Feeds

USB stick security suite puts squeeze on software

Yoggie Pico offers baker's dozen

SANS - Survey on application security programs

Security startup Yoggie Systems has squashed 13 security applications - covering functions such as personal firewall, anti-spam, and anti-virus - onto a USB stick.

The Yoggie Pico is a slimline version of the firm's existing line of hardware security products (targeted at home office, road warrior, and consumer markets) as an alternative to conventional software security suites. Like its larger siblings, the Pico features 13 security applications on hardware running Linux. The Pico uses an Intel 520MHz PXA270 processor, a part more commonly found in recently released smartphones.

Once installed on a PC, all network traffic is run through the Pico, where junk mail and hostile traffic is blocked. This operation results in little or no latency, according to Yoggie, which touts the ease of use and performance advantages of the approach.

The device offers a full security suite on a USB stick with a raft of security defences more commonly only available to corporate intranets, business workers on the road, or consumers. Yoggie points out that software security products can be time consuming to install, difficult to manage, and subject to clashes with other applications. In addition, the hardware-based approach boosts the performance on either laptops or desktops by saving CPU, memory, and disk space.

On release, the Pico only works with Windows boxes (wags might say that's where it's most needed). Yoggie plans to develop Linux and Mac drivers. Yoggie Pico will go on sale from yoggie.com and through leading PC retail outlets round Europe and the US from September 2007 at a cost of around $179 (for consumer versions) and $199 (£106) for its enterprise equivalent.

All-in-one security appliances (so called God-boxes) have become popular in the enterprise and Yoggie is repurposing this approach - first with its existing Gatekeeper series and now with its little brother, the Pico. Described as a miniature computer, it runs a raft of applications including anti-spam, anti-virus, anti-phishing, anti-spyware, intrusion protection, firewall, web filtering, and a VPN client. Some of these applications were developed in-house, whereas others are licensed from third party vendors (e.g. Kaspersky for anti-virus, MailFrontier for anti-spam). Signature files are updated hourly.

For parents, the device offers the benefits of easily preventing unprotected or unauthorised net access. Removing the Yoggie Pico from the computer stops all network connections.

The Yoggie Pico comes in two flavours - the Yoggie Pico Personal for the consumer market and the Yoggie Pico Pro for the enterprise market. The latter features management hooks so the technology can be centrally controlled.

Performance problems after loading security products (to say nothing of security glitches) remain a bane in the life of Windows users, so handing over these functions to separate hardware certainly has its appeal, providing Yoggie is right about its claims that no latency is introduced. For organisations that have banned the use of USB ports on corporate machines using software, or gone even further by gluing them shut out of fears of data theft, the Pico-approach runs foul of other security policies so isn't an immediate option.

In the consumer market, price and a solid distribution strategy are all important factors. The promise of hassle-free hardware security is an interesting one. A retail price of £95 ($179) with licensing from year two at £16 ($30) works out at a bit more expensive than three security software packages and quite a lot more expensive than a Bluetooth USB adapter or wireless router, for example.

For what it offers, the Pico is competitively priced so much depends on whether it lives up to the promise of hassle-free computing. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.