Trusted Computing Group News

Trusted Enterprise Demonstrations From Trusted Computing Group Planned At RSA Conference Europe 2009

Mon, 12 Oct 2009 00:00:00 GMT

TRUSTED ENTERPRISE DEMONSTRATIONS FROM TRUSTED COMPUTING GROUP PLANNED AT RSA CONFERENCE EUROPE 2009

General Dynamics C4 Systems, Great Bay Software, Lumeta and Wave Systems to Demonstrate End-to-End Enterprise Security with Trusted Network Connect, Trusted Platform Module, Self-Encrypting Drives and Other Trusted Computing Technologies

PORTLAND, Ore. Oct. 12, 2009 - At the October 20-22 RSA Conference Europe 2009, Gold Event Sponsor Trusted Computing Group (TCG) and its member companies General Dynamics C4 Systems, Great Bay Software, Lumeta and Wave Systems will demonstrate how enterprises can use trusted computing to secure their systems, data and networks.

Trusted enterprise demonstrations will be shown in TCG's stand #2 at the conference, which will be at the Hilton London Metropole Hotel.

Trusted enterprise demonstrations specifically will show:

Data protection using self-encrypting drives (SEDs)
Dynamic differentiation and access control enforcement for a variety of users in mixed-use enterprise environments
Detection and remediation of illicit activity, such as data leakage by an endpoint
Industrial control system (SCADA) security with dynamic protection for interconnections between a control system network and an enterprise network
The Trusted Platform Module (TPM) protecting data, networks and systems, including a demonstration of the trusted virtual environment for a military-grade solution based on commercial trusted computing technologies

Delegate attendees can learn more about trusted computing from presentations throughout the event. Carlos Da Silva, senior consultant, SureSkills, will speak Tuesday, October 20, 11:30, in a one-hour case study session titled "Integrating Trusted Computing Technology in the Enterprise." Da Silva will present a case study of the implementation of an enterprise-wide data encryption project. His talk will address business and IT issues related to this implementation and details of the project including success factors.

On Thursday, October 22, 12:45 - 13:15, in the event's Technology Showcase in the Conference Central area, Brian Berger, Wave Systems executive vice president of sales and marketing and TCG board member and marketing work group chair, will address "Trusted Computing Today: Benefits and Solutions."

About Trusted Computing Group
The Trusted Computing Group (TCG) provides open standards that enable a safer computing environment across platforms and geographies. Benefits of systems based on Trusted Computing include protection of business-critical data and systems, secure authentication and strong protection of user identities, and the establishment of strong machine identity and network integrity.
Organizations using built-in, widely available trusted hardware and applications reduce their total cost of ownership. TCG technologies also provide regulatory compliance that is based upon trustworthy hardware. More information and the organization's specifications and work groups are available at the Trusted Computing Group's website, www.trustedcomputinggroup.org.

-- 30 --

Brands and trademarks are the property of their respective owners.

CONTACT:

Anne Price
+1-602-840-6495
press@trustedcomputinggroup.org

October 12, 2009 TCG Press Release also Available for Download here.

How to Avoid NAC Pitfalls with a Standards-Based Approach

Tue, 06 Oct 2009 00:00:00 GMT

"How to Avoid NAC Pitfalls with a Standards-Based Approach," published by Enterprise Systems, can be found here: http://esj.com/articles/2009/10/06/avoiding-nac-pitfalls.aspx.

Identity and Access Management, ASIS Style

Wed, 30 Sep 2009 00:00:00 GMT

"Identity and Access Management, ASIS Style," published by Security Squared, can be found here: http://www.experteditorial.net/securitysquared/2009/09/identity-and-access-management-asis-style.html

IF-MAP - Insightix extends its IF-MAP support

Tue, 29 Sep 2009 00:00:00 GMT

"IF-MAP - Insightix extends its IF-MAP support" published by The Tech Herald can be found here: http://www.ad-hoc-news.de/if-map-insightix-extends-its-if-map-support--/de/Unternehmensnachrichten/20551858.

Full Disk Encryption Evolves

Sat, 26 Sep 2009 00:00:00 GMT

"Full Disk Encryption Evolves," published by Information Week, can be found here: http://www.informationweek.com/news/security/encryption/showArticle.jhtml?articleID=220200076.

Seagate Launches Self-Encrypting Drive Option for Select Models

Tue, 22 Sep 2009 00:00:00 GMT

"Seagate Launches Self-Encrypting Drive Option for Select Models" published by The Tech Herald can be found here: http://www.thetechherald.com/article.php/200939/4490/Seagate-launches-self-encrypting-drive-option-for-select-models.

Wave to Demonstrate Integration with Intel� vPro� Technology for Fast and Easy Remote Management of Self-Encrypting Drives

Mon, 21 Sep 2009 00:00:00 GMT

Lee, MA & San Francisco, CA (Intel Developers Forum, Booths #326, #156, #158) - September 21, 2009 - Wave Systems Corp. (NASDAQ: WAVX; www.wave.com) announced today that it will demonstrate remote, out-of-band management of self-encrypting drives using its client and server software with Intel vPro technology-an advance that is designed to streamline the deployment and management of the new generation of self-encrypting hard drives. The solution is designed to allow a secure network unlock of the drives automatically by an administrator-regardless of whether the PC is powered on or not, and independent of the operating system.

Demonstrations ( in conjunction with both Dell and Lenovo) will take place at this week's Intel Developers Forum, booth #326 in the Intel vPro Technology Community and booth #156 and #158 in the Intel Mobility Pavilion (September 22 and 23, in Moscone Center West, San Francisco).

Self-encrypting drives (SEDs) are a growing segment of the data protection market, offering increased security and better performance than existing software-based encryption solutions. With the publication of the Trusted Computing Group's Opal storage specification - a single framework for hardware-based encryption-all the major drive vendors have now introduced SEDs that are based on the functions defined in the standard. The deluge of new SEDs underscores the need for central remote management of the drives, from performing routine maintenance to issuing software updates and conducting security audits. That's where Wave's integration with Intel vPro technology can offer enterprises significant benefits.

Intel vPro technology refers to the built-in capabilities on select Intel processors that enable IT to "discover" and turn on PCs remotely. Wave's solution enhances this capability by integrating support for Intel vPro technology into its software, thereby securing a remote conversation with a PC that has been powered off. This enables administrators to use Wave's EMBASSY® Remote Administration Server to remotely unlock self-encrypting drives (SEDs) regardless of their power state, as well as performing other functions such as a cryptographic erase of the drive. Additionally, the solution:

Supports network unlock. This enables SEDs in multi-user workstations, kiosks or shared systems to be unlocked by the network administrator, eliminating the need for users to supply a password for the encryption. By removing the cost of passwords for non-mobile PCs with encryption, encryption can and should be considered for all PCs.
Ties specific PCs to specific network segments, facilities or rooms by only unlocking the self-encrypting drive if the machine is connected to an authorized port.
Supports standard remote management flows. Enables authorized IT to remotely image or issue patches over the network, thus reducing the cost of management, without compromising security or disruption to IT work flow.
Enables seamless remote user credential recovery that is invisible to the end user.
Operates independently from the operating system (OS) and can thereby unlock a drive even with a corrupted OS.
Supports "green" initiatives. Enables environmentally conscious companies to power down unused systems without impacting standard IT management practices.
Supports all industry-standard Opal-compliant self-encrypting drives, including those from Fujitsu, Hitachi, Samsung and Toshiba, along with Seagate's DriveTrustTM technology.

"Wave Systems is pleased to be working with Intel to demonstrate a solution that can facilitate remote management of self-encrypting drives," said Steven Sprague, President and CEO of Wave Systems. "Intel vPro technology, combined with Wave's client and server software, increases flexibility in deployment and facilitates secure updates in a pre-OS environment. It's a simple, fast and more secure way to manage the security of self-encrypting drives over the network."

"Intel vPro technology was developed to address major barriers to IT efficiency: reducing the number of desk side visits and the internal resources needed for protecting client PCs on the network," said Tom Quillen, Director-Ecosystem Development, Intel Corporation. "We applaud Wave's integration of the built-in capabilities of Intel vPro technology into its client and server software. The combined Intel/Wave solution marks an important advance in enabling organizations to roll out hardware-based encryption solutions, as well as simplifying ongoing maintenance and management."

About Wave Systems Corp.
Wave provides software to help solve critical enterprise PC security challenges such as strong authentication, data protection, network access control and the management of these enterprise functions. Wave is a pioneer in hardware-based PC security and a founding member of the Trusted Computing Group (TCG), a consortium of more than 100 companies that forged open standards for hardware security. Wave's EMBASSY® line of client- and server-side software leverages and manages the security functions of the TCG's industry standard hardware security chip, the Trusted Platform Module (TPM) and supports the TCG's "Opal" self-encrypting drive standard. Self-encrypting drives are a growing segment of the data protection market, offering increased security and better performance than many existing software-based encryption solutions. TPMs are included on an estimated 300 million PCs and are standard equipment on many enterprise-class PCs shipping today. Using TPMs and Wave software, enterprises can substantially and cost-effectively strengthen their current security solutions. For more information about Wave and its solutions, visit http://www.wave.com.

Safe Harbor for Forward-Looking Statements
This press release may contain forward-looking information within the meaning of the Private Securities Litigation Reform Act of 1995 and Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company's financing plans; (ii) trends affecting the company's financial condition or results of operations; (iii) the company's growth strategy and operating strategy; and (iv) the declaration and payment of dividends. The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements. Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company's ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors. Wave assumes no duty to and does not undertake to update forward-looking statements.

All brands are the property of their respective owners.

Company:
Wave Systems Corp.
Michael Wheeler
413-243-7026
mwheeler@wavesys.com

How to minimize the loss of lost laptops?

Tue, 15 Sep 2009 00:00:00 GMT

"How to minimize the loss of lost laptops?" published by CIOL, can be found here: http://www.ciol.com/Technology/Security/Feature/How-to-minimize-the-loss-of-lost-laptops/15909125054/0/.

Toshiba and Intel to Demonstrate vPro Technology With TCG Opal-compliant Self-Encrypting Drives at IDF 2009

Tue, 15 Sep 2009 00:00:00 GMT

"Toshiba and Intel to Demonstrate vPro Technology With TCG Opal-compliant Self-Encrypting Drives at IDF 2009," published by Network Computing, can be found here: http://www.networkcomputing.com/servers-storage/toshiba-and-intel-to-demonstrate-vpro-technology-with-tcg-opal-compliant-self-encrypting-drives-at-i.php?type=article.

What is TPM?

Mon, 14 Sep 2009 00:00:00 GMT

"What is TPM?" published by Network World, can be found here: http://www.networkworld.com/community/node/45189.

Lumeta IPsonar Adds Real-Time Alerting; Advanced Mapping Capabilities for Host Level Devices

Tue, 08 Sep 2009 00:00:00 GMT

Reduce IT Complexity with Advanced Network Mapping for Comprehensive Network Visibility and Real-time Network Discovery Alerting for Actionable Data on All Networked Devices

Somerset, NJ - September 8, 2009 - Lumeta Corporation today announced the latest release of IPsonar®, the most comprehensivenetwork discovery and network mapping solution for large organizations. The latest release of IPsonar includes configurable, real-time alerting on network discovery information and significant host-level network mapping advancements.

With its extendable and flexible alerting management system, IPsonar now can be used to proactively highlight IT policy violations in real-time through actionable data as it's discovered on the network. IPsonar's alerts can be categorized by severity and priority, and are generated in standard formats, including SysLog or the IF-MAP protocol (Trusted Computing Group) to be easily integrated into other IT lifecycle tools for instantaneous remediation.

Pre-configured alerts available at the network level include discovered devices, unknown IPs, and non-responding networks. IT security policy violations can be identified through alerts on Inbound / Outbound Network Leaks or Active TCP Ports. Key management issues can be highlighted by alerting on issues like: IP spoofing, devices of a particular type, or those running a specific operating system.

Information supplied in the output of the alerting functions includes date/time of the event, IP and MAC of the devices, and other data relevant to the type of alerting event. More detailed information can be made available through the alerting management system.

Additionally, the latest release of Lumeta IPsonar continues to advance its award-winning network topology mapping capabilities. The latest release of the IPsonar product includes greatly enhanced mapping down to the end-node device. Now, when a user selects a router, for example, the map displays categorized, rich data on all attached hosts and devices. The product displays device details from the map (such as Vendor and OS information) and a filter can be overlaid to highlight connectivity surrounding a particular device.

"The type of network visibility IPsonar added with this release specifically will help Lumeta's clients with issues like IT policy audits, security planning, disaster preparedness, and troubleshooting or root-cause analysis," said Michael Markulec, chief operating officer at Lumeta. "One example is for an organization that has moved away from using Telnet. IPsonar will alert on any devices listening on that service port, and will show which addresses they are connected to. IPsonar's unique device and connectivity discovery capabilities proactively identify these issues - allowing IT managers to address the connectivity before an audit or breach occurs."

Lumeta IPsonar delivers uniquely comprehensive network discovery with the industry's most accurate network mapping capabilities, discovering layer 2 and layer 3 nodes and the complex relationships between those nodes, including application-layer visibility. Further, IPsonar is able to map even the largest networks at a considerably faster rate than other discovery tools, is agent-less and credential-less and is lightweight enough not to disrupt network operations. IPsonar remains the industry's only product which is able to discover and alert on unknown/unmanaged network connections and unknown/unmanaged network devices.

Using IPsonar's real-time network discovery alerting capabilities, IPsonar provides a way for network managers to scan and validate their policies in remote offices, without having to use costly manual discovery processes. IPsonar provides a broader frame of reference, looking at the network infrastructure as a whole, and delivering alerts on policy violations at the network level.
Lumeta IPsonar's latest version is available immediately. Pricing for a typical deployment starts at around $75,000, however pricing is dependent on the size of the network and number of connections. Service engagements, such as a network audit, are also available.

About Lumeta Corporation
Lumeta empowers large enterprise and government agencies with global network visibility, allowing them to understand how network change affects security, availability, and compliance.

Lumeta's IPsonar is the industry's only network assurance solution that discovers and maps every asset on a network, including assets not currently under management. This capability enables IT professionals to analyze the connectivity between assets and networks, uncover risk patterns, and automate the enforcement of network policies.

With this level of network assurance, IT organizations can harden security, improve business continuity, and deploy new services without impacting its ability to deliver existing services.

For more information, visit the Lumeta Web site at www.lumeta.com.

Lumeta, the Lumeta logo, IPsonar and the IPsonar logo are trademarks and service marks of the Lumeta Corporation. Other product and company names appearing in this document may be trademarks of their respective owners.

###
Media Contacts:
Rebecca Hagen
Lumeta Corporation
+1-732-357-3525
rhagen@lumeta.com
http://www.lumeta.com

Wi-Fi + NAC = BFF

Tue, 25 Aug 2009 00:00:00 GMT

"Wi-Fi + NAC = BFF" published in SC Magazine for IT Security Professionals can be found here: http://www.scmagazineus.com/Wi-Fi-NAC-BFF/article/147211/.

Trusted Computing Group to Showcase Pervasive Security at Forrester Security Forum

Mon, 24 Aug 2009 00:00:00 GMT

TRUSTED COMPUTING GROUP TO SHOWCASE PERVASIVE SECURITY AT

FORRESTER SECURITY FORUM

Great Bay Software, Juniper Networks, Lumeta and Wave Systems to Demonstrate
End-to-End Enterprise Security with Trusted Network Connect, Trusted Platform Module, Self-Encrypting Drives and Other Trusted Computing Technologies

PORTLAND, Ore. Aug. 24, 2009 - Event sponsor Trusted Computing Group (TCG) and member companies Great Bay Software, Juniper Networks, Lumeta and Wave Systems will host pervasive security demonstrations at the Forrester Security Forum 2009, Sept. 10-11, Hyatt Regency La Jolla, Calif.

Also at the Forum, Steve Venema, associate technical fellow at The Boeing Company, will address "Enterprise Metadata Services for NAC and Beyond" at the Guest Executive Forums on Thursday, Sept. 10, 3:00 - 3:30 p.m. Venema will talk about metadata as an important aspect of network access control and network security and will address Boeing's deployment of TCG's metadata access protocol and how the protocol can enable network location services and other metadata services.
Pervasive security demonstrations will include:

Data protection using self-encrypting drives (SEDs)

Dynamic differentiation and access control enforcement for a variety of users in mixed-use enterprise environments

Detection and remediation of illicit activity, such as data leakage by an endpoint

Industrial control system (SCADA) security with dynamic protection for interconnections between a control system network and an enterprise network

The Trusted Platform Module (TPM) protecting data, networks and systems

About Forrester Security Forum 2009

Forrester's Security Forum 2009 brings together industry experts and analysts to help Security & Risk professionals rethink the role of security within their enterprise. Attendees will learn how to navigate the new security reality in today's topsy-turvy business climate by mastering three major shifts: Shift In Expectations, Shift In Ownership, and Shift In Security Architecture.

CONTACT: Anne Price
1-602-840-6495
anne@prworksonline.com

Brands and trademarks are the property of their respective owners.

Press Release Available for Download Here: Trusted Computing Group to Showcase Pervasive Security at Forrester Security Forum

Protected Connection

Thu, 20 Aug 2009 00:00:00 GMT

"Protected Connection" published by FedTech Magazine can be found here: http://fedtechmagazine.com/article.asp?item_id=619.

It's Time To Integrate Physical And Virtual Security

Fri, 14 Aug 2009 00:00:00 GMT

"It's Time To Integrate Physical And Virtual Security" published by www.darkreading.com can be found here: http://www.darkreading.com/blog/archives/2009/08/integrated_phys.html.

Trusted Computing Group's Trusted Platform Module Gets ISO Standardization

Wed, 05 Aug 2009 00:00:00 GMT

TRUSTED COMPUTING GROUP TRUSTED PLATFORM MODULE SPECIFICATION GETS ISO STANDARDIZATION

Security Chip Widely Used in PCs and Other Devices Is Officially

An International Standard

PORTLAND, Ore. Aug. 5, 2009 - JTC1, a joint committee of the International Organization for Standardization, or ISO, and IEC, the International Electrotechnical Commission, has accepted and published the Trusted Computing Group Trusted Platform Module specification v1.2 as ISO/IEC standard 11889. The Trusted Platform Module (TPM), implemented as a stand-alone or integrated component, enables trust in computing platforms.

"The acceptance of the TPM specification by ISO/IEC confirms the position of the Trusted Computing Group as the premier industry group for trusted computing and attests to the growing usage of the specification to secure data, systems and networks," noted Scott Rotondo, president, Trusted Computing Group. "For governments, developers and users working in security and trusted computing, the ratification of the TPM specification by JTC1 assures adherence to a recognized international standard, protects development investments, and helps grow the market."

The international standardization of the TPM is anticipated to expand the development of applications for the TPM and the usage of the technology. Recognition of the TPM by ISO and IEC also is anticipated to provide clear direction to developers and users about Trusted Computing and the TPM.

The Trusted Platform Module, a widely available, inexpensive and easily used component on most PCs, is used to check PCs at start-up for any changes to the software used to run the computer and helps detect botnets, rootkits and other suspicious code before the PC is booted and connected to the network. The TPM stores keys, certificates and passwords securely and enables authentication and attestation, critical to trusted computing.

Documents from ISO include ISO/IEC 11889-1:2009, an overview of the TPM, which describes the TPM and how it fits into the trusted platform. ISO/IEC 11889-1:2009 describes trusted platform concepts such as the trust boundary, transitive trust, integrity measurement, and integrity reporting. Additional ISO documents provide TPM design principles, structures and commands.

ISO documents are located at http://www.iso.org/iso/catalogue_detail.htm?csnumber=50970. The TPM specification and related documents are online on TCG's website at http://www.trustedcomputinggroup.org/resources/tpm_main_specification.

Trusted Computing Group, an industry organization that enables computing security, has created a portfolio of specifications to enable more secure computing across the enterprise in PCs, servers, networking gear, applications, other software, storage and embedded devices. More information and the organization's specifications and work groups are available at the Trusted Computing Group's website, www.trustedcomputinggroup.org.

CONTACT: Anne Price
1-602-840-6495
press@trustedcomputinggroup.org

Brands and trademarks are the property of their respective owners.

Press Release Available for Download Here: Trusted Computing Group's Trusted Platform Module Gets ISO Standardization

Should Encryption be Optional?

Wed, 15 Jul 2009 00:00:00 GMT

"Should Encryption be Optional?" published by IT-Director.com can be found here: http://www.it-director.com/business/security/content.php?cid=11413.

NAC Appliances Hardest Hit in Network Security by Economic Downturn, Report Says, but Infonetics expects the NAC appliance market to rebound big time by 2013, to around $700 million

Mon, 29 Jun 2009 00:00:00 GMT

"NAC Appliances Hardest Hit In Network Security By Economic Downturn, Report Says, But Infonetics expects the NAC appliance market to rebound big time by 2013, to around $700 million" published by www.darkreading.com is available here: http://www.darkreading.com/insiderthreat/security/NAC/showArticle.jhtml?articleID=218101908.

Trusted Computing Group to Demonstrate Pervasive Security at Gartner Group Information Security Summit

Mon, 22 Jun 2009 00:00:00 GMT

TRUSTED COMPUTING GROUP TO DEMONSTRATE PERVASIVE SECURITY AT GARTNER GROUP INFORMATION SECURITY SUMMIT

WHO: Trusted Computing Group and member companies Great Bay Software, Lumeta Corporation and Wave Systems are exhibiting at the Gartner Group Information Security Summit.

WHAT: The companies will show "Pervasive Security" solutions for the employee cubicle, conference room and data center based on TCG's Trusted Network Connect architecture and the Trusted Platform Module. These examples will demonstrate how network security and TCG's Trusted Network Connect specifications, including the Metadata Access Protocol, are used to connect network and physical security and protect the network, data and systems.

WHEN: The Gartner Group Information Security Summit will be held Monday, June 29 - Wednesday, July 1.

WHERE: The Summit will be located at the Gaylord National Resort, Washington, D.C. TCG will host demonstrations in Booth 16 in the exhibit area.

WHY: Every day brings new reports of lost or stolen data, breached networks and new viruses, spam attacks and malware. Enterprise users can learn now to protect their data, systems and networks using interoperable, available products based on widely accepted industry standards from Trusted Computing Group.

MORE INFO: Gartner Group: www.gartner.com/us/itsecurity

Trusted Computing Group (TCG): www.trustedcomputinggroup.org

TCG on Facebook: http://www.facebook.com/pages/Trusted-Computing-Group/99778480008?ref=s

Follow TCG on Twitter: https://twitter.com/TrustedComputin

CONTACT: Anne Price
1-602-840-6495
press@trustedcomputinggroup.org

Hirsch Demonstrates Industry's First Standards-Based Network/Physical Access Control Enforcement Solution

Thu, 18 Jun 2009 00:00:00 GMT

Hirsch Demonstrates Industry's First Standards-Based
Network / Physical Access Control Enforcement Solution

Enhances Physical and Cyber Security and Compliance

SANTA ANA, CA, June 18, 2009 - Hirsch Electronics, a leading supplier of physical security management solutions, has teamed with IT industry leaders Juniper Networks and Infoblox to tie physical and network security together, increasing protection for both environments. As a result, customers can improve security and enhance compliance efforts by establishing physical presence as a policy for gaining access to various network resources.

The solution was implemented by the three companies using the open Trusted Network Connect architecture and IF-MAP open-standard protocol for metadata exchange endorsed by more than 100 companies that comprise the Trusted Computing Group (TCG). For Hirsch's part in this industry first, the award-winning Hirsch Velocity^TM Security Management System sent IF-MAP based physical event messages (metadata) to the Infoblox appliance, which in turn notified the Juniper network appliance that enforced Network Access Control (NAC) policies.

NAC, widely embraced by the IT and networking industry, enforces a variety of network security policy checks. For instance, a NAC enabled network can prevent a computer from accessing other resources until the computer is confirmed to have an adequate level of anti-virus protection. NAC enabled routers, switches, and firewalls can grant or deny a given user wired or WI-FI network access to the Internet or access to other network resources such as datacenter servers, IP phones, and more. This new capability takes NAC one step further by allowing a person's physical presence to be used as a pre- and post-network admission policy.

A demonstration of this new linkage between physical and network security was showcased in the Trusted Computing Group's Interop Las Vegas booth in May. The demonstration garnered enthusiastic responses from end-users, integrators and industry analysts alike.

"This convergence concept has been discussed for some time but has been slow to actually gain market traction," noted Andrew Braunberg, research director, enterprise security and networks, for Current Analysis. "It is encouraging to see an ecosystem of companies coalescing around a set of open specifications that allow them to enable this convergence while also supporting best of breed functionality."

"This is an excellent proof-point for how extensible the Trusted Network Connect architecture and TCG's specifications are," commented Stephen Hanna, co-chair of TCG's Trusted Network Connect Work Group and Juniper Networks distinguished engineer. "Through TCG's IF-MAP protocol, physical security events can now trigger network security enforcement policies and vice-versa. Hirsch's support and innovative collaboration with other TCG members Juniper and Infoblox has demonstrated that TNC can be deployed to make security pervasive in any organization."

At Interop, the Hirsch Velocity system received access requests to enter a building as well as secure building locations, such as a development lab or datacenter, using both contactless smartcards and personal identification number (PIN) credentials. Access grant and denial messages were sent in real-time to Infoblox's 1550 Network Services Appliance, which acted as a clearinghouse for events and device status. The Infoblox server automatically sent notification of changes to the Juniper Networks IC Series Unified Access Control Appliance, which enabled or disabled the credential holder's network access per pre-established policies.

Within many business and other environments, a wide range of policy-based network actions could be implemented. For instance, the policies could dictate where, when and how authorized users can access network resources or make use of virtual private networks (VPN). Similarly, Hirsch's Velocity could receive network event messages from IF-MAP-enabled devices to implement a new level of situational awareness and enforce new physical security policies, including locking down a building due to an internal network breach.

Stuart Bailey, chief technology officer for Infoblox and IF-MAP specification co-editor, observed, "The demo was very compelling; many of the Interop attendees who viewed it expressed interest in deploying this type of multi-dimensional security that can link network access policy to physical presence and vice-versa. This gives us further confidence that MAP solves real-world problems and opens up exciting applications. We're excited to be working with TCG and with leaders like Hirsch and Juniper to bring about a new era of open, interoperable systems."

"With this multi-vendor effort, we are on the cusp of delivering a comprehensive security solution with policy enforcement from building entrance to the computer and phone to the 'cloud,'" noted Bob Beliles, vice president of enterprise business development for Hirsch Electronics. "At a minimum, by requiring employees to badge-in prior to gaining network access, organizations should see a significant reduction in 'tailgating.'" This is the situation where one employee or an unauthorized person bypasses the access control system and audit logs by following an authorized employee through a door without each person presenting his card or code to the entry reader. "Moreover, the same Hirsch credential, with its secure digital identity, could not only be used to enter a building, it could also be used to log-on to a PC and used again for authenticating network access requests. As a result, organizations should be able to more easily account for who is inside their buildings and better comply with various government and industry regulations."

About Hirsch Electronics

Hirsch manufactures security systems for worldwide markets. Hirsch's solutions integrate access control, video, intrusion detection, identity management, smart cards and biometrics. Hirsch is part of SCM Microsystems, a world leader in smart card-based technology. Together, SCM and Hirsch offer converged physical and logical security solutions to safeguard facilities, computers and commerce. For more information, visit www.HirschElectronics.com (NASDAQ: SCMM, Prime Standard: SMY)

About Infoblox

Infoblox delivers highly reliable and manageable platforms for core network services like domain name resolution (DNS), IP address assignment (DHCP), IP address management (IPAM) and more. Infoblox solutions - essential for the move from static networks to dynamic infrastructure and applications - are used by over 3,500 organizations worldwide, including over 100 of the Fortune 500. The company is headquartered in Santa Clara, Calif., and operates in more than 30 countries. For more information visit www.infoblox.com

About Trusted Computing Group (TCG)

The Trusted Computing Group is a not-for-profit organization formed to develop, define, and promote open standards for hardware-enabled trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications will enable more secure computing environments without compromising functional integrity, privacy, or individual rights. The primary goal is to help users protect their information assets from compromise due to external software attack and physical theft. More information and the organization's specifications are available at the Trusted Computing Group's website, www.trustedcomputinggroup.org

Referenced brand names are trademarks or registered trademarks of the respective company or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.