Security vendor list
Aladdin Knowledge Systems
Founded in 1985, Aladdin Knowledge Systems (http://www.ealaddin.com) develops and
markets products that protect against software piracy, license infringement, unauthorized access
to computer and network resources, and Internet risks that threaten the safety and security of
people and networks around the world. With a worldwide network of 50 distributors and eight
company-owned offices, Aladdin supports customers in more than 100 countries, providing
solutions to millions of individuals and corporations, including major banks, financial institutions,
Fortune 100 companies, international governments, and major educational institutions.
Type of product Software and support
Product eSafe (http://www.ealaddin.com/esafe/) provides proactive, multitiered
Internet content security from the gateway to the desktop, protecting the
entire enterprise from: malicious code that destroys or steals digital assets,
inappropriate and nonproductive material, the misuse of company
resources, and Internet-borne content. Its components are:
• eSafe Gateway
• eSafe Enterprise
• eSafe Desktop
eToken (http://www.ealaddin.com/etoken) is a portable USB authentication
device. EToken stores private keys, passwords, or electronic certificates in
a USB-based token the size of a house key, enabling businesses to
provide secure remote access, verify identity, and enable secure business-
to-business e-commerce through digital certificate storage.
HASP (http://www.ealaddin.com/hasp/) is a hardware-based system that
protects software developers against piracy and illegal use by preventing
unauthorized access and execution of the protected software.
Privilege (http://www.ealaddin.com/privilege/) is an integrated electronic
licensing system that allows software vendors, publishers, and resellers to
securely sell and license software via the Internet.
Price Pricing will vary. Many products offer a free evaluation period and
can be downloaded from the company Web site. ESafe Desktop is
available for free at www.eAladdin.com.
References None provided
Virus Center Content Security Resource Center (http://www.ealaddin.com/home/
Computer Associates International, Inc. (http://www.ca.com), a business software company,
delivers the end-to-end infrastructure to enable e-business opportunities through innovative
technology, services, and education. CA has 20,000 employees worldwide and had revenue of
over $6 billion for the fiscal year ended March 31, 2000.
Type of product Software
Product Computer Associates’ security product is eTrust
(http://www.ca.com/etrust/), a security suite comprised of:
• Access Control
Policy-based, resource-level authorization and access control
across a distributed enterprise. Access Control protects the
server/host and logs all attempts to intrude.
• Admin (http://www.ca.com/solutions/enterprise/etrust/admin/):
Policy-based role/group, user and resource privilege
management across heterogeneous enterprise systems. Admin
provides a single point of control across multiple systems.
virus protection across the enterprise from the Internet gateway,
server, and the local desktop with centralized policy
management. Also available as InoculateIT.
• Audit (http://www.ca.com/solutions/enterprise/etrust/audit/):
Centralized, enterprise-wide collection of security-specific
auditing information from host operating systems, including
Windows NT and UNIX.
• Content Inspection
n/): Detects, blocks, and alerts you to malicious code, including
Java and ActiveX, at the gateway. Content Inspection is open
and extensible and supports all protocols.
X.500-standards compliant, scalable, fault-tolerant directory
services for the enterprise backbone structure. Provides LDAP
interfaces and works with the popular directories, including MS
Active Directory, NDS, and NIS. Can support more than
20,000,000 entries and 1000 searches per second.
Simplifies end-to-end secure communication by encrypting the
payload. Allows you to remotely manage multiple locations.
ETrust Encryption provides three levels of security: LOC (Low-
Overhead Cipher), DES (Data Encryption Standard), and DES3
(an enhanced Data Encryption Standard).
• Firewall (http://www.ca.com/solutions/enterprise/etrust/firewall/):
Fast, efficient, and manageable protection of networks using
state-of-the-art technologies that protect against low-level
protocol attacks and manage multiple pipes.
• Intrusion Detection
on/): Intelligent real-time network intrusion detection and
prevention. Protects against low-level protocol attacks, server
and desktop intrusion attempts, and the deployment and
execution of Distributed Denial of Service attacks. Detects
viruses and malicious applets traversing the internal network.
Detects and blocks inappropriate network access to internal
services, desktops, and outside URLs.
• OCS Pro
Provides a scalable and distributed Online Certificate Status
Protocol (OCSP) responder implementation, allowing any client
application to authenticate a digital certificate from a trusted
authority in real time.
• Policy Compliance
e/): Regularly monitors your systems to identify weak points in
your organization’s security policies, automatically generating
• Single Sign-On
Provides a single user interface to one or more applications on
one or more platforms (including the Web).
• VPN (http://www.ca.com/solutions/enterprise/etrust/vpn/):
Secures all application traffic, centrally manages all servers,
and provides detailed audit logs for comprehensive analysis
through drill-down querying and reporting. Open and extensible,
eTrust VPN works across any firewall, including proxy- and
Price See Web site
References No response by publication time
Virus Center Virus Information Center (http://www.ca.com/virusinfo/)
Counterpane Internet Security, Inc. (http://www.counterpane.com/) provides Managed Security
Monitoring services for e-businesses. Founded by security technologist and author Bruce
Schneier and security executive Tom Rowley, the services include 24/7 monitoring, as well as
real-time penetration detection and response with expert human interface. Counterpane offers
around-the-clock monitoring of the entire network, attack prediction, immediate response to
intrusions, and frequent reporting.
Type of product Monitored security service
Product Managed Security Monitoring
Price 24/7 security monitoring at about $12K per month.
References Jim Hurley, Aberdeen Group
Steve Hunt, Giga Information Group
Virus Center N/A
KPMG Consulting, Inc.
KPMG Consulting (http://www.ktransactions.com) provides consulting services and products
along six industry lines: communications and content, consumer and industrial, financial services,
health care, high tech, and public sector. KPMG’s primary focus is on Internet and e-business
services, including strategy, supply chain and customer management, systems integration, and
outsourcing. KPMG Consulting operates in more than 160 countries. KPMG owns 80.1 percent of
the company; networking equipment maker Cisco Systems owns 19.9 percent.
Type of product Customized security solutions
Product The KTransactions Group provides end-to-end eCommerce
solutions scaled to fit the client’s needs. Applications hosting is also
eJumpstart (http://www.ktransactions.com/ejumpstart.htm) offers a
comprehensive approach to successfully plan and launch an
Internet e-business. Services include market analysis, overall
strategy, and planning marketing, distribution, pricing, and support.
KPMG provides complete design and implementation of
infrastructure services for security and transaction processing
(Certificate Authority, ePay, and eBill).
• Certificate Authority (CA) enables clients to quickly deploy
the Public Key Infrastructure (PKI)-based security solutions
needed in today's e-commerce marketplace. CA manages
the registration, creation, distribution, and life cycle
management of digital certificates while allowing the client
to have full control over approval of who is to receive and
use them. Pricing for the issuance and ongoing
management of customized digital certificate programs for
clients is individually negotiated.
• ePay services encompass a transaction-based revenue
building strategy with an ability for B2B or B2C e-commerce
Web sites to securely accept credit cards and electronic
funds transfers (EFT) via ePay Gateway. Pricing is market-
competitive and is based on initial setup, recurring, and
• eBill enables companies to translate their paper-based
legacy billing data to the Internet.
Price See above
Clients/References NetAid (http://www.netaid.org/)
KPMG Consulting designed the security infrastructure design and
implemented the ePay solution for NetAid. This ePayment solution
is capable of accepting credit cards from more than 110 countries
around the world, and can process 1,000 secure transactions per
second, with an estimated 10 million credit card donations to be
processed in the initial three months.
State of Texas
KPMG Consulting designed an electronic framework for the state of
Texas. The eGovernment Framework will provide license renewals,
franchise and sales tax filings, electronic bill presentation, and a
host of information and services designed to serve the people of
Texas. The eGovernment Framework will be accessible by over 26
million citizens and utilized by 200 agencies. Bilingual and adaptive
technologies are part of the framework's functional design.
Contact KTransactions: Thomas Patterson, (703) 747-3220,
eJumpstart: David Walters, (703) 747-6996,
CA: Ken Fiduk, (512) 320-5242, kfiduk@KPMG.com
ePay: Forrest Snowden, (404) 846-0666, fsnowden@KPMG.com
eBill: Bohghee Lau, (617) 988-1687, bohgheelau@KPMG.com
PentaSafe Security Technologies, Inc. (http://www.pentasafe.com/) creates software to audit,
secure, and protect operating systems, applications, and data. PentaSafe's VigilEnt Security
Management Solution provides companies with a systematic way to audit, assess vulnerabilities,
define security policies, implement, and manage the security of a heterogeneous IT enterprise
from a central point of control. PentaSafe Security Technologies is a privately held company with
offices in Houston, Oklahoma City, Copenhagen, London, Frankfurt, Paris, and Buenos Aires.
Type of product Security audit and management software
Product PentaSafe's technology is highly scaleable and affordable, meeting
the needs of the largest companies as well as small to medium-size
VigilEnt Security Manager
(http://www.pentasafe.com/products/vigilEnt.htm): VigilEnt allows
companies to centrally audit and analyze different systems,
applications, and servers, including Windows NT, UNIX, IBM
AS/400, and Web servers.
VigilEnt Security Agents for:
• Windows NT
• UNIX (http://www.pentasafe.com/products/unixagent.htm)
• IBM AS/400
• Linux (http://www.pentasafe.com/products/linuxagent.htm)
• Apache Web servers
These agents monitor security and event data, and forward that
information to the VigilEnt Security Manager.
Price Pricing ranges from $750 per system to $7,500 per system,
depending on the system.
Clients/References Today, over 1,200 customers use PentaSafe's solutions, including
four of the "Big 5" auditing firms, one-third of the Fortune 100, and
many small to medium-size businesses. Customers include
Enterprise Rent-A-Car, Staples, ADP, McLeod, Lexmark, LG&E,
Ernst & Young, Abbott Labs, Allied Signal, American General, First
Union, British Airways, and Coutts Bank UK.
Virus Center N/A
RSA Security Inc. (http://www.rsasecurity.com) helps organizations build secure foundations for e-
businesses through its RSA SecurID two-factor authentication, RSA BSAFE encryption, and RSA Keon
public key management systems. There are nearly a half billion RSA BSAFE-enabled applications
currently in use worldwide, with more than six million RSA SecurID users.
Type of Software solution
Product RSA SecurID (http://www.rsasecurity.com/products/securid/index.html): RSA SecurID
two-factor authentication is based on a password or PIN, and an RSA authenticator
(http://www.rsasecurity.com/products/securid/authenticators.html) smart card or token.
RSA BSAFE (http://www.rsasecurity.com/products/bsafe/) developments kits enable
software and hardware developers to incorporate encryption technologies into their
RSA Keon (http://www.rsasecurity.com/products/keon/) public key infrastructure (PKI)
products, including server, desktop, and application solutions.
Price See RSA’s Web site
References See RSA’s Web site
Virus Center N/A
Contact (781) 301-5000
Symantec (http://www.symantec.com) provides content and network security solutions to individuals and
enterprises, including virus protection, risk management, Internet content and e-mail filtering, and mobile
code detection technologies. Headquartered in Cupertino, CA, Symantec has worldwide operations in
more than 33 countries.
Type of Software solution
Product Norton AntiVirus Enterprise Solution 4.0 (http://www.symantec.com/nav/nav_es/):
• Symantec System Center, a centralized management, auditing, and incident
• Norton AntiVirus Corporate Edition 7.0
• Norton AntiVirus Corporate Edition 7.0 for NetWare
• NAV for OS/2 Server and Client
• NAV for Macintosh Client
• NAV for Lotus Notes/Domino for NT
• NAV for Microsoft Exchange for NT
• NAV for Lotus Notes/Domino for OS/2
• NAV for Internet Email Gateways for NT
• NAV for Firewalls for NT
Norton Internet Security 2000 2.0 for Win95/98/NT/2000
for small businesses and home PCs. This package:
• Detects viruses.
• Blocks banner ads and pop-up windows.
• Guards against malicious script.
• Filters content.
• Restricts outgoing information.
I-Gear (http://www.symantec.com/sabu/igear/indexA.html): Server-based, Internet
content filtering and user management solution.
Mail-Gear (http://www.symantec.com/sabu/mailgear/): E-mail filtering software that
prevents spam, and filters inappropriate content.
Expert 4.1 (http://www.symantec.com/networksecurity/expert/): A network risk analysis
tool that can measure and manage network security risk, and perform meaningful
business impact analysis.
Retriever 1.5 (http://www.symantec.com/networksecurity/retriever/): Retriever™ is a
proactive network security management tool that automatically discovers and maps
network components, unobtrusively identifies vulnerabilities, provides safeguard and
policy recommendations, and performs customizable network audits.
See Web site for more products.
Price See Web site
References See Web site
Virus Center Symantec AntiVirus Research Center (http://www.symantec.com/resource.html)
Contact 1(800) 441-7234
Trend Micro Inc.
Trend Micro (http://www.antivirus.com/) is a provider of enterprise antivirus and content security
software. Its products are designed to protect the flow of information at the Internet gateway, on
mail servers, file servers, and PCs, providing a comprehensive, centrally-controlled, multilevel
system for protecting the enterprise network from Internet-based and e-mail-borne security
threats. Trend Micro delivers a range of Web-based services for consumer and corporate users,
and is working to build security into the infrastructure of the Internet through its eDoctor Global
Network, which helps leading service providers deliver value-added Internet content security
services to their customers.
Type of product Software solutions
Product Trend Micro's products are designed for the high-performance
requirements of large organizations, but are scalable to work with
any size environment. All installed products feature Web-based
update capabilities for virus pattern files. Scan engines give users
the latest available protection, and come with one year of
Small to medium-size companies may find the following network
and desktop antivirus products especially suited for their
ServerProtect (http://www.antivirus.com/products/svrprt/): Virus
protection for Windows NT and Novell NetWare servers to prevent
virus-infected files from being copied to shared drives or infecting
archives during back-up procedures. Multiple servers and domains
are protected with real-time scanning, detection, and removal of
macro viruses from even-compressed file formats. Fully compatible
with Windows 2000, Office 2000, Cluster Server, Terminal Server,
and Index Server. ServerProtect for 25 users is priced at $600.
OfficeScan (http://www.antivirus.com/products/osce/): Desktop
antivirus for the enterprise. This virus scanning and detection
application is centrally managed from the network, allowing
administrators to update, configure, and monitor from a single Web-
based remote management console. OfficeScan Corporate Edition
is supported on Windows NT and Netware; a 25-user license is
priced at $300. OfficeScan for Microsoft Small Business Server
provides virus protection for Microsoft BackOffice SBS v 4.5.
PC-cillin (http://www.antivirus.com/pc-cillin/products.htm): Stand-
alone antivirus solution for home computer users. Using the same
scanning and detection technology found in Trend Micro's
enterprise-level products, PC-cillin scans and removes boot, file,
and macro viruses; protects against malicious Java applets, ActiveX
controls, and Web scripts; and filters inappropriate material. Single-
user copies available for download for $29.95, or on CD-Rom for
HouseCall (http://housecall.antivirus.com/): Trend Micro's free
Web-based antivirus scanning and detection service available for
PCs, Exchange, and Lotus Notes, without requiring installation.
Packaged solution for the entire network. Includes InterScan
VirusWall, ScanMail for Exchange (or Lotus Notes), ServerProtect,
OfficeScan Corporate Edition, and Trend VCS. A 25-user license is
priced at $1,145.
InterScan VirusWall (http://www.antivirus.com/products/isvw/):
Scans SMTP, HTTP, and FTP traffic at the Internet gateway for
protection against Internet-based viruses and content security
threats. Customizable notifications, detailed virus activity logs, and
automated updates provide powerful tools for the enterprise
administrator. Compatible with most major firewalls, including
CheckPoint Firewall-1, InterScan VirusWall supports the widest
variety of platforms, including Windows NT, Solaris, and Linux and
HP-UX. A 25-user license for InterScan VirusWall is $725.
InterScan AppletTrap (http://www.antivirus.com/products/isat/):
Protects against malicious Java applets, ActiveX controls, and Web
scripts that can be embedded in HTML pages. Hostile applets,
downloadable via the Internet, have the potential to grow quickly as
a vehicle for hackers and virus writers who intend to destroy
information and compromise security. A 25-user license for
InterScan AppletTrap is priced at $600.
(http://www.antivirus.com/products/webmanager/): Filters URLs,
stops viruses, and secures and manages Internet traffic.
WebManager provides integrated, comprehensive virus detection
and removal of all incoming files, including zipped files and
malicious Java and ActiveX code from Internet downloads. Internet
traffic monitoring helps ensure employee productivity and manage
bandwidth. A 25-user license for InterScan WebManager is priced
ScanMail: Scans e-mail messages and attachments on Lotus
Notes (http://www.antivirus.com/products/smln/), Microsoft
Exchange (http://www.antivirus.com/products/smex/), Lotus cc:Mail
(http://www.antivirus.com/products/smcc/), and HP OpenMail (http://
www.antivirus.com/products/smom/) servers to help stop viruses
before they have a chance to spread to mail clients. Optimized for
each different messaging environment, ScanMail provides high
performance, in-depth scanning of even-compressed-format files
with minimal impact on server performance. A ScanMail 25-user
license for Exchange, Lotus Notes, and HP OpenMail start at $600;
a 25-user license for ScanMail cc:Mail starts at $300.
eManager (http://www.antivirus.com/products/isem/): Content
filtering plug-in for ScanMail for Exchange and InterScan VirusWall
blocks unsolicited bulk e-mail (spam), prevents confidential or
inappropriate information from entering or leaving the organization,
and balances e-mail traffic loads. A 25-user license for eManager is
priced at $181.
Trend Virus Control System (Trend VCS)
(http://www.antivirus.com/products/trend_vcs/): Web-based HTML
console coordinates the functions of most Trend Micro products
over multiple user sites. Administrators can use Trend VCS to
install, update, upgrade, and configure Trend Micro software
running on their networks. A single administrator's license is priced
Price All products (except for PC-cillin) are sold on a per-seat basis;
minimum license package is for 25 users. All prices are stated at
suggested retail price in U.S. dollars. Evaluation copies of Trend
Micro's products can be downloaded for a 30-day trial period.
Clients/References Trend Micro's security solutions have been chosen by leading
companies such as Boeing, Bank of America, Hewlett-Packard,
Chase Manhattan Corp., Lucent Technologies, GTE, ConAgra,
Coca-Cola, MCI WorldCom, UAL, Sprint, and Electronic Data
Systems. To read in-depth features on some of Trend Micro's
customers, see Trend Micro's Web site
Virus Center Trend Virus Information Center (http://www.antivirus.com/vinfo)
During a virus outbreak event, Trend Micro's average time to
provide new pattern file updates for its enterprise customers and on
its Web sites is about one hour from detection.
TruSecure (http://www.trusecure.com) is a comprehensive security assurance program that
helps hundreds of Internet-connected organizations increase their security using the people and
products they already have. TruSecure is powered by the experience and expertise of ICSA.net,
which has spent 10 years setting security industry standards and certifying virtually every Internet
security product on the market.
Type of product Security assurance/analysis
Product TruSecure enables organizations to achieve and maintain a sound
and proactive security posture against new threats and
vulnerabilities, new business requirements, and new network
environments. The program follows a multilayered approach and
incorporates over 100 security controls, providing security
assurance in six major areas of risk:
• Electronic Threats and Vulnerabilities
• Malicious Code
• Physical Security
• Human Factors
Price TruSecure is a flat-rate priced program that provides companies
with all the support they need from ICSA.net's security analysts to
achieve the standards of a sound security posture. The annual cost
is generally $80,000, although that flat price will be driven by the
complexity of the organization, the number of facilities to be
certified, and other factors.