Feeds

USB stick security suite puts squeeze on software

Yoggie Pico offers baker's dozen

SANS - Survey on application security programs

Security startup Yoggie Systems has squashed 13 security applications - covering functions such as personal firewall, anti-spam, and anti-virus - onto a USB stick.

The Yoggie Pico is a slimline version of the firm's existing line of hardware security products (targeted at home office, road warrior, and consumer markets) as an alternative to conventional software security suites. Like its larger siblings, the Pico features 13 security applications on hardware running Linux. The Pico uses an Intel 520MHz PXA270 processor, a part more commonly found in recently released smartphones.

Once installed on a PC, all network traffic is run through the Pico, where junk mail and hostile traffic is blocked. This operation results in little or no latency, according to Yoggie, which touts the ease of use and performance advantages of the approach.

The device offers a full security suite on a USB stick with a raft of security defences more commonly only available to corporate intranets, business workers on the road, or consumers. Yoggie points out that software security products can be time consuming to install, difficult to manage, and subject to clashes with other applications. In addition, the hardware-based approach boosts the performance on either laptops or desktops by saving CPU, memory, and disk space.

On release, the Pico only works with Windows boxes (wags might say that's where it's most needed). Yoggie plans to develop Linux and Mac drivers. Yoggie Pico will go on sale from yoggie.com and through leading PC retail outlets round Europe and the US from September 2007 at a cost of around $179 (for consumer versions) and $199 (£106) for its enterprise equivalent.

All-in-one security appliances (so called God-boxes) have become popular in the enterprise and Yoggie is repurposing this approach - first with its existing Gatekeeper series and now with its little brother, the Pico. Described as a miniature computer, it runs a raft of applications including anti-spam, anti-virus, anti-phishing, anti-spyware, intrusion protection, firewall, web filtering, and a VPN client. Some of these applications were developed in-house, whereas others are licensed from third party vendors (e.g. Kaspersky for anti-virus, MailFrontier for anti-spam). Signature files are updated hourly.

For parents, the device offers the benefits of easily preventing unprotected or unauthorised net access. Removing the Yoggie Pico from the computer stops all network connections.

The Yoggie Pico comes in two flavours - the Yoggie Pico Personal for the consumer market and the Yoggie Pico Pro for the enterprise market. The latter features management hooks so the technology can be centrally controlled.

Performance problems after loading security products (to say nothing of security glitches) remain a bane in the life of Windows users, so handing over these functions to separate hardware certainly has its appeal, providing Yoggie is right about its claims that no latency is introduced. For organisations that have banned the use of USB ports on corporate machines using software, or gone even further by gluing them shut out of fears of data theft, the Pico-approach runs foul of other security policies so isn't an immediate option.

In the consumer market, price and a solid distribution strategy are all important factors. The promise of hassle-free hardware security is an interesting one. A retail price of £95 ($179) with licensing from year two at £16 ($30) works out at a bit more expensive than three security software packages and quite a lot more expensive than a Bluetooth USB adapter or wireless router, for example.

For what it offers, the Pico is competitively priced so much depends on whether it lives up to the promise of hassle-free computing. ®

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.