HP, IBM, Sun to unveil server security initiative

Hewlett-Packard (HP), IBM and Sun Microsystems are allying with three security providers to announce an open standards initiative for safe computing on Aug. 5.

Although the vendors did not provide details of the initiative in an invitation to a conference call on the subject sent Friday, Gartner analyst John Pescatore said that the announcement centers around the adoption of a technology allowing companies to monitor changes made to software on servers.

Pescatore said he was previously briefed on the subject and that the initiative will bring technology from Tripwire to HP, IBM and Sun's server products.

The announcement is being made with Tripwire, RSA Security, and InstallShield Software.

Portland, Oregon-based Tripwire develops technology that uses digital fingerprints and is designed to let companies see if software on their servers has been changed. RSA will make the digital signatures, Pescatore said, and Tripwire will provide the signature database.

InstallShield provides software that enables the distribution and management of software and digital content.

Using the technology, a company would be able to tell if a hacker takes a software module and puts a trojan program version in its place, Pescatore said, because it would not match the fingerprint of Sun, HP or IBM's software.

According to the analyst, 80 percent of the most common attack paths involve changing the software on the machine.

"This is pretty effective for (fighting) common attacks," Pescatore said.

However, he noted that the "obvious downside is who is missing" -- Microsoft Corp. and Linux vendors.

"Everyone has Microsoft servers in the mix," Pescatore said, so the security offered by the initiative will not be as strong as it could be if Microsoft were involved.

Sun has invested in Tripwire in the past and it's possible that it could include the auditing technology in its Solaris operating system, Pescatore said. Whether HP and IBM include the technology in their software or just make it available with their products remains to be seen.

A conference call on the announcement scheduled for 8 a.m. PDT Aug. 5 will include HP's Chief Technology Officer (CTO) Jan-Maarten van Donger.

Sun's Product Line Manager for Solaris Security Mark Thacker will also be on board, as will Tripwire President and Chief Executive Officer Wyatt Starnes, along with other executives.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about GartnerHewlett-Packard AustraliaIBM AustraliaMicrosoftRSA, The Security Division of EMCSun MicrosystemsTripwire

Show Comments