Press Release
Applied Identity and SignaCert Announce First Solution to Leverage SignaCert's Global Trust Repository for Network Policy Enforcement
May 12, 2009
Security Solution Uses Application Whitelisting to Protect Networks from Malicious Software
SAN FRANCISCO, CALIFORNIA and PORTLAND, OREGON – May 12, 2009 — Applied Identity, Inc., a leader in identity aware network security solutions, and SignaCert Inc., a leading provider of IT compliance solutions based on whitelisting methods, today announced that both companies have partnered to deliver a new solution for protecting networks from attacks propagated by malicious client software. The solution leverages Applied Identity's Identisphere™ Identity Aware Network solution and SignaCert's Global Trust Repository offering to enable enforcement of network access policies based on user identities and client application signatures. Applied Identity is also the first network policy enforcement vendor to announce product support for SignaCert's third-party aggregation of Microsoft's software measurements into its Global Trust Repository (see SignaCert's announcement from April 21, 2009: http://www.signacert.com/company/news/press/042109.html).
In the March 27, 2009 report "Magic Quadrant for Network Access Control," Gartner, Inc. analysts Lawrence Orans, John Pescatore and Mark Nicolette state "NAC is being implemented in 2009 differently from the way it was originally envisioned back in 2003 and 2004. That period was the height of the worm era, and the common wisdom at the time was that NAC would be used to block PCs from accessing the network if they were noncompliant (for example, if they were missing patches or their antivirus signatures were out of date). In 2009, that approach is rarely used, because most organizations are reluctant to block employees from the network (and from doing their jobs) just because their PCs are noncompliant."
"The joint solution from Applied Identity and SignaCert addresses the acknowledged limitations of using NAC to protect networks from malware," said Brian Nugent, President and CEO of Applied Identity. "Identity aware networking is unique in that it can leverage user identity information stored in corporate directories to enforce network access policies and monitor network use. The joint solution with SignaCert extends this capability by also allowing managers to define network access policies based on the verified identities of the client-side applications that users are invoking to access the network. Access to certain network resources can be limited by policy, for example, to specific users and clients. This enables organizations to protect their critical resources from malware without otherwise limiting a user's ability to connect to the network."
"SignaCert's Global Trust Repository provides an authoritative list of known-provenance and vendor independent software measurements, or whitelists," said Wyatt Starnes, Founder and CEO of SignaCert. "The identity and integrity of the client-side applications are validated against SignaCert's Global Trust Repository to ensure that they are legitimate and not rogue applications or malware, allowing organizations to leverage this information while making access control decisions within their networks. The result is an unprecedented visibility into the integrity of the clients accessing the network and improved protection for critical enterprise assets."
Applied Identity's Identisphere is available immediately through Applied Identity's worldwide network of partners and resellers. Global Trust Repository is available now from SignaCert. The joint solution incorporating Applied Identity's Identisphere with the ability to leverage SignaCert's Global Trust Repository and is expected to be generally available from Applied Identity in the third quarter of 2009. For more information about Applied Identity's solutions, visit Applied Identity's website at www.appliedidentity.com.
About Applied Identity
Founded in 2004, Applied Identity is a leading provider of enterprise-class, identity aware network solutions that help organizations to simplify, consolidate, define and enforce network security policies to demonstrate compliance and reduce business risk. Customers deploy Applied Identity's solutions to meet compliance requirements by securing their applications, implement guest networks, protect enterprise networks from breeches at remote sites and foreign offices, and ease audit overhead with network usage reports. Applied Identity's solutions:
- Save time by deploying rapidly into existing infrastructures.
- Save money by reducing administrative overhead and easing compliance burdens.
- Save networks by applying the power of identity aware networking to protect networks from the inside.
Applied Identity's Identisphere™ solutions products include low-touch and virtual appliances that can be rapidly deployed and seamlessly integrated into the existing network infrastructure. The ID-Enforce Gateways Models 5000, 7000 and 10000 Version 3.3, including the ID-Enforce Client ID-Mark v3.3 and the Identisphere Manager (ID-Policy v3.3), achieved Common Criteria certification at Evaluation Assurance Level 2 (EAL 2) on October 6, 2008. For more information, visit www.appliedidentity.com.
Product and company names and design marks herein are trademarks of their respective owners.
PR Contact:
Rebekah Mitchell
415.933.6253
[email protected]
About SignaCert
SignaCert is the leading provider of end-to-end and partner-based IT compliance solutions based on known-provenance technology. These methods allow SignaCert's direct customers to rapidly achieve and prove continuous compliance for the systems that deliver critical business services. The SignaCert architecture is designed to seamlessly integrate with existing change processes and continuously monitor critical business services without disruption.
Founded in 2004 by 38-year IT security and compliance industry veteran Wyatt Starnes, SignaCert has assembled a world class team of industry leaders with hands-on IT experience.
SignaCert's end-customers span a wide variety of industries, including financial services, government, and healthcare.