FRAMINGHAM (01/21/2000) - A tool designed to be a single means of securing Windows NT Web servers was among those recently introduced by Hewlett-Packard Co. at the RSA 2000 security conference in San Jose.
The HP Praesidium WebEnforcer for NT automatically eliminates known security vulnerabilities, implements best practices for security, monitors security settings and enforces those settings when changes are detected, the company said.
The company is also offering the HP SecurityUpdate subscription service, which updates information technology professionals and security contractors on new vulnerabilities.
Dennis Szerszen, director of security strategies at Hurwitz Group Inc., a Framingham, Mass.-based consulting firm, says HP is breaking new ground with a comprehensive product that could reduce the cost of buying and integrating individual security tools.
"Because all key components of the environment, including operating system, Web server and transaction server, are protected with a single integrated security solution, there is no need for IT administrators to buy and integrate a collection of point products," Szerszen said.
When threats or potential vulnerabilities are detected, WebEnforcer disables system services and subsystems that could open security holes.
It also secures Distributed Component Object Model permissions and remote registry access, secures hundreds of registry settings, assigns appropriate user rights and secures files, folders and other vulnerabilities intruders could exploit.
HP Praesidium WebEnforcer for NT is available for $2,995 per server. The HP SecurityUpdate subscription service, which includes technical support, is priced at $695 per year.
HP also introduced HP DomainGuard Enterprise 1.0, a Web access control tool designed to address security management for extranet portals.
The Web authorization manager provides centralized, role-based access control and single sign-on for all Web objects on multiple Microsoft Corp. Internet Information Server/NT Web servers.
HP said the product reduces development and deployment costs by eliminating the need to build security into each Web application. Pricing depends on configuration.