Ironkey S200 Enterprise Review

I am a probably a little biased, as I have been using a personal Ironkey 1GB S100 for some time now, and have recently got myself an 8GB S200 thanks to Don at The Ethical Hacker Network, so its clear I think they rock, and in my opinion I really do think they are the best secure USB Pen Drive on the market.

However I have never had any exposure to their enterprise offering, and with lots of companies now looking to adopt secure portable / removable media I think if Ironkey could be a good solution from a device perspective to help with data loss prevention. Ironkey have been kind enough to set me up with a temporary enterprise account, and sent me a couple of enterprise S200 1GB sticks to have a look how it all hangs together.

Before I get started, if you have never heard of Ironkey, let me just give you a little bit of info on what they are all about, and why in my opinion they are the 007 secure usb stick of choice, did I mention they look the business to 🙂

Enterprise Version Specs:
Rugged Metal Casing
Waterproof
Tamper-Resistant
AES 256BIT Hardware Encryption
FIPS Validated 140-2 Level 3
Strong Authentication
RSA SecureID / Verisign ID Protection
Secure Browser / Portable Apps
Self Destruction
Anti-Malware Protection

So on with the review. First we need an Ironkey Enterprise Account, and an Enterprise Ironkey, I was provided with both of these. When you get an Ironkey it comes in a little black box, once you have opened it up and plugged in the Enterprise Ironkey and the launcher is run, you are informed that you need to activate your Ironkey. (*Setup on a Mac)

To progress past this stage you will need an activation code that your Ironkey Enterprise would have setup for you through the console. This will result in you having received an email with your activation code.

So with that in mind we will go to the Enterprise Web Interface and get things setup (policies, preferences and accounts).
First we log in with our Enterprise Account number.

Now as its our first login we need to go through the 10 steps of getting our configuration setup that we are going to apply to all the Ironkeys in our enterprise.

Step 1 – Make sure we are the right man for the job…. Check 🙂

Step 2 – Now we need to define how many failed password attempts before the Ironkey self destructs. (Default is 10)
Its important to remember once destruction occurs, thats it. No undo or try again.

Step 3 – Now we define our password settings, complexity, and recovery settings.

Step 4 – Now we setup the default applications available from the Ironkeys, Firefox, RSA, etc

Step 5 – Its all about the Lost & Found. We can configure a message that will seen by anyone who inserts the Ironkey

Step 6 – Now we setup the Enterprise Administrator Account, with a strong password.

Step 7 – Time for some challenge response info, for when we forget ourselves.

Step 8 – Now to create your secret identification image to ensure your at the REAL Ironkey admin page.

Step 9 – Creating your backup sys admin account.

Step 10 – Confirming everything is just how you wanted it.

So now we have our admin account setup and our admin Ironkey associated. So lets take a look at what we can do at the web interface. Its important to understand that logging into your management interface requires two factor authentication, so not only your username and password, but your Ironkey also. If you dont have your Ironkey you just get into the Safe Mode option.

So when we login with the Ironkey we get all the good stuff, user management, policy creation alteration, alerts, log information and more. Things are pretty self explanatory, so here is a screen shot montage.

Now we can continue to activate our Ironkey, as we have created an account, and associate policy.

Now we setup a name for our Ironkey and a strong passphrase.

The key is then initialised and encrypted.

Then then if the user doesnt already have an online account, they are prompted to create one.

Now the user is good to go, the policy will have been applied, applications made available and secure storage created.

If the user is also an administrator they get access to admin tools from their Ironkey also, allowing them to recover data from other Ironkey, reauthorise, etc.


Below are also some screen shots of an Ironkey that has been assigned a Silver Bullet Policy meaning it cannot be used unless it is connected to the Internet for authentication, and a device that has been disabled.

Here is the control panel a user see’s on a Mac and PC, do control panel is currently available to Linux users.

Its pretty clear that PC users currently get better percs from the Ironkey, but regardless of the plaform your getting some awesome secure storage. I am really impressed with the simple yet appropriate level of control the Ironkey Enterprise solution gives, and I dont think I would hesitate to recommend this to a customer. I will say that I had one device get stuck in some sort of authentication loop, but Ironkey support where extremely helpful, and the few things we tried didn’t work so they sent out a replacement by Fedex.
Ironkey also offer pretty much the same offering but for personal users, and I will be putting up a similar mini review of this offering later in the month.

For more information on the Ironkey offerings, and to locate your local reseller visit the Ironkey website.

I will leave you with a short video clip I made, testing the waterproof theory of the Ironkey S200.

Waterproof Testing

Ubuntu 9.10 (Karmic Koala) on Aspire One Mini Review

As posted earlier, today was the release of Ubuntu 9.10 (Karmic Koala), you really have to love the release names they come up with 🙂

So I downloaded the Remix version because I run Ubuntu on my Acer Aspire One 110, and its just a little more user friendly that a standard desktop gui. For reference I did a fresh install, and not an upgrade from the 9.04 I was running.

So the download and install onto USB stick was a doddle with the packaged USB Creator, then about 15 mins and the install was good to go.

So first impressions, well in the past getting things to work first time with the Aspire One can be a little difficult. Like the wireless doesn’t always work, or the led doesn’t flash, or the sound is no good, or the camera doesn’t work, you get the idea. Well I am pleased to say I had no issues, touch wood everything works as you would expect. The SD card reader doesn’t work in real time, and requires a reboot but that’s always been the case. So everything is working, and I have to say it seems to boot faster to.

Favorites

So on start up with have the Remix interface we expect, with some slight colour and theme changes. The interface is as intuitive as ever, and somehow seems abit slicker. The motion seems improved and I can move between the different areas very easily. I did an update check, and as expected its all up to date. I know its only been out two minutes, but you never know 😀

Firefox

Next I thought I would fire up Firefox, and I am happy to see 3.5.3 is pre-installed (I know 3.5.4 has just been released, but we will let them off there). Everything works as expected, things seem pretty slick. I still get a few minor HDD pauses from the Solid State Drive on my 110 but, this is a feature 🙂

Cloud1

Cloud2

What new OS wouldn’t be complete with its own bit of Cloud 🙂 So 9.10 comes with a link to Ubuntu ONE, I don’t know all the details about this offering, I think its something to do with Amazon’s cloud offering. Regardless, this is just a quick link from within Ubuntu to allow you backup, sync and share your data easily. I might look into this at some point as you can get 2GB for free 😀 We like free.

SoftwareCent1

Next I thought I would take a quick look at the Ubuntu Software Centre. This is basically a simple interface to manage and install all your applications. I guess this is to make it easier than using the old package manager.

SofwareCent2

So here we are, all very simple and easy to understand. I popped Pidgin at this point, and it was found and installed without issue.

System

Just a quick look at my Ones spec info, lovingly named Betty 🙂

I appreciate this isn’t an in depth review, but I think you can normally tell if your going to have any issues early. I think its a certainly an improvement in appearance and performance compared to the previous version I was running. I have not tried out the standard desktop version yet, but everything seems straight forward and easy to use. I really do think Ubuntu is a real alternative to Windows for anyone, not just the hardcore IT Unix guru’s.

I hope this mini review was of little help to those considering going with 9.10, especially those of you who are Netbook users.

Products reviewed and rated @ Security Active

As already mentioned I have been doing some book proposal reviews with Syngress, and will hopefully have some newly released books to review in the future. I have reviewed different products and applications for other sites and forums, and obviously mention various tools, kit and gadgets as part of research and recommendations.
I have spoken with a few vendors in the security and technology industry and have had some positive interest in reviewing their products and posting them to the blog to share.

So if you work for a company or have a product you think is worth reviewing please drop me a mail “reviews[at]securityactive.co.uk”.

I look forward to bringing you information on interesting products in the future.