Best three questions from floor of RSA Conference today (Tuesday, March 2, 2010):

1) What are you doing about federated authentication? (state government)

Answer: We’re looking at it.  Our products already offer extensive support for LDAP, RADIUS, ODBC and other external authentication sources, and single-signon solutions for CA Siteminder and most SSL client certificates (e.g., Entrust, etc.).  Federated authentication is the next big authentication set ahead of us and will likely have ramifications for both our on-premises and hosted solutions.

2) How is your SSH support more appropriate for a company under SarBox than the OpenSSH deployments I have all over my network?  (financial clearinghouse)

Answer: Do you have your SSH servers configured to deliver you the auditing information you need?  (No.)  Are you able to distinguish individual users by the SSH keys they are providing?  (No.)   Do you believe you’re out of SarBox compliance today?  (Absolutely.)   Our products offer a complete solution to both these critical SarBox needs.  We provide comprehensive, tamper-evident logging (even of administrative actions) to DB, Event Logs and SysLog (your choice).  We can also enforce the use of usernames, passwords and keys on particular users, and you can prove through our audit logs which keys are and were in use by each user.

3) I thought Ipswitch (WS_FTP) would be dead after the world jumped to broadband.  What happened?

The world didn’t quit sending files – instead it sends larger files and now worries more than ever about who, exactly got what and when.  In other words, the technical challenges evolved and governance became much more of an issue.  Solving the technical, security, visibility challenges of file transfer – of both ad hoc and prearranged interactions – in a way that both users and administrators find easy is why Ipswitch, including WS_FTP, is growing and thriving.