Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Full Disk Laptop Encryption

from [Bob Beringer] Network Security [Permanent Link]
Subject: RE: Full Disk Laptop Encryption
Date: Thu, 27 Sep 2007 15:09:31 -0400 
Rob,

Thanks for the email, a couple of the issues with PointSec right the last time 
that I checked is that they didn't offer digital signature support, MAC agents, 
and don't support encryption for Data-in-Motion.  There were other deficiencies 
that came up during our bake-off, but these are a few to get you started...  
Don't get me wrong PointSec has a pretty decent offering and a lot of folks 
like them, but I try to talk about things on list from a technical perspective 
first.

An older public bake-off document was released via the link below and it might 
provide value to the group.

http://www.networkcomputing.com/showArticle.jhtml?articleID=193500189

My team developed a really cool integrated solution with several of the 
whole-disk encryption solutions for multi-factor authentication and remote 
access for some of our government clients and really had to dig into the weeds 
to find out which solutions played better with others, so my thoughts below are 
tied closely to what works well in an enterprise, what the goals of the 
organization might be and what type of integration that each environment needs.

Two last notes, PGP now has a universal server and they have a MAC client with 
enterprise key management for the MAC's. Lastly, TECSEC has a very flexible and 
powerful solution for encrypting objects and other data in motion as well 
protecting as Data at Rest. (mind you in this case that flexible also might 
mean more initial set up time and effort...)

I hope that this information helps :-)

v/r
Bob
+12404756858


-----Original Message-----
From: Rob Thompson [mailto:my.security.lists@gmail.com] 
Sent: Thursday, September 27, 2007 1:50 PM
To: Bob Beringer
Cc: Lafosse, Ricardo; security-basics@securityfocus.com
Subject: Re: Full Disk Laptop Encryption

On 9/27/07, Bob Beringer <bob@eor.us> wrote:

Ricardo,

Pointsec has some limitations, other solutions that are worth looking into
are:


Which would be?  I'm not trying to be confrontational, I am simply curious.

I have personally used WinMagic, PointSec and PGP.  I am not familiar
with the TecSec, though I am curious as to what limitations you would
be referring to in regards to PointSec.

IMO I would use either PointSec or SecureDoc, by WinMagic.  I would
stay away from PGP's product like the plague.

They are both extremely thorough.  Pointsec with it's current release
is much faster, and has quite a few handy features, like disabling
removeable media until authentication, etc...  I haven't used
SecureDoc since it's been Linux compliant, so I can't speak on it's
newer revisions...

<snip>

-- 
Rob
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Anonymizing Packets yet ensuring 0 % packet loss, Brett Cunningham
Next by Date:  RE: Internet usage and monitoring, Petter Bruland
Previous by Thread:  Re: Full Disk Laptop Encryption, Rob Thompson
Next by Thread:  Re: Full Disk Laptop Encryption, Rob Thompson
Indexes:  [Date] [Thread] [Top] [All Lists]