Intel® Core™ 2 Duo Processor T7100 (1.80GHz, 800MHz, 2MB L2 Cache)
Trusted Platform Module: TPM - Embedded security chip for user authentication and data protection (version 1.2) w/ Wave Embassy Trust Suite Gateway Client Edition 6.0
Memory: 1024MB 667MHz DDR2 SDRAM (1-1024MB module)
Hard Drive: 80GB 5400rpm Serial ATA hard drive
Floppy Drive: 7-in-1 media card reader (Memory Stick®, Memory Stick Pro®, MultiMediaCard™, Secure Digital™, xD-Picture Card, Mini Secure Digital®, RS-MultiMediaCard™)
Optical Drive: Modular 24x/24x/24x CDRW / 8x DVD Combo Drive
Expansion Slots: One type II PC card slot and One Smart Card Reader
External Ports: (4) USB 2.0, VGA, IEEE 1394 (FireWire), S-Video
Recycling Fee: My order is not shipping to California - no recycling fee required
Screen: 14.1" WXGA TFT Active Matrix (1280 x 800 max. resolution)
Video: Integrated Intel® GMA x3100 Graphics (with up to 128MB Shared Memory)
Keyboard and Mouse: Full-size keyboard and EZ Pad® pointing device
Multimedia Package: Integrated stereo speakers, embedded microphone, headphone/speaker jack, and microphone jacks
Battery: Primary 8-cell lithium-ion battery with AC pack and 1 yr. limited battery warranty (To accommodate additional cells, this battery extends beyond the end of the system)
Modem: Integrated V.92 56K modem
Network Adapter: Integrated Intel® 10/100/1000 Ethernet adapter
Integrated Wireless Networking Adapter: Integrated Intel® 3945 802.11a/b/g wireless networking card
Extended Service Plan Including Limited Warranty: Notebook Total Protection Plan -- 3 year part/labor/NBD on-site/3 year technical support w/ 3 year ADP
Additional Software: Adobe® Acrobat Reader® 7.0
Carrying Case: Nylon Carrying Case Part # 9532413 (NSP) With School Logo
http://www.upt.pitt.edu/upt_nursing/Computer%20%20Requirements%205.2007.doc
Central Community College in central Nebraska.
Gateway E-4610D - Desktop
Processor: Intel® Core™ 2 Duo Processor E6400 (2.13GHz, 1066MHz FSB, 2MB cache, non-HT)
Motherboard: Intel® Q965 Chipset
Memory: 2048MB 667MHz PC5300 Dual-Channel DDR2 SDRAM (2-1024MB modules)
Hard Drive: 80GB 7200rpm Serial ATA II hard drive w/ 8MB cache
Controller: Not included
Optical Drive: 16x Double-Layer Multi-Format DVD±/R±RW/CD-R/RW recorder
Floppy Drive: No Floppy Drive selected
Monitor: Gateway FPD1765 17" Black LCD Flat Panel Display
Keyboard: Gateway Basic 104+ Keyboard
Mouse: Soft-touch USB Optical Wheel Mouse
Chassis: 6-Bay Micro-BTX Case
External Ports: (8) USB 2.0 (2 Front and 6 Rear), (2) PS/2, (1) RJ-45 Integrated LAN, (1) Microphone, (1) Headphone, (3) Rear Audio, (1) VGA, (1) DVI
Certification: Energy Star Compliant
Channel: Professional
Locale: English
Brand: Gateway
System Type: Desktop
Accidental Damage Plan: Not included
TPM Software: Embassy Trust Suite Gateway Edition 1.0
Cables: None included
Speakers: Not included
Media Card Reader: Not included
Video: NVIDIA® GeForce® 7600GS 256MB Dual DVI - Dual Link w/ HDCP & TV-Out
Sound: Integrated Sound Blaster compatible audio
Backup Media: E-Series 4610D Drivers & Applications CD Backup Media 9for Windows® XP)
Management Software: Gateway Systems Manager client V.3.2 DWL
Power Supply: 300-Watt Power Supply uATX/BTX Non-PFC
Security Software: Symantec Client Security 3.0 90-day complimentary subscription (for Windows® XP)
Operating System Backup Media: Genuine Microsoft® Windows® XP Professional Media
Monitor Speakerbar: Not included
I/O Ports: No Parallel/Serial Bracket
Controller Card: Integrated Ultra ATA100 and Serial ATA II/300 controllers
Expansion Slots: 1 PCI-E x 16, 1 PCI-E x 1, and 2 full height PCI slots
Additional System Software: Adobe® Acrobat Reader® 7.0 and Google Toolba
Modem: Not included
Operating System: Genuine Microsoft® Windows® XP Professional Edition (SP2)
Warranty: Desktop Value Plus Service Plan – 3 year part/labor/NBD on-site/3 year technical support
Application Software: No Application Software Selected
Keep Your Hard Drive Program: Non Selected
Warranty Document: Business Warranty Documentation
Software Documentation: End User License Agreement for Non-Microsoft Software
Software Review: Out Of Box Experience Review
http://www.cccneb.edu/igsbase/igstemplate.cfm?SRC=DB&SRCN=&GnavID=202&SnavID=264&TnavID=321
Central Community College is a multi-campus community college serving a 25-county area in central Nebraska—approximately 14,000 square miles with a population of more than 300,000.
CCC offers 33 career and technical education programs with a focus on degree, diploma and certificate programs requiring two years or less to complete. The college also offers an academic transfer program for students who want to complete the first two years of a bachelors degree before transferring to a 4-year college or university.
In addition, the college offers classes in communities throughout its 25-county service area, online learning, and training and development for businesses, industries and other organizations.
Central administration is located in Grand Island. Three main campuses are located in Columbus, Grand Island and Hastings. Educational centers are located in Holdrege, Kearney and Lexington. Additionally, CCC uses a variety of distance learning techniques to provide educational services in some 90 communities in its service area.
http://www.cccneb.edu/igsbase/igstemplate.cfm?SRC=DB&SRCN=&GnavID=156
Texas Cooperative Extension
Gateway E-4610D Desktop
Spring 2007 High Performance Desktop Computer Option
Hardware Specifications as purchased:
Operating System: Genuine Microsoft® Windows® XP Professional Edition (SP2)
Operating System Backup Media: Genuine Microsoft® Windows® XP Professional Media
Application Software: No Application Software Selected
Security Software: Symantec Client Security 3.0 90-day complimentary subscription (for Windows® XP)
TPM Software: Embassy Trust Suite Gateway Edition 1.0
Processor: Intel® Core 2 Duo Processor E6400 (2.13GHz, 1066MHz FSB, 2MB cache, non -HT)
Memory: 1024MB 667MHz Dual-Channel DDR2 SDRAM (1-1024MB module)
Motherboard: Systemboard w/ Intel® Q965 Chipset and Integrated Intel® 10/100/1000 Twisted Pair Ethernet
Hard Drive: 80GB 7200rpm Serial ATA II hard drive w/ 8MB cache
Floppy Drive: 3.5" 1.44MB diskette drive
Media Card Reader: 9-in-1 Memory Card Reader
Optical Drive: 16x DVD-ROM drive
Optical Drive: 16x Double-Layer Multi-Format DVD±/R±RW/CD-R/RW recorder
Backup Media: E-Series 4610D Drivers & Applications CD Backup Media (for Windows® XP)
Backup Media: Nero 6 Suite Backup Media (requires CDRW Drive)
Backup Media: Power DVD Backup Media (requires DVD-ROM or DVD-RW Drive)
Warranty: Desktop Value Plus Service Plan -- 3 year part/labor/NBD on-site/3 year technical support
Chassis: 6-Bay Micro-BTX Case
I/O Ports: Full Height Serial and Parallel Port
Power Supply: 300-Watt Power Supply uATX/BTX Non-PFC
Monitor: Gateway® 19" Widescreen High Definition LCD Display
Monitor Speakerbar: USB Speakerbar for 22" or smaller Gateway® LCD Monitors
Video: NVIDIA® GeForce® 7600GS 256MB Dual DVI - Dual Link w/ HDCP & TV-Out
Keyboard: Gateway® Basic 104+ Keyboard (PS/2)
Mouse: Soft-touch USB Optical Wheel Mouse
Management Software: Gateway System Manager Client V.3.2 DWL
Additional Software: RTY TFT Display EZ Tune Install CD
Software Documentation: End User License Agreement for Non-Microsoft Software
Software Review: Out Of Box Experience Review
Warranty Document: Business Limited Warranty Documentation
Monitor Accessories: Gateway® Flat Panel Display Height Adjustable Stand w/4 port 2.0 USB
Monitor Cable: Belkin-DVI Flat Panel Cable with a right angle connector
Controller Card: Integrated Ultra ATA100 and Serial ATA II/300 controllers
Expansion Slots: 1 PCI-E x 16, 1 PCI-E x 1, and 2 Full Height, Full Length PCI Slots
External Ports: (8) USB 2.0 (2 Front and 6 Rear), (2) PS/2, (1) RJ-45 Integrated LAN, (1)
Microphone, (1) Headphone, (3) Rear Audio, (1) VGA, (1) DVI
Certification: Energy Star Compliant
Sound: Integrated Sound Blaster compatible audio
Network: Integrated Intel® 10/100/1000 Twisted Pair Ethernet
Logitech - Premium Headset 350 USB PC Stereo W/MIC
Software
Microsoft Office Professional 2007
AntiVirus Software: Symantec Corporate edition 10 with one year update license
Adobe Acrobat 8
http://eit.tamu.edu/EITNEW/spring07/e4610D.html
AgriLife Extension
What is Extension?
Strategy & Impact
Working hand-in-hand with its Texas A&M System partners, the state legislature, and the communities it serves, the mission of the Texas AgriLife Extension Service to serve Texans through community-based education has remained unchanged for almost a century.
With a vast network of 250 county Extension offices, 616 Extension agents, and 343 subject-matter specialists, the expertise provided by AgriLife Extension is available to every resident in every Texas county. But Extension specialists are well-aware that a program offered in Dallas might not be relevant in the Rio Grande Valley. AgriLife Extension custom-designs its programs to different areas of the state, significantly depending on residents for input and program delivery.
The mission of AgriLife Extension is a seemingly simple one: improving the lives of people, businesses, and communities across Texas and beyond through high-quality, relevant education. Carrying out this mission, however, is a massive undertaking.one that requires the commitment of each and every one of the agency's 1,900 employees. Through the programs these employees provide, Texans are better prepared to:
eat well, stay healthy, manage money, and raise their children to be successful adults.
efficiently help themselves through preventing problems and using tools for economic stability and security.
improve stewardship of the environment and of the state's natural resources.
Today's AgriLife Extension is known for its leadership, dedication, expertise, responsiveness, and trustworthiness. Texans turn to AgriLife Extension for solutions, and its agents and specialists respond not only with answers, but with a significant return on investment to boost the Texas economy.
http://texasextension.tamu.edu/about/
Schools using TPMs.
Looks like Chicopee, MA schools are specifing PC's with TPMs.
COMP TECHNOLOGY SPEC’S 3-9-07
STUDENT STATION
Gateway® E-4610D
Operating System: Genuine Windows Vista Ultimate (32-bit)
Operating System Backup Media: Genuine Windows Vista Ultimate Media (32-bit)
Application Software: No Application Software Selected
Security Software: Symantec AntiVirus Corporate Edition 90-day complimentary subscription (for Windows® Vista)
TPM Software: Embassy Trust Suite Gateway Edition 1.0
Processor: Intel® Core 2 Duo Processor E6300 (1.86GHz, 1066MHz FSB, 2MB cache, non HT)
Memory: 2048MB 667MHz Dual-Channel DDR2 SDRAM (2-1024MB modules)
Motherboard: Systemboard w/ Intel® Q965 Chipset and Integrated Intel® 10/100/1000 Twisted Pair Ethernet
Hard Drive: 80GB 7200rpm Serial ATA II hard drive w/ 8MB cache
Floppy Drive: 3.5" 1.44MB diskette drive
Optical Drive: 16x Double-Layer Multi-Format DVD±/R±RW/CD-R/RW recorder
Warranty: Desktop Value Plus Service Plan -- 5 year part/labor/NBD on-site/5 year technical support
Chassis: 6-Bay Micro-BTX Case
I/O Ports: No Parallel/Serial Bracket
Power Supply: 300-Watt Power Supply uATX/BTX Non-PFC
Monitor: Gateway® FPD1765 17" Black LCD Flat Panel Display 5yr warranty
Monitor Speakerbar: USB Speakerbar for 22" or smaller Gateway® LCD Monitors
Video: ATI x1300 Ultra Video Card with 128MB Dual DVI & TV-Out
Keyboard: Gateway® Basic 104+ Keyboard (PS/2)
Mouse: Soft-touch USB Optical Wheel Mouse
Management Software: Gateway System Manager Client V.3.2 DWL
Additional Software: Thank You for Purchasing Vista on your E-4610/S-5405
Additional Software: Business Google Messaging Toolbar
Software Documentation: End User License Agreement for Non-Microsoft Software
Software Review: Out Of Box Experience Review
Warranty Document: Business Limited Warranty Documentation
System Type: Desktop
Cables: Belkin Dual Link DVI Right Angle Cable
Manufacturing: NO IEEE 1394 (FireWire) PCI Card (full height) (1 in front and 2 in back)
Controller Card: Integrated Ultra ATA100 and Serial ATA II/300 controllers
Expansion Slots: 1 PCI-E x 16, 1 PCI-E x 1, and 2 Full Height, Full Length PCI Slots
External Ports: (8) USB 2.0 (2 Front and 6 Rear), (2) PS/2, (1) RJ-45 Integrated LAN, (1)
Microphone, (1) Headphone, (3) Rear Audio, (1) VGA, (1) DVI
Certification: Energy Star Compliant
Sound: Integrated Sound Blaster compatible audio
Network: Integrated Intel® 10/100/1000 Twisted Pair Ethernet
Additional System Software: Adobe® Acrobat Reader® 7.0 and Google Toolbar
http://www.chicopee.mec.edu/comp_technology_spec.htm
http://www.chicopee.mec.edu/computer_specs.htm
From 2007.
Wave to Present at 3rd Annual America's Growth Capital Information Security Conference on Monday, Feb. 5th at 2:45 p.m. PST
When Microsoft Vista and VPNs don't mix.
May 2007
About Deploying Vista: This is the first of what will be an ongoing series examining the challenges of deploying Windows Vista and the considerations that go into the decision to roll out the new OS. The series will highlight the setbacks and successes of those who are at various stages of deployment.
A vast majority of IT shops are moving slowly on Windows Vista, concerned that a company-wide deployment will lead to nightmarish compatibility problems. But for Chris Cahalin, network manager at Papa Gino's Inc. & D'Angelo Sandwich Shops, Microsoft's latest operating system is a must-have because of its much-touted security improvements.
Cahalin applied for entry into Microsoft's Vista Technology Adoption Program (TAP), which allowed participants to pick apart Vista while it was still in beta and have direct access to various engineering groups within Microsoft. His IT department was accepted into the program, pushing the Dedham, Mass.-based restaurant chain well ahead of others in adopting the latest Windows version.
The company has now moved from testing to deployment. Laptops in the organisation are the first to be getting Vista, followed by the remaining Windows devices on the network.
"We already have a district manager with Vista on his laptop, and through TAP we have a direct line to Microsoft in case of trouble," Cahalin said. "The best way to find the kinks is to use it, and these resources have really made things happen for us."
Like many early adopters, Cahalin's IT shop is experiencing the kind of compatibility issues that are typical when a new technology is deployed early. And in Papa Gino's case, the problems don't necessarily stem from bugs in Vista itself.
It didn't take long for Papa Gino's to find the biggest kink: compatibility problems between Vista and the company's VPN technology, which Cahalin deems a critical slice of the company's security program. The company uses a VPN to secure mobile machines in a business where many laptop-wielding employees travel among the company's 400 locations across New England and often get online using wireless hotspots and hotel rooms outside his IT shop's control.
Much of Cahalin's frustration is with Cisco Systems., his VPN vendor, for not being prepared for Vista's arrival. Since the VPN is so important, he is now considering other vendors.
"As far as I'm concerned, Cisco is moving too slowly on this," Cahalin said. "Everyone knew Vista was coming, and all the third-party vendors should have started addressing potential compatibility problems before it was released."
Motivators for early adoption
Cahalin pointed to Papa Gino's reliance on credit card transactions and its determination not to suffer the kind of data breach experienced by companies like TJX Cos. Inc., as the main motivator to deploy Vista early rather than wait until the first service pack.
"Any company can suffer brand damage if customer data gets out," Cahalin said. "Credit cards have been a huge boon to our business and it is our responsibility to protect the data."
The company is also bound by regulatory requirements and industry standards such as HIPAA, Sarbanes-Oxley and the Payment Card Industry's Data Security Standard (PCI DSS), all of which demand that electronically stored data is accurate and secure from online predators.
Cahalin said the security enhancements in Vista are worth the headaches he's suffered over the VPN issue. With Vista, he said, it's a lot easier to lock down individual machines and set network policies for end users. He said it's also easier to secure and connect to legacy applications with Vista. There's even an upside to one of the security features people tend to like the least: User Account Control, which is the source of those pop-up security warnings a user sees when trying to launch certain applications.
"The pop-up boxes are something users will ignore over time, and they are bound to appear most often when people are trying to use all the legacy applications," he said. "But we can get around that simply by setting the right policy. Through policy, you can tell Vista which applications are legit and which ones are not."
Like many Windows administrators, Cahalin has long disliked that Windows would give users local administrative rights, which makes it easier for attackers to take over vulnerable machines. Vista corrects that by blocking local administrative access right out of the box, he said. As for the interface layout, Cahalin admitted it takes some getting used to. Programs and options are not in the same places as they were in earlier versions of Windows. But he said it's a small price to pay given all the extra control Vista gives IT administrators over those programs.
In the final analysis, he said, Vista offers an "astounding level of security" at no cost.
Of course, not everyone agrees. John Moyer, CEO of Portsmouth, N.H.-based security vendor BeyondTrust Corp., said he's heard from a number of customers who think Vista leaves too many decisions in the hands of the end user rather than the company security department.
"Microsoft likes to say Vista is the most secure operating system yet, but the reality is that there are a lot of applications people can't use without administrative rights, and companies don't want to deal with help desk calls every time a user gets one of those confusing, disruptive dialogue boxes," Moyer said. "They also don't like it when the end user has to make a decision on what to run with administrative privileges. There's not enough transparency for the user."
The VPN dilemma
While Microsoft is bound to bear the brunt of any frustrations people have deploying Vista, whether it's the disruption caused by all the dialogue boxes or compatibility issues, Cahalin isn't the least bit upset with the software giant over the hurdles he has faced. Instead, he blames it on Cisco's lack of preparedness on the VPN front.
"The problem is that when you use Cisco you need to live on a Cisco island," he said. "It's very proprietary. The VPN connectivity has been very spotty, and it has always been a matter of Cisco properly supporting Vista."
At the heart of the VPN problem is that Papa Gino's prefers to use a Secure Sockets Layer-based VPN and Cisco hasn't finished the work necessary to make its SSL VPN compatible with Vista. As a temporary workaround, Cahalin is switching to Cisco's IPSec VPN, which was recently made Vista-compatible. But many IT professionals consider SSL VPNs more versatile than those based on IPSec, so the situation is not ideal, Cahalin said.
When told of the problems some Vista adopters have been having with the SSL VPN, a Cisco spokesman confirmed the company had fixed the issues on the IPsec side and is working to make SSL compatible. The networking giant declined to make someone from the VPN team available to offer more detail.
Cahalin is now exploring the possibility of ditching his Cisco 5510 Adaptive Security Appliance (ASA) for another VPN product from Juniper or another vendor. And Cisco isn't the only vendor he's critical of for not being prepared for Vista's arrival. Citrix has also been slow coming to the Vista table, he said, noting that the company only recently released version 10 of the Citrix Presentation Server client, which is designed for Vista compatibility.
Any company that moves ahead with a major OS upgrade is destined to run into compatibility challenges, said Pete Lindstrom, a senior analyst with Midvale, Utah-based Burton Group.
There are a number of possible reasons for Cisco's VPN-Vista issues, Lindstrom said. One of the more likely scenarios is that Cisco is taking its time because so few of its customers are actively deploying Vista at this point.
"Cisco is probably waiting to see what the Vista demand is," he said. "To the extent that not many companies are on the bleeding edge like Papa Gino's and adoption is slow in the bigger picture, Cisco may just see this as a situation where they have more time to work out the VPN problems."
Keeping third-party security
While Cahalin is thrilled with Vista's security muscle, he believes it's still necessary to have multiple layers of security from multiple sources. Cahalin notes that every desktop machine Papa Gino's has purchased since March 2005 is fitted with a trusted platform module (TPM), a chip installed on the motherboard that's used for hardware authentication. The TPM authenticates the computer, rather than the user. To do so, the module stores information specific to the host system, such as encryption keys, digital certificates and passwords.
While Microsoft took the big step of building TPM management into Vista, Cahalin said third-party vendors are still needed to implement truly effective security. He uses a Embassy Trust security suite from Wave Systems Corp. for encryption and is considering full drive encryption options from Seagate Technology. The company has also been deploying Dell laptops with fingerprint readers.
"Long, complex passwords started to get in the way of productivity so single sign-on became a must," Cahalin said.
Between his third-party security vendors and the deployment of Vista, Cahalin said he is much more confident that his company has enough protection in place to avoid a serious data security breach. If Cisco could get its SSL VPN issues figured out, all would be right with the world, he said. Whether Cisco fixes the problem or Papa Gino's goes to another VPN vendor, he said the problem would be solved sooner rather than later.
Moyer agreed third-party security tools will continue to be necessary for the sake of defense-in-depth.
"There's a standard approach to security and it's that it has to be a layered approach," he said. "If you leave all the security to Microsoft it's like leaving the fox in charge of the hen house."
SSTP One Reason to Look Forward to Vista SP1
Sometimes building a VPN can be tedious work, especially when firewalls are involved. There are of course ways to build VPNs that can usually traverse a firewall without the need to configure new rules. One of the most common methods is to use a Secure Sockets Layer (SSL)-based VPN, which can be made to operate over standard HTTP ports.
Microsoft's new VPN technology, Secure Socket Tunneling Protocol SSTP), does exactly that. SSTP is an SSL-based client-to-server VPN tunneling protocol designed to make connectivity much easier.
The biggest benefit of SSTP is that because it works over standard HTTP ports, SSTP traffic will be able totraverse a network to reach the end-point server even when the client is behind a Network Address Translation (NAT)-enabled network, Web proxy, or reasonably configured firewall that at least allows Web traffic. This will be very helpful, especially for mobile users who find themselves using networks at hotels and conference centers, which sometimes lock down their networks to the point of being unusable except for the most basic needs.
Microsoft has already released Windows Vista to businesses and is set to release the new OS to consumers this week. As you might expect, the company is busy working on Vista Service Pack 1 (SP1), and when that update is released, it will include SSTP. The company also plans to include SSTP in Windows Longhorn Server Beta 3, due sometime in the first half of this year.
Samir Jain, lead programmer for Microsoft's RRAS technology, said that SSTP integrates seamlessly into the OS so that it works through the typical RRAS interfaces. The integration means that you'll get the same types of functionality you're already accustomed to when using RRAS, such as support for Network Access Protection (NAP), support for IPv6,
and support for various authentication mechanisms such as smart cards.
The way SSTP works is very similar to the way SSL works in a Web browser, with some added intricacies of course. A client computer connects to an SSTP-enabled server over TCP port 443--the standard SSL port. After the SSL session is built, the two systems then negotiate a Point-to-Point Protocol (PPP) session, including any required authentication. That's basically all there is to it.
Jain said that you will be able to deploy SSTP on the same server on which an existing L2TP VPN is deployed, and SSTP can share the same server certificate as the L2TP VPN. Because SSTP integrates tightly
with RRAS, very little extra configuration will be necessary to
implement SSTP.
There are of course downsides to using SSTP. For example, it won't work with Web proxies that require authentication. Another potential downside is that SSTP won't work for establishing site-to-site communication. This disadvantage is probably a minor one because site
operators typically have the ability to manage firewalls on their networks, so they can use another method of connectivity. Microsoft could however expand SSTP to work for site-to-site communication in the future. Another downside might be that SSTP won't be supported on Windows XP, but we'll have to wait and see about that. As far as I know, the company hasn't saidwhether it will make SSTP available for
XP systems.
Nevertheless, SSTP will ease the burden faced by many mobile users, and that's a plus. So there's your first reason to look forward to Vista SP1. I'm sure other reasons to look forward to SP1 will come to light as the year progresses.
http://seclists.org/isn/2007/Jan/0123.html
Vista SP1 Goes Live
3/18/2008
Microsoft today announced the availability of Windows Vista SP1 via Windows Update. The company has also posted the upgrade to its download site here.
"Today, you can now download Windows Vista SP1 via Windows Update," Microsoft Product Manager Nick White wrote on the company's Vista blog Tuesday morning. "For those of you eager to receive the benefits of Windows Vista SP1 -- you can now do so!"
The release was not unexpected; text on Amazon.com discovered this weekend implied the download would be available March 18, with the retail product being released March 19, although the mention of the download has since been removed from the shopping site.
Microsoft has released Vista SP1 for five languages: English, Spanish, German, French and Japanese. Updates for other languages are expected to start rolling out in April.
SP1 releases are typical milestones for Microsoft products as many IT shops wait until the first update before deploying. Vista's update comes a little more than a year after its initial release.
According to Microsoft, the SP1 update is designed to improve Vista's reliability and application compatibility, among other changes.
In his post, White also commented on the driver issue that initially delayed the early release of SP1 to IT professionals.
"We've completed our analysis and are happy to report that many of these issues were fixed between the release candidate (RC) and the final version," he wrote. "We identified a small number of device drivers that may be problematic after an update from Windows Vista to Windows Vista SP1."
A list of drivers that may still cause problems with the upgrade is available here (scroll down). White also recommends reading Knowledge Base article 948187 before installing the upgrade.
For now, Vista SP1 is an optional download; it will become a forced upgrade starting in "mid-April" on any computers that have Windows Update set to automatic download.
http://www.adtmag.com/print.aspx?id=22274
IBM Research - Wave Mention.
Page 18.
https://www.research.ibm.com/trl/news/workshop/20060308TC-WS-Maruyama.pdf
Consumption Based Billing
Leaked memo: Time Warner Cable to trial hard bandwidth caps
Metered Internet access is a fact of life for many broadband users around the world, but has been largely a nonfactor when it comes to wired broadband in the US. That may change, according to a memo leaked to the Broadband Reports forums. If the memo is to be believed, Time Warner Cable will be rolling out what it calls "Consumption Based Billing" on a trial basis in the Beaumont, Texas area.
Under the proposed scheme, new customers will be able to choose from a couple of different plans with varying bandwidth caps. They'll be given online tools to monitor usage and will be able to upgrade to the next higher tier of service to avoid charges for exceeding their monthly bandwidth limit. If the trial works well, Time Warner would then roll out bandwidth caps to current customers: "We will use the results of the trial to evaluate results for possible future nationwide rollouts," reads the memo.
Bandwidth caps have been a sore subject for some users who have found themselves bumping into mysterious, undefined limits. This past fall, a number of Comcast subscribers complained that their service was cut off after having reached Comcast's bandwidth limit. The problem is that Comcast (and other ISPs) do not publicize what limits they have in place. Comcast's Acceptable Use Policy, for instance, offers users only a vague warning against "generating levels of traffic sufficient to impede others' ability to send or retrieve information."
Absent hard, publicized bandwidth caps, broadband providers' only alternatives are implementing the kinds of nebulous caps Comcast has been criticized for, engaging in traffic shaping to lighten the burden on the network, or making their networks robust enough to handle demand (I'll take door number three). Both Comcast and Cox have been pilloried for using forged reset packets to thwart P2P transfers. Cox defends the practice, saying that it's necessary to "ensure the best possible online experience for customers."
Putting caps in place as is apparently planned by Time Warner would remove the uncertainty for high-volume users, and would force the heaviest consumers of bandwidth to pay accordingly. The downside is that companies with bandwidth caps could find themselves at a marketing disadvantage to ISPs without set limits.
Time Warner Cable did not immediately respond to a phone call requesting comment on whether the memo is legitimate and it is indeed planning to instituted tiered bandwidth caps.
Wave Help wanted.
Wave ad in today's local paper.
ACCOUNTING ASSISTANT Wave Systems Corporation, a leading technology company, is seeking an Accounting Assistant to join its team of professionals. The primary responsibilities of the position include processing vendor invoices and employee expense reports, processing purchase orders, assisting with payroll processing, bank reconciliations, assisting with the month-end close process and special projects. Candidate must have Associates' degree or higher in accounting or equivalent discipline and the ability to communicate effectively both verbally and in writing. Proficiency in MS Office applications and experience using accounting software pack-ages are both a plus. This is an entry-level position. An Equal Opportunity Employer, Wave offers competitive salary and benefits
Fisher Investments - WAVX shareholder.
Kenneth L. Fisher was born on November 29, 1950 in San Francisco, California. Ken is the third and youngest son of Philip A. Fisher, renowned investor and author of classic investing book, Common Stocks and Uncommon Profits, which remains relevant and in print to this day. Ken is the only industry professional his father ever professionally trained, having worked for his father in the early 1970s. Ken is currently ranked 297th on the 2006 Forbes 400 list of richest Americans. He now lives in Woodside, CA atop of Kings Mountain overlooking Half Moon Bay with his wife Sherrilyn. They have three adult sons.
Fisher Investments CEO. Ken is the Chairman and CEO of Fisher Investments, a $45 billion dollar* independent money management firm he founded nearly 20 years ago headquartered in Woodside, CA serving institutional clients and affluent individuals globally.
Forbes Columnist. Ken has written the monthly "Portfolio Strategy" column in Forbes for the last 23 years, which makes him the fourth longest-running columnist in the magazine's 90-year history. From 2000-2006, Ken wrote a monthly column for Bloomberg Money magazine, a former personal finance magazine for European investors.
Bestselling Author. Ken has authored four investment-related books, including the 1984 bestseller, Super Stocks, as well as numerous other articles and scholarly research papers, including research in the emerging field of behavioral finance. His fourth book, The Only Three Questions That Count, is now available from Wiley & Sons.
http://www.kennethfisher.com/
Wave FDE related Patent.
Does anyone have a link to the mention patent which works?
February 12, 2007
IBM puts a 1000 hypervisors on a computer and secures them
Filed under: None
The Register reported this week that IBM is announcing a platform capable of running a 1000 VMs.
Read their report here.
Hypervisors and VMs are exploding everywhere...at vendors, large and small, and at clients. These days I'm rarely at a client who isn't betting the bank on VMs and hypervisors.
What caught my eye on this article was IBM's work on moving the Trusted Computing Group's (TCG) Trusted Platform Module over to hypervisors (well, just Xen, right now). I'm delighted that IBM is leading the way with secure hypervisors and with porting TCG goals to VM environments. I'm not sure if any other vendors are working on similar projects, and if so, what stage they are in, but I want to congratulate IBM for its leadership in this arena.
Comments
During my recent trip to the RSA 2007 exhibition I became aware of a, I believe, very significant element of Trusted Computing. And it has to do with the pre-boot process in the secure platform.
There is a company by the name of Wave Systems Corp. ( http://www.wave.com ) which appears to be instrumental in Trusted Computing. I just learned that they apparently were a founding member of the TCG.
Wave recently presented to institutional investors during RSA at San Francisco. In a presentation ( http://www.wsw.com/webcast/agc5/wavx/) the CEO pointed to Wave's involvement in the preboot process (...starting at 13:50 into the presentation). In conjunction with the upcoming Seagate and Hitachi FDE hard drives this is, in my opinion, of the utmost importance. It really implies that, at this time, only Dell and Gateway can offer truly TCG secure platforms (Wave filed an 8K with the SEC) with hardware full disk encryption http://www.wave.com/news/press_archive/06/061208_8K.html.
I did some further search and found that Wave actually has been issued a patent ( http://tinyurl.com/2c6h6t ) which totally covers the mutual authentication of a main security processor (TPM) with secure peripherals (i.e. FDE hard drives) in the preboot environment. It further appears that Wave has built all the necessary, TPM interoperable, management tools (client and server).
http://weblog.infoworld.com/securityadviser/archives/2007/02/ibm_puts_a_1000.html
Hitachi-Seagate review.
Review now on the Wave site.
http://www.wave.com/news/recent_articles.html
Wavxmaster.
Perhaps Wave will put out a PR on the availability when the new version is complete.
http://www.wave.com/products/eee.html
EEE and vPro.
Cisco Security Solutions with Intel® vPro™ Technology
Cisco® and Intel are collaborating to enable better enforcement of endpoint security policies through an integration of Cisco Security Agent* and Intel® vPro™ technology.
The integration of Cisco and Intel technologies will allow IT administrators to implement differentiated policy enforcement and configuration based on the security state of the endpoint.
When used on PCs with Intel vPro technology, Cisco Security Agent offers new mechanisms for IT administrators to make more informed decisions regarding enforcement of network policy compliance. Adding a Cisco Network Admission Control (NAC)Framework* enhances device discovery, enables the “always-available” communication channel in PCs with Intel vPro technology, and provides access to detailed, pre-
boot BIOS settings and hardware asset information. This can help streamline security processes, increase customer trust in network endpoints, and establish new levels of protection between the network and PCs. http://www.ciscointelalliance.com/resources/view_resource.aspx?ResourceID=83.
Q. Does Wave Software work with Cisco Network Access Control?
A. Yes, currently Wave ETS can be deployed with Cisco NAC for strong machine identification. However, at this time Cisco NAC is not interoperable with EEE and therefore cannot use it to verify the health of PC metrics.
http://www.wavesys.com/news/events/interop07/Wave%20Interop%202007%20FAQ.pdf.
Wave Announces Availability of EMBASSY® Embassy Network Access Control and Endpoint Enforcer Security Solutions at InterOp New York.
Network Access Control for Existing Infrastructure Available Now: Product Demonstrations at InterOp Trusted Network Connect Event
Wave's new network security solutions will be demonstrated at InterOp, in a Trusted Network Connect event co-sponsored by Wave on Wednesday, September 20 (Room 2D08 – details below)
Lee, MA– September 18, 2006 – Wave Systems Corp. (NASDAQ:WAVX www.wave.com) today announced the availability of two new IT security products, introducing EMBASSY® Network Access Control and EMBASSY® Endpoint Enforcer. EMBASSY Network Access Control is designed to leverage existing network infrastructure and open industry standards for IT control over which PC clients can be used to access a network, locking out unauthorized machines.
EMBASSY Endpoint Enforcer (EEE) is an open, standards-based solution designed to work with many network access control solutions. Wave is demonstrating interoperability with the Trusted Computing Group (TCG) protocol known as Trusted Network Connect (TNC).Wave plans to develop a version of EEE that is also interoperable with Microsoft's® NAP and Cisco's® NAC architecture.
http://www.wavesys.com/news/press_archive/06/060918_INTEROP.html
Steven on network access control:
I think this will be another very significant sector in the market for Wave in relationship to network access control. In May, at the Interop show, we demonstrated the role of the Trusted platform module in connection with both Microsoft and Juniper's network access control strategies. What this in essence does is there are really two key roles for the Trusted platform module in any network access control solution. One is for the TPM to provide the role of strong machine identity. This would be true not only for Microsoft and Juniper but also for Cisco solutions, where the TPM can store a unique key and before any machine is connected to the network, the network switch will verify that key is present and it's an authorized key before that machine is connected. This is how ultimately you can make the statement that only XYZ Corp.'s machines are on XYZ Corp.'s network, and really can provide a tremendous deterrent to someone stealing user IDs and passwords or other access credentials, gaining access to a corporation.
The second is to use the Trusted platform module to sign and what the industry calls measure the health certificates of the network access control solution. So in the case of a machine connecting to the network, what the Trusted platform module does is it collects any measurement data that's done before the machine connects; it signs it, and it prepares what looks like a health report and submits that health report with a request for connection. If the health report is satisfactory, then the network switch will provide an IP address and the machine will be connected. So this is a great way to ensure that every corporate PC is in compliance with corporate IT policies around anti-virus, certain applications, certain types of software needs, either needing to be or not be installed on specific platforms.
The reason this is important for Wave is that we see these technologies packaged in Windows 2008 server. As the Windows 2008 server rolls out across the market over the course of the next few years, this will be one of the huge driving reasons to turn all enterprise TPMs on. So if you look out a number of years, this is one of the applications that will drive the multiple hundreds of millions of endpoints on the network to end up with their Trusted platform modules turned on. By no means the only application, but demonstrating the capabilities, having Wave's products as part of the solutions being offered, we're in a very unique position today to have built our Embassy Endpoint Enforcer software in a position where we are demonstrating with the market-leading NAC solutions how the TPM properly integrates according to the Trusted Computing Group standards.
http://seekingalpha.com/article/43949-wave-systems-q2-2007-earnings-call-transcript
Steven on TET.
Now, the next step is to see broader engagement of our enterprise business that will drive the company into profitability. When we serve by talking a little bit on the OEM side about, I think, another very interesting development, which is that Intel and their recent announcements over the course of last couple days has begun to show their additional technologies that leveraged the Trusted Platform Module.
The trusted execution technology their Star T technologies leveraged the Trusted Platform Module as part of their overall solution, and provides yet another very large player in the marketplace articulating to the customer that a TPM is an important component, that it’s something to be leveraged and turned on in their platform, and that really sets the stage for Wave's market.
Wave Systems Corp. (WAVX)
Q1 2007 Earnings Call
May 10, 2007 4:30 pm ET
http://seekingalpha.com/article/35232-wave-systems-q1-2007-earnings-call-transcript