The San Francisco, California-based infosec developer, which was spun out of PC Guardian Anti-Theft Products Inc two years ago, unveiled its Data Protection Platform, comprising the Data Protection Framework and three different modules, each of which can be acquired in isolation, accompanied by the framework, which affords GuardianEdge upsell opportunities for the other two. The modules are Hard Disk Encryption, which is the company’s original product, to which it has now added Removable Storage Encryption and Device Control.
Joe Gow, senior director of product management at GuardianEdge, said Removable Storage Encryption, as its name suggests, is designed to secure data on media such as USB toggles and such, the idea being to deliver a policy-based capability for encrypting data when it is being moved and leverage a user’s existing credentials, in terms of smart cards and so on, to do so.
He described Device Control as rounding out our suite of offerings by giving customers the ability to white-list individual devices, and indeed the ports to which they can attach to. It’s really an extension of domain-level authentication, he argued.
Ram Krishnan, GuardianEdge’s senior VP of products and marketing acknowledged that the market for encryption of data at rest and/or in motion is a busy one, with companies such as Pointsec (now part of Check Point), Credent, Germany’s Utimaco and SafeBoot NV from Holland all vying for position. The way his company seeks to differentiate itself, therefore is in manageability, in recognition of the fact that deployments of the technology are going from the departmental to enterprise-wide, with a concomitant need to manage keys and permissions centrally.
Thus GuardianEdge makes much of what it claims to be its tighter integration with Microsoft’s Active Directory, to which it is adding an equal degree of integration into Novell’s eDirectory, of which we see a lot of pockets in Europe, Krishnan went on.
The company has also added a key management capability, which is currently only for its own encryption keys, but Gow acknowledged that our intent is to go into broader key lifecycle management, This would appear a logical step for GuardianEdge, i.e. extending its capabilities into heterogeneous key management, though of course in doing so it will be going up against the two main players in that emergent space, i.e. RSA (now EMC) and nCipher.
The intention of going for a third-party encryption management capability can already be seen, in fact, in the announcement with Seagate Technology Inc, whereby the Data Protection Platform will be able to manage Seagate’s DriveTrust HDD encryption capability.
We’ll manage on-disk encryption, said Gow, with Seagate being the first to market among the HDD manufacturers. He added that the Trusted Computing Group is already working on a standard for HDD encryption and Seagate also wants to standardize its technology.
In terms of pricing, Krishnan said the products will be licensed at $150 per endpoint and per modules, such that all three modules for a single endpoint would presumably cost $450, though one suspects there may be room for negotiation with the bundle.
