Secaron is organising a breakfast session addressing the security policy compliance challenge.

The session will focus on implementing a security compliance framework with Symantec Enterprise Security Manager. Within two hours, we will demonstrate how to measure an organisation’s existing security profile against international, local and corporate standards.

Symantec Enterprise Security Manager 6.1 provides pre-configured policy assessment templates to help you ensure your organisation’s compliance with many Government regulations, including ISO 17799, Basel II, Sarbanes-Oxley and SANS Top 20.

Symantec Enterprise Security Manager helps to offer :

• A cost-effective solution across all critical systems
• More effective measurement, monitoring and enforcement of IT security
• Customisable dashboarding for every level within your organisation
• Highly scalable reporting solution with no rollout software requirements for the end dashboard user
• More than 75 predefined reports showing compliance state and trends, specific violations and configuration changes on host systems to support industry standards and regulations

If you are interested in this subject and you want to find out how your business can benefit from Symantec Enterprise Security Manager 6.1, Secaron will be pleased to welcome you on its next Security Breakfast.

When :
Wednesday 15 March 2006, 8.30-10.30 am

Reservation :
Anne-France Sterpin
sales (at) secaron (dot) lu

A few days ago, Secaron was invited by the CLUSSIL to participate in the first “Group de travail CASES” meeting. Some of us, Anne-France, Manu and myself, went to this meeting which was animated and interesting. But what is Cases?

CASES (Cyberworld Awareness Security Enhancement Structure) is a project by the Luxembourgish Ministry of economy which aims at make users aware of the dangers related to Information security. It operates through an Internet portal, trainings, and a anonymous alerting structure. One of its goal is to highlight, in an easy-to-understand and sanitized language, what’s at stake for the citizens and the SME. On another level, Cases is also completely integrated in a european structure that deals with the same problematic.

During the meeting, we were introduced to CasiX which is actually the tool that enable the Cases Nodes to put in place the necessary structure to anonymously report alerts and communicate with the the Cases control center.

It ended with a relatively animated question session that allowed the participants to order the CasiX CDs to test it. So did we . For more information about the Cases initative and CasiX framework, please visit http://www.cases.public.lu/ and http://casix.cases-cc.org/.

In march 1996, almost 10 years ago, Check Point was announcing the first firewall for Windows NT ever. At that time, it was a small revolution, as all security software till then was running on Unix platforms.

From the press release : “San Francisco, Calif. – March 12, 1996 — Check Point Software Technologies, Ltd., the market share leader in network security software, today unveiled its award-winning Check Point FireWall-1 for Microsoft Windows NT, delivering the first shrinkwrapped firewall product on the Windows NT operating system.”

That said, after 10 years, it looks like they are coming back to the sources. Most Firewall-1 installations are now made on Nokia IPSO (originally based on a FreeBSD kernel) and Secure Platform (Linux).

We attended a seminar today organised by the CRP Henri Tudor at the Technoport Schlassgoart in Esch/Alzette. It was an IT security awareness meeting targeting small and medium businesses. Paulo made a pragmatic presentation to explain the 30 attendees what are the basic steps to secure small IT infrastructures.

The presentation will be put online shortly.