Presenter: Garry McCracken, VP of Technology, WinMagic

Session Overview: With encryption rapidly accelerating towards a state of commoditization, the AES (Advanced Encryption Standard) is now appearing on hardware, within operating systems, and within other software packages originally designed to protect endpoint devices from malware, viruses, intrusion, and the like. Simultaneously, the areas of concentration in dealing with protecting data-at-rest are honing in on concerns regarding pre-boot authentication, enterprise requirements dealing with deployment, password recovery, synchronizing with LDAP servers, the need to manage multiple encryption schemas, and the necessity to deal with data leakage by encrypting USB thumb drives and CD/DVDs.

This presentation will cover data security strategies pertaining to protecting “data-at-rest”. The discussion will include adherence to endpoint security practices by implementing full-disk encryption practices that marry corporate governance to IT policies and procedures.

Please join us to learn about:

• The use of single and multi factor pre-boot authentication
• Dynamic Encryption Key Provisioning to eliminate the need for passwords
• The Encryption of Removable Media, sector by sector
• The synchronization with LDAP servers like Active Directory
• When to use hardware encryption and software encryption
• How the encrypting of archived data stores can be accessed 7 years from now through key labeling
• The ability to share access via PKI certificates
  

Presenter: Andre Kindness, Security & Mobility Solutions Manager, ProCurve Networking

Session Overview: As mobility feeds the appetite of information hungry users, the number and complexity of solutions entering the enterprise in 2008 will increase. The devices users want, the networks they access, and the applications they use will proliferate rapidly over the next several years, leaving IT with added management and security support burdens. Enterprises can successfully tackle these challenges if IT managers understand which trends are likely to become hot support and investment issues over the next 12 months like 802.11n, NAC, automation, etc.

Carrier and internal network boundaries will begin to blur, devices will get more complex, and security solutions will need to become more flexible. To prepare for the emerging onslaught of new technology, organizations must: 1) focus on faster, more ubiquitous networks; 2) hone in on devices with multi-network capabilities; and 3) anticipate demand for externally deployed services, and meet that demand with secure, extensible access solutions.

Topics Include:

• 802.11n
• PoE+ (802.3at)
• Wireless security and authentication
• 802.11v, 802.11k
• NAC and wireless integration
  

Presenter: Andrew Klein, Sr. Product Marketing Manager, SonicWALL

Session Overview: 3 years ago your Email Security system had to block spam and virus emails. 2 years ago it was phishing and image spam. Last year was spent creating policies to block dangerous or oversized attachments.

And this year, it’s about corporate governance, data loss through email and compliance regulations. To deal with this mounting pile of requirements do you use one system, do you split inbound and outbound, do you need a separate archiving system, what about encryption and how is it possible that spam is going to double again in volume this year?

In this hour we’ll look at the many challenges facing an enterprise with regards to email security. We’ll focus on outbound email management and how it fits in to your overall email protection strategy.

Topics Include:

• Why is there so much spam?
• Could you be part of the problem?
• Outbound Email protection
• Archiving and Encryption
  

Presenter: Ken Draper, Consulting Engineer- Security Solutions, Juniper

Session Overview: Monitoring the Enterprise is a daunting challenge. Wading through millions of logs is not the answer and frequently results in missed security events. In addition, requirements for industry compliance standards such as PCI, HIPAA, GLBA, etc. are stressing the IT staff to prove the organization meets the requirements to auditors.

This session will provide insight into the value of combining log collection, event correlation and traffic flow analysis into a centralized view. The ability to pinpoint who and how instead of just what, is a capability of current generation SIEM products. Learn what features to look for when evaluating logging and reporting solutions and experience live demonstrations of Juniper's "Security Threat Response Manager" (SToRM). By bringing the traditionally separate camps, IT Security and Network Operations, together into a single view provides increased awareness of what is happening in the Enterprise and offers enhanced reporting and forensic analysis in real-time.

Topics Include:

•  Log reduction using event correlation
• The value of traffic flow analysis
• Forensics analysis of network events and flow records
• Compliance reporting
• Automated response and remediation
  

Presenter: Randy Hunt, Consulting SE Manager, Packeteer

Session Overview:  High priority business transactions represent only a small percentage of the hundreds of applications-each with varying requirements for response time, availability and bandwidth-traveling across enterprise WANs. What happens when the wrong applications get the benefit of acceleration?

• Voice and video over IP experience quality issues when faced with jitter and congestion.
• Server and storage consolidation efforts are derailed when centralization places a heavy burden on storage, backup, replication and network services delivery.
• Malicious and recreational traffic hogs available bandwidth and creates network congestion.
• Real-time transactions are crowded out by "bulky" applications and non-business congestion.
• Collaboration is undermined when slow file sharing brings business to a standstill.
• Disaster recovery is at risk if there isn't enough bandwidth to complete storage, data mirroring, database synchronization and backup.

The Problem with Quick Acceleration Fixes, such as point acceleration products, often fall short and may even exacerbate the problem. Accelerators, alone, speed up everything-without control or discernment-throwing extra resources at aggressive traffic such as video, music downloads or even worms.

Presenter: Fred Wilmot, Sr. Systems Engineer, Splunk

Session Overview: Correlation in Security and how IT Search can help
In most cases, gathered data may not really provide you the valued
information you need to solve a problem, or eradicate a threat during an
incident. IT Search should reduce the time spent, and increase the value
of contextual correlation.

Learn how you can put your log data to use, instead of just archiving it!

Topics Include:

• Putting your log data to use
• Visualizing and correlating network events
• Using IT search in your environment
• See Splunk in action
  

Presenter: Dean Bushmiller, Security Courseware Developer & Instructor

Session Overview: If you are a self motivated individual and you want your CISSP
certification, come participate in this action oriented session. Dean will
describe the process of getting your CISSP with $0 to unlimited dollars.
This session will show you the cycle of self-study and keep you from wasting
your time on the wrong activities. In this session, you will make an action
plan that allows you to get work, life and your certification all done in a
reasonable amount time. You will know what tools to use, when to use them,
and when to ask for help. There are a million resources; let Dean help you
pick and choose the right ones for you.

Topics Include:

• How to self-study
• What's involved in the CISSP certification
• Choosing the right resources & tools
• Creating a plan for your lifestyle

Lead by: John McCumber, Strategic Programs Manager, Symantec

Session Overview: You talked- we listened! Join us at the Hot Topics Roundtable to discuss current topics, technologies and troubles in your organization. We'll start the discussion with 3 topics- Web 2.0, Encryption and Secure Guest Access. Interact with our industry experts to gain insight into today's top Hot Topics.

Industry experts participating:

• John McCumber, Special Programs Manager, Symantec

• Stephen Dellinger, Shareholder, Littler Mendelson Law Firms

• Fred Wilmot, Sr. Systems Engineer, Splunk

• Andy Klein, SonicWALL

Topics Include:

• Web 2.0 in the enterprise
• Encryption expectations
• Securing guest access
• Outbound email and compliance

Lead by: Alan Shimel, Chief Strategy Officer, StillSecure

Session Overview: Network Access Control is definitely a 2008 'Hot Topic', but do you REALLY know what NAC encompasses and what you should be looking for? Hear from today's top industry experts on NAC and the emerging standards.

Panelist include:

• Mauricio Sanchez, Chief Security Architect, ProCurve Networking

• Liza Lorenzin, Consulting Engineer, Juniper

• Patrick Wheeler, Sr Manager, Endpoint Compliance, Symantec

• Alan Shimel, Chief Strategy Office, StillSecure as our moderator

  
  

Lead by: Neal Hamilton, Technical Consultant, ProCurve Networking

Workshop Overview: Overview of basic wireless transmission techniques and capabilities. Discussion of 802.11 technologies including b/g a and the emerging n standard. Review of wireless security encryption and authentication methodologies. Overview of HP ProCurve's wireless products and services. Hands on demo available.

Lead by: Dean Bushmiller, Security Courseware Developer & Instructor

Workshop Overview: Many people can look at a technical question and come up with the answer.

The CISSP exam expects you to know the technical knowledge and apply your
management abilities. In this session, Dean will show the logic in answering
questions the (ISC)2 way. You will learn the types of questions, how to
attack them, and how to not get frustrated. After this session, when faced
with four options, you will pick the correct answer enough times to pass the
CISSP.