Amid the noisy and crowded aisles of the RSA
Conference in San Francisco April 20 to 24 was a curious exhibit, a small booth
with a backdrop picture of the Great Wall of China and the declaration,
"Lenovo: The leader of Information Security in China." On a folding
table sat a Lenovo-branded 3U (5.25-inch) security gateway appliance—the
KingGuard (see photo below).
"We sell only in China
today, but we are looking for partners to bring it to the U.S.,"
says Jiangli Li, vice president of Lenovo Security Technologies, a division of
Lenovo.
According to Lenovo literature, Lenovo Security Technologies has been
operating in Asia since 2001, building a series of
products such as UTM (unified threat management) appliances, firewalls and
VPNs. The KingGuard security gateway was launched in 2008, providing deep
packet inspection, protocol analysis, traffic management and load balancing,
and incident logging with up to 20G-bps throughput.
"KingGuard applies several innovative technologies like unique matrix
parallel processing and dynamic load balancing multicore CPU to improve
security network processing capabilities and reliability of the whole
system," reads product literature.
In the United States,
Lenovo is mostly focused improving the embedded security in its ThinkPad
notebooks. But Stacy Cannady, product manager for security at Lenovo, says
Lenovo is experimenting with several technologies and potential products that
may eventually find their way to the U.S.
market. Cannady equates it to concept vehicles that auto manufacturers roll out
at car shows—"Sometimes the products make into production; sometimes they
don’t."
While much of Lenovo’s security attention is devoted to hardening and
protecting its personal computers, the company that IBM
sold its PC business to in 2004 is showing signs of establishing a bigger
presence in the security market.
Lenovo recently unveiled Hardware Password Manager, a server-based
enterprise solution for managing and recovering passwords used for client-side
full-disk encryption. Lenovo has supported full-disk encryption since May 2007
when Seagate Technology released its self-encryption hard drives. Capabilities
for interacting with Hardware Password Manager are included in the newer
ThinkPad and ThinkCentre PCs with Intel’s dual-core Centrino 2 chip set, and
will be included in ThinkPad and M-series desktops in the future.
The Hardware Password Manager is designed to allow IT security
administrators to manage scores of ThinkPads, encrypt drives and provide a
mechanism for recovering lost credentials.
"Customers love the idea of self-encryption, but they’re not going to
deploy it unless they can manage it," Cannady said.
Lenovo’s security strategy is following a well-worn development path, in
which innovation often begins in software, migrates to firmware and eventually
graduates to become a hardware solution. Cannady says the same migration path
is what led to multifactor authentication that in turn led to Lenovo including
a built-in fingerprint scanner for biometric authentication to replace or
strengthen password log-ins.
Given Lenovo’s focus on making its devices more secure, its criteria for the
development of new security products and features are: protecting data residing
on PCs, protecting enterprises from PCs that have been compromised and guarding
against theft devices.
Lenovo recently launched a new product that allows users to disable a PC
with a cell phone text message should it be lost or stolen. The service is more
of a consumer offering today since there’s no management system that will
enable an enterprise to manage lockouts and recovery of stolen assets. Cannady
says Lenovo is working on that management capability, which will eventually
bring the theft protection service to the enterprise.
"Going forward, we have to ensure that when we add a new security
feature that we have an ability to manage it," Cannady says.
By embedding security features such as fingerprint biometric authentication,
full-disk encryption and remote disabling functions in its PCs, Lenovo aims to
create a strong competitive differentiator to help solution providers sell its
products and business consumers justify the spending on its PCs.
Innovations in manageability of embedded security measures may lead to the
creation of external security measures or the importation of existing security
appliances into the U.S.
market. For now, Cannady says Lenovo—in the United
States—is firmly focused on embedded
security rather than network appliances.
"Usability of a technology is very important to its success," he
says. "Just pasting it on won’t make it a success."