Wave Juniper UAC.
Wave to Showcase Hardware-based Validation of Endpoint Data Integrity for Network Access Control at Interop Las Vegas 2008
Wave Software Extends Juniper Networks’ Unified Access Control (UAC) Machine Authentication and Health Status Verification; Limits Data Access Based on Proof of Encryption on Seagate FDE Hard Drives
Las Vegas (Interop) and Lee, MA — April 29, 2008 — Wave Systems Corp. (NASDAQ: WAVX; www.wave.com ) today announced that it will demonstrate a Network Access Control (NAC) solution that verifies the presence and state of a full disk encryption hard drive as a prerequisite for network access, assuring that only computers that comply with an organization’s encryption policy are allowed on the network. Wave will also show how standards-based, client PC security hardware can ensure the integrity of the machines on a corporate network, thus extending the capabilities of traditional NAC solutions. The demonstrations will take place at the Trusted Computing Group’s booth (#421) at Interop Las Vegas 2008, located at the Mandalay Bay Convention Center, from April 29-May 2.
Wave’s software extends the security of commercially available NAC solutions by using the Trusted Platform Module (TPM) security chip to measure, sign and store endpoint integrity metrics. Specifically, Wave will demonstrate how its EMBASSY® Endpoint Enforcer software interoperates with Juniper Networks’ Unified Access Control (UAC) to enforce a policy that requires a Seagate Momentus® full disk encryption hard drive to be present on a laptop requesting access to a network—and that its security settings, such as pre-boot authentication, be enabled and active.
"Seagate and Wave are continuing to enhance PC security solutions based on our strong, fast always-on hard drive-based encryption technology,” said Michael Wingert, executive vice president and general manager of Seagate’s Personal Compute business unit. “With the addition of Network Access Control solutions from industry leaders like Juniper and the TPM authentication from Wave, the Seagate Momentus 5400 FDE.2 hard drive clearly addresses the data at rest and network access encryption policy key criteria for enterprises.”
In addition, this joint solution provides strong platform authentication and robust protection against software attacks that create “lying endpoints.” Specifically, Wave's EMBASSY Endpoint Enforcer measures, validates and reports on the integrity of the Juniper UAC client components, providing a high level of assurance that the endpoint integrity data collected is not compromised or otherwise altered.
“Data protection capabilities such as the presence of FDE drives represent an area of increased interest from security-conscious organizations, and a logical extension of Network Access Control,” said Jay Kelley, product marketing manager, Access Solutions, Juniper Networks. “Wave provides the secure hardware authentication, data protection, and the necessary measurement data to Juniper’s UAC to facilitate a combined, hardware enabled end-to-end NAC solution. Juniper is pleased to demonstrate our complementary capabilities through this NAC demonstration with Wave.”
“We believe that the ability to verify the health and data protection capabilities of PCs before granting access to networks and confidential data is a critical step for protecting enterprises,” said Brian Berger, executive vice president of marketing and sales at Wave Systems. “We look forward to providing attendees at Interop 2008 with multiple demonstrations of how Wave’s hardware-based security solutions can make this process a reality for their organizations.”
Hardware Security Verification for Web Services
In addition to the aforementioned demos, Wave will show a proof-of-concept solution that depicts how a Web service such as a corporate intranet can use Wave’s EMBASSY Remote Administration Server to interrogate computers requesting access to sensitive data to verify the presence and state of their Seagate full disk encryption hard drive.
TheTrust-and-Verify demonstration pairs Wave’s EMBASSY Remote Administration Server (ERAS) on the server side, with Wave’s EMBASSY Trust Suite and Seagate full disk encryption hard drives on the client. When the client attempts to access pages from a local network, ERAS polls the client to confirm the presence of a Seagate FDE drive, and whether or not the drive’s hardware encryptionand strong access control are enabled and active.
By leveraging “built in” hardware security, enterprises can better prove that a PC is in compliance with data protection policies and regulations, make better network access decisions and ensure that sensitive data on a laptop computer is protected in the event the computer is lost or stolen.
AI
