HP touts VirtualVault as the EC platform for feds

Hewlett-Packard Co. is eyeing a new market for its VirtualVault operating system:
federal agencies that want to run electronic government and electronic commerce
applications on the Web.


A Hewlett-Packard official said he expects federal users to discover a killer app among
the potentially unlimited electronic government and EC applications for the B1-level
secure operating system.Andy Suchoski, security consultant with Hewlett-Packard’s
electronic business software organization, said the trusted platform works by securing
Internet gateway applications from standard root attacks, buffer overflows, Trojan horses,
common denial-of-service attacks and Web page vandalism.


Government agencies expose themselves to such attacks when overworked or unknowing
systems administrators and developers make application logic or network configuration
errors, Suchoski said.


VirtualVault reduces the risk of such attacks. “We can’t eliminate them, but
we can certainly minimize their effect,” Suchoski said.


Additional security defenses—user authentication and authorization, network-layer
security, and filtering routers or firewalls—are needed as part of an end-to-end
security architecture for e-commerce, he said.


Organizations can take an existing HP-UX application and integrate it with HP
VirtualVault, “basically putting the executables and files in the right place and
giving them the proper attributes,” Suchoski said.


A security-hardened version of the HP-UX 10.20 operating system, HP VirtualVault 3.0 is
bundled with a trusted gateway agent and Netscape Enterprise Server with Secure Sockets
Layer Version 3.0.


Hewlett-Packard is working on a Microsoft Windows NT version of VirtualVault “to
give the same flavor of protection,” he said.


Speaking at a briefing of federal executives this month, Hewlett-Packard officials said
systems buyers can expect to see HP double the performance of its machines every year
while prices remain constant.


A big factor in the equation will be IA-64, a joint development effort between
Hewlett-Packard and Intel Corp., said Nick Earle, vice president and group marketing
manager for the HP enterprise systems group.


Intel will deliver the first Merced chip based on IA-64 in 2000, replacing the current
IA-32 and RISC architectures, Earle said.


The explicitly parallel nature of IA-64 computing “is going to allow things we
cannot do today,” Earle said. Its architecture will accelerate the server
consolidation trend, permitting Unix and Microsoft Windows to run on the same hardware.


Along with ever-larger servers, Hewlett-Packard will deliver client-server systems that
are more like IBM S/390 mainframes in terms of reliability, availability and scalability,
Earle said.


“We are confident we’ll be able to guarantee 99.999 percent availability at
the desktop for HP 9000 servers by year 2000,” he said.


That percentage is equivalent to five minutes of planned and unplanned downtime a year.
“We’re now at 99.95 percent,” he said, which is four hours of downtime in a
year.


Another area in which Hewlett-Packard officials expect to support e-commerce is through
Web Quality of Service, Earle said.


The Web QOS software for HP-UX and Windows NT is a new e-commerce tool for agencies
that need to guarantee system resources and response times for specific e-commerce
applications, transactions or classes of users, he said.


“It’s a capability we’ve been used to in the mainframe world that’s
not available on the Internet today,” Earle said.


Contact Hewlett-Packard’s federal support office at 301-258-2000.  

inside gcn

  • artificial intelligence (ktsdesign/Shutterstock.com)

    Machine learning with limited data

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group