Cyber attacks focusing more on applications, experts say

GSN’s
2nd Annual
“HOW TO…”
special section on
solving government
security problems
Begins on Page 15
Funk
Software’s
Kevin
Walsh
on
End-Point
Security
Page 13
December 5, 2005 Vol. 3 Issue 22 The Newspaper of Record for Government Security A Publication of World Business Media, LLC
INSIDE
Season’s Greetings From Our Publisher
PAGE 6
Kerry Outlines New Anti-Terror Strategy
PAGE 8
NIST Plans To Hold FIPS 201 Demos
PAGE 10
DHS Procurement Chief Rothwell Retires
PAGE 12
Showcase: New Products from Overseas
PAGE 53
Personality Profile: John Banghart of CIS
PAGE 54
Company
Portrait:
By DANA E. BLOZIS
“GE believes in the security business.”
Dennis Cooke, president of GE
Security’s Homeland Protection business
THE BIG PICTURE
For <strong>more</strong> than 100 years, General
Electric has been a household name,
offering consumers and businesses
everything from light bulbs and
appliances to aircraft and locomotive
engines. What many people don’t
think about, however, is that GE is
also a leader in security for both the
home and the homeland. Through
its newly formed homeland protection
business, GE Security strives
More on Page 48
NIST says intelligent buildings
would help first responders
By LES SHAVER
A huge fire breaks out in a
high-rise office building downtown
and first responders rush
to the scene. They move in
with very little situational
awareness of what’s going on
inside. In many cases, they
probably don’t even know
exactly where the fire is located,
how big it is, how fast it’s
spreading, or how many people
are trapped within. To get this
information, they must go into
the building, which is dangerous
and time-consuming.
“They have information from an alarm that comes to dispatch,
but that only indicates the most basic information,” said
David Holmberg, a mechanical engineer with the Building and
More on Page 51
Balancing security & commerce
on troubled Tex/Mex border
By MATT SCHERER
Eugenio "Gene" Garza looks like a fighter pilot during
a training flight debriefing as he describes the balance
between quickly moving
freight and providing
security for nearly three
million trucks that annually
transit through his
U.S. Customs and
Border Protection facilities.
At first, the U.S.
Customs and Border
Trucks crossing tight border More on Page 50
FREDD BERGMAN
Covering Physical & IT Homeland Security Solutions
Identity assurance
product suite from
Daon, which uses
biometrics, is flexible
and vendor neutral.
Page 53
RANDALL KAPLAN
<strong>Cyber</strong> <strong>attacks</strong> <strong>focusing</strong> <strong>more</strong>
on applications, experts say
By DAVID BATES
The nature
of cyber
<strong>attacks</strong> has
shifted dramatically
over
the past year
from <strong>attacks</strong>
against operating
systems
to cyber New cyber targets continue to emerge
assaults on
individual applications, a trend that could mean increased risk
for large IT systems, according to information security experts.
In an analysis of the year’s top 20 critical cyber security vulnerabilities
released in late November, Bethesda, MD-based
information security training and certification company SANS
Institute reported a shift in cyber targets from operating systems
and Internet services to individual vendor applications.
More on Page 14
Homeland security officials are
turning to GIS technology
By SABEEN ALTAF
The recent hurricanes in
Louisiana have raised questions
about how accountable our federal
government should be. It has
also highlighted the need for
swift coordination amongst federal,
state and local agencies in
working on emergency planning.
However, even before the hurricanes
struck, legislation introducing
Geographic Information Systems (GIS) to the Department
GIS maps play a role in security
of Homeland Security was being considered.
More on Page 52
Steel box from Envisage
isolates a cell phone from
all network connections,
so law enforcement can
analyze phone’s contents.
Page 53
www.gsnmagazine.com
Plasan Sasa offers
advanced tactical
assault vest for protection
against high
velocity projectiles.
Page 53
THE LAWS OF VULNERABILITIES - G. ESCHELBECK, QUALYS

We thank all of our marketing partners for your strong
participation in the past and look forward to your
continuing support in 2006 and the years beyond.
¤
international
Federa
RSA
DECEMBER 5, 2005 2 GSN: GOVERNMENT SECURITY NEWS

CONTENTS
For <strong>more</strong> information go to
www.info.ims.ca/5111-001
Front Page
<strong>Cyber</strong> experts say <strong>attacks</strong>
now target application
software
Where most
cyber
<strong>attacks</strong> in
the past
focused on a
computer’s operating system, newer
<strong>attacks</strong> seem to be aiming at application
programs.
– Continues on page 14
NIST is promoting
“smart
buildings”
to safeguard
first
responders
Sensors located
inside major
buildings, which
could detect
fires and determine
where occupants are located,
could feed this vital data to command
and control centers run by first responders.
GSN looks at the developing field
of smart buildings.
– Continues on page 51
Company Portrait: GE
Security’s
Homeland
Protection
business
GSN kicks off a
new series of
corporate profiles
with an indepth
look at a
business unit of GE celebrating its
first birthday this month.
– Continues on page 48
Security
along
the
Tex/Mex
border requires a delicate
balancing act
Keeping the traffic moving while
simultaneously watching out for terrorists,
drug traffickers and illegal immigrants
has Customs and Border
Protection officials hopping.
– Continues on page 50
Geographic information
systems (GIS)
are taking
center stage
More and <strong>more</strong> government
agencies are turning to GIS technologies
to help them plan for emergencies
and respond to unexpected incidents.
– Continues on page 52
Features
Ask the
Expert-
Kevin Walsh
– Page 13
Our expert, the director
of product technology
at Funk Software, decribes the
emerging niche of end-point security.
GSN’s 2nd Annual
“HOW TO…” special
section – Page 15
In an effort to provide
practical, nitty-gritty
information, GSN has
consulted with a slew of
industry experts and provided
down-to-earth
answers to 16 real-world
"HOW TO…” questions.
Departments
Hot News – Page 8
One of our writers
listened to Senator
John Kerry (D-MA)
deliver an important
address on his
anti-terror strategy
to the Council on
Foreign Relations
in New York City.
We also bring you
up to speed on NIST’s plans to offer vendors
the opportunity to demonstrate their
personal identification and verification
(PIV) systems.
Business Opportunities
– Page 11
Contracts – Page 11
People – Page 12
Ad Directory – Page 51
New Product
Opportunities for U.S.
Integrators – Page 53
Personality Profile–
John Banghart – Page 54
If software vendors are ever going to
improve the quality of
the security of their software,
they’ll need benchmarks
to know what’s
expected of them. That’s
where John Banghart, of
The Center for Internet
Security, comes in.
DECEMBER 5, 2005 4 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-002

A message from Ed Tyler,
GSN’s Publisher
You are holding the 40th issue of GSN: Government
Security News.
That means 40 ad closings, 40 layout meetings and 40 print
runs, and a lot of work by everybody at World Business Media,
LLC, our parent company. I want to take this opportunity to thank you — and all
of the hundreds of suppliers, integrators, organizations and advertising agencies
— who have helped to make 2005 another record-breaking year for GSN.
Thank you very much for your continuing support and best wishes for the
happiest of holidays.
Putting together our 40th issue inspired me to compile an interesting set of
additional statistics, which demonstrate the extraordinary strength and growing
influence of our publication. Take a look:
23 -- Number of issues of GSN we delivered in
2005.
491 -- Number of editorial pages we delivered
in the same year.
1 -- Number of GSN scoops picked up (and
attributed) by The New York Times
651 -- Number of worldwide media articles
that cited GSN’s coverage in 2005.
197 -- Companies that have delivered their
marketing messages in GSN.
379 -- New security products and services
introduced in the pages of GSN.
116,490 -- Average number of individuals who read
each issue of GSN in 2005.
2,679,270 -- Total reader impressions for GSN during
2005.
62 -- Average number of minutes each reader
spent with GSN each month.
I’m proud of those statistics, and equally proud of the loyalty our readers have
shown to GSN since we launched the publication in 2003. I’m especially grateful
to those readers who have been willing — time and again — to respond to
our periodic e-mail research survey questionnaires, enabling us to present
intriguing, proprietary research results on a number of lively homeland security
topics. Please keep it up!
On behalf of the editorial, marketing, art & design, circulation, production
and finance teams at GSN, I want to thank you for your suggestions and good
wishes throughout 2005. We all look forward to working with you to help you
increase your understanding — and, perhaps, gain your fair share — of the government
security market in 2006.
ART DIRECTOR:
Mark Kaplan
(212) 925-7300 x322
mkaplan@gsnmagazine.com
Sabeen Altaf
Fredd Bergman
Vice President/New Business:
Arnold Blumenthal
(516) 292-0674
ablumenthal@gsnmagazine.com
North Atlantic Regional Mgr:
Michael J. Madsen
(212) 925-7300 x 220
mmadsen@gsnmagazine.com
Wash. DC/Mid-Atlantic Reg. Mgr:
Charlie Hull
(301) 987-0632
chull@gsnmagzine.com
CIRCULATION DIRECTOR:
Ronald Moyer
(609) 601-1298
PROMOTION DIRECTOR:
Robert DiGioia
(212) 925-7300 x274
Dana Blozis
Gail Kalinoski
FULFILLMENT/ WEB SUPPORT MGR:
Anne Tyler
(631) 275-0264
Main Number: (212) 925-7300
Fax: (212) 925-8754
www.gsnmagazine.com
EDITOR-IN-CHIEF:
Jacob Goodwin
(212) 925-7300 x255
jgoodwin@gsnmagazine.com
SENIOR EDITOR:
Teri Robinson
(212) 666-9292
trobinson@gsnmagazine.com
WASHINGTON CORRESPONDENT:
David Bates
(301) 270-5396
dbates@gsnmagazine.com
CONTRIBUTING WRITERS:
Steven Lewis
Josh Martin
EDITORIAL INTERN:
Blythe Kladney
PUBLISHER:
Edward Tyler
(212) 925-7300 x232
etyler@gsnmagazine.com
ADVERTISING SALES
Midwest/Southwest Regional Mgr:
Chris Casey
(847) 223-5225 x11
chrisc@caseyreps.com
New England/Metro NY/Southeast
Regional Mgr:
Andrew Shane
(718) 549-5910
andy66ny@aol.com
ADVERTISING TRAFFIC MANAGER:
Pedro Reyes
(212) 925-7300 x264
pedro@gsnmagazine.com
ASSOCIATE ART DIRECTOR:
Pat Monteleone
(212) 925-7300 x290
pmonteleone@gsnmagazine.com
Matt Scherer
Les Shaver
Ross Stapleton-Gray
Jan Wilson
Western Regional Mgr:
Jim Craven
(626) 799-0036
jcraven@gsnmagazine.com
Western IT Security Regional Mgr.
Lynne Stickrod
Tel: 415-503-3936
lstickrod@gsnmagazine.com
International Sales Mgr (Europe):
Dave Harvett
+44 121 705 2120
daveharvett@btconnect.com
CONTROLLER:
Allen Frydrych
(212) 925-7300 x206
PRODUCTION ASSISTANT:
Jermaine Brown
(212) 925-7300 x297
LIST MANAGER:
Michael Auriemma
(212) 655-5130
GSN: Government Security News (ISSN 1548-940X and UPS 022-945) is published biweekly except once only in
August and December (22 times per year) by World Business Media, LLC, 100 Avenue of the Americas, 6th Floor,
New York, NY 10013. Telephone: (212) 925-7300. Periodicals postage paid at New York, NY and additional mailing
offices. POSTMASTER: Send address changes to GSN: Government Security News, Subscription Department, P. O.
Box 316 Congers, NY 10920-0316. For government decision makers and business executives involved with security
products, systems and services. Qualified U.S. subscribers receive GSN: Government Security News at no charge.
Non-qualified subscribers in the U.S. are charged $75.00 per year. Canadian and foreign subscribers are charged
$140.00. International Airmail subscribers are charged $210.00. Single copy $10.00. The GSN Web site is:
http://www.gsnmagazine.com. Copyright 2005 by GSN: Government Security News. All rights reserved. Reproduction
of this publication in whole or part is prohibited except with the written permission of the publisher. Printed in the U.S.A.
GSN: Government Security News assumes no responsibility for validity of claims in items reported.
WORLD BUSINESS MEDIA, LLC
Edward Tyler, President
POSTMASTER:
Send changes of address to:
GSN: Government Security News
Subscription Department
P.O. Box 316, Congers, NY 10920-0316
NEW SUBSCRIPTION REQUESTS:
Write to GSN: Government Security News
Subscription Department
P.O. Box 316, Congers, NY 10920-0316
or call (845) 268-3156.
Subscribe online at www.gsnmagazine.com
Editorial Reprints:
Robert DiGioia
(212) 925-7300 x274
rdigioia@gsnmagazine.com
Classified Advertising:
Kelly Winberg
(215) 723-2861
kwinberg@attglobal.net
SUBSCRIBER ADDRESS CHANGES:
Write to GSN: Government Security News
Subscription Department
P.O. Box 316, Congers, NY 10920-0316
If possible, include a copy of a current mailing label
with your correspondence
or call (845) 268-3156.
SUBSCRIBER INQUIRES:
Please call (845) 268-3156 or fax (845) 267-3478 or e-mail gsnews@cambeywest.com
DECEMBER 5, 2005 6 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-003

Hot News
Kerry seeks security overhaul
Sen. John Kerry (D-MA) is calling on
President Bush to summon “a real council
of war” in which leaders of government and
the private sector would “forge a winning
strategy” to combat domestic and international
terrorism.
Kerry, the Democratic Party’s presidential
candidate in 2004, outlined his position
in a recent speech at the Council on
Foreign Relations in New York City. He
For <strong>more</strong> information go to www.info.ims.ca/5111-004
called for a new approach to combating terrorism
and protecting freedoms while
boosting the security of both private and
public sector institutions.
Government, he said, cannot dictate policy
in isolation; it must maintain a dialogue
with the private sector and “create incentives”
for companies to develop solutions.
The senator’s proposals come in the
wake of the final report from the organization
that grew
out of the 9/11
Commission, which blasted both Congress
and the president for failing to take adequate
steps to ensure domestic security.
Kerry’s formal speech, entitled Real
Security in the Post-9/11 World, called for
the U.S. to adopt a new global perspective
on the war on terror, and to partner with
reform movements within the Arab and
Muslim world that have “the broad and
unchallenged moral authority needed to
isolate and defeat terrorism.”
In addition, Kerry proposed specific
domestic anti-terror measures: Beefing up
port security, developing “true
domestic counter-terrorism capability” in
the FBI, and reviving alternative energy
development programs which have languished
since the Bush Administration
came to power in 2001.
Port security particularly concerned the
senator (whose home state includes the
port of Boston). He sees the “extreme vulnerability”
of U.S. ports as one of “the most
urgent homeland security threats.”
Kerry warned the Council that ports are
“the most likely point of entry for terrorists
with weapons of mass destruction.”
In addition to beefing up port security in
general, Kerry called for the development
of new and effective regulations to secure
dangerous materials domestically, as well
as overseas.
Key to success will be effectively utilizing
America’s intelligence agencies. “The FBI
should have a true domestic counter-terrorist
capability,” he said.
Kerry made it clear that his new approach
involves a significant shift in U.S. foreign
policy, redeploying forces and redefining
missions. “We need to greatly increase our
overseas clandestine intelligence service,”
he suggested. “Our military must also be
reshaped... equipped to perform post-conflict
reconstruction missions.”
“We need a far-sighted, multi-faceted
approach,” Kerry said.
A key component is developing the
means to cut funding of terrorist groups
and organizations. Kerry suggested the best
way to do this is by reducing dependence
on Middle East oil. “We must liberate ourselves
and the Middle East itself from the
tyranny of dependence on petroleum,” he
told the Council.
To achieve this goal, Kerry has called for
a dramatic change in U.S. energy policies,
<strong>focusing</strong> on massive investments in renewable
and alternative energy sources. “Many
stunning opportunities to do that are staring
us in the face,” he said, “but none have
been seized with the urgency our security
demands.”
Kerry believes the nation’s security policies
have been both misdirected and mismanaged.
“It is difficult [to succeed] when
our own actions defeat our purposes.”
The senator suggested that a true council
of war is needed now <strong>more</strong> than ever, to
“give clarity to peoples’ missions,” improve
the function of government and motivate
the private sector.
“We’re at war,” Kerry told the Council,
“but we’re not behaving like it.”
DECEMBER 5, 2005 8 GSN: GOVERNMENT SECURITY NEWS

NIST
Hot News
NIST plans demonstrations for
Personal ID Verification products
The National Institute of Standards
and Technology (NIST) is holding a
demonstration for vendors interested
Headquarters
5711 S. 86th Circle
Omaha, NE 68127
Phone: (866) 325-8140
Fax: (402) 537-6199
in showing products that support personal
identity verification, as set out
by the Federal Information
Processing Standard
201 (FIPS 201). The
demonstration will be open to all
Looks can fool you.
To get <strong>more</strong> information on a person check
SecureUSA allows you to search people by:
• Social Security Numbers
• Unlisted Phone Numbers
• Cell Phone Numbers
• Vehicle Information
• Civil Actions
• Aliases
• Relatives
• Addresses
• Names
• & other critical information
www.infoUSAgov.com
GSA-GS-23F-0096P
*SecureUSA data is available only to federal, state, and county/municipal government offices.
For <strong>more</strong> information go to www.info.ims.ca/5111-005
t
For a 10-day
FREE trial
of SecureUSA
call Kevin Shaughnessy
at: 1-866-325-8140
Law Enforcement Agencies Need
SecureUSA for Access to Critical
Information for Investigative Purposes.
SecureUSA is the largest, most
powerful investigative database for law
enforcement agencies available on the
web, at a very affordable price.
For <strong>more</strong> information, call
Kevin Shaughnessy: (866) 325-8140
or E-mail: government@infoUSA.com
Washington, D.C. Office
1717 Pennsylvania Ave. NW
Washington, D.C. 20006
(202) 887-8001
11GSN
interested federal
agencies
that are
required to be
up to date
with FIPS 201
implementation
and requirements.
Vendors of personal
identification products
are required to comply
with Homeland Security
Presidential Directive 12
and FIPS 201 regulations
According to the Homeland
Security Presidential Directive 12
(HSPD-12), Policy for a Common
Identification Standard for Federal
Employees and Contractors, the president
called for the development and
implementation of a governmentwide
standard for secure and reliable
forms of identification for federal
employees and contractors.
According to NIST, although it will
have demonstrations for individual
verification products, it prefers companies
to demonstrate fully functioning
verification systems. As a
result, many companies who produce
single products may feel pressure to
create a full system with other, competing
companies. All companies,
working together or separately, must
supply information about their products
to NIST by the end of
December.
NIST suggested a wide range of
product categories that could be
included in the demonstration, such
as card issuance and management
components, front-end components,
access control components, and personal
identity verification (PIV) system
integrators. Included in these
categories are products such as smart
card contact readers that can read
PIV cards, complete physical access
control solutions, and biometric
solution providers that capture biometric
data.
Interested vendors are advised that
products that support FIPS 201 will
be interoperable and that they should
take into consideration other vendors’
products and ideas.
Vendors who participate will provide
NIST the opportunity to perform
proof of concept and to check interoperability
with the PIV cards.
In early 2006, NIST will release the
finalized list of participating vendors
and distribute a schedule of when the
demonstrations will occur, based on
the availability of each vendor and
category. Not all interested vendors
are guaranteed that their products
will be demonstrated.
DECEMBER 5, 2005 10 GSN: GOVERNMENT SECURITY NEWS

Business Opportunities
Recent and upcoming
government solicitations
Intrusion Detection Systems on
List for U.S. Marshals Service
Buyer:
Scope:
Contact:
U.S. Marshals Service
Department of Justice
Judicial Security Contracts
Team, JSDC
Suite 600 – CS3
3601 Pennsy Drive
Landover, MD 20785-1612
The U.S. Marshals Service is
seeking home intrusion detection
systems, including control
panels, key pads, door/window
switches, motion sensors,
horn/sirens, glass break sensors,
repeaters and other items.
Maxine Robinson, contracting
officer
202-307-9185
202-307-9360 (fax)
mrobinson@usdoj.gov
FTP Looking for Security
Services in Washington Area
Buyer:
Scope:
Status:
Contact:
Federal Protective
Immigration and Customs
Enforcement
Department of Homeland
Security
425 I Street, N.W.
Washington, DC 20536
FTP needs security services
at a number of locations in
Washington, DC. The contractor
will provide and maintain
all management, supervision,
manpower, training, equipment,
supplies, licenses, permits,
certificates, insurance,
screenings and the like to
support security guard services
24 hours per day, seven
days a week. Services will
begin on April 1, 2006.
The notice was posted
November 28, 2005 and
responses are due back on
January 5, 2006.
Ronald Jean-Baptiste, contracting
officer
202-514-4441
202-514-3353
ronald.jean-baptiste@dhs.gov
Bureau
of
Prisons
Looking
for
X-Ray
Technician Services
Buyer: Bureau of Prisons
Department of Justice
U.S. Armed Forces Reserve
Complex
346 Marine Forces Drive
Grand Prairie, TX 75051
Scope: The Bureau of Prisons requires X-
ray technician services for inmates
in the Federal Correctional
Institution located in McKean, PA.
The service is for up to 30 hours
per week, generally between the
hours of 7:30 a.m. and 4:00 p.m.,
Monday through Friday. The contract
covers a period of 12 months
with four 12-month option periods.
Status:
Contact:
Responses were due November
28, 2005.
Terri Tharp, contracting officer
972-352-4545 (Fax)
VA Seeking Security Services in
Northern California
Buyer:
Scope:
Status:
Contact:
Department of Veterans Affairs
Medical Center
Consolidated Contracting Activity
1000 Locust Street
Reno, NV 89520
The VA is looking for security
guard services in VA facilities
in Northern California. At most
locations, the guard services
will include 8-12-hour daytime
shifts on weekdays. At some
locations, services will be
needed overnight and on
weekends.
The request was posted on
November 25, 2005 with
responses due back by January
5, 2006.
Rob Weber, contract specialist
775-328-1435
775-328-1703 (fax)
rob.weber@med.va.gov
For submissions to this section, please e-mail detailed information to: opportunities@gsnmagazine.com
Contracts
Recent security-related awards
CompuDyne
Lands Deal
for Burbank
Police
Department
Public
Safety
System
Issued by:
Issued to:
Value:
Scope:
City of Burbank
Burbank, CA
CompuDyne Corp.
Annapolis, MD
$1.5 million
CompuDyne — Public Safety
& Justice, Inc., has landed a
$1.5 million contract to provide
the software and services
for a new public safety
system for the Burbank
Police Department. The new
offering is a computer-aided
dispatch system that operates
on Microsoft Windows
workstations. The processing
of all critical CAD functions is
server-independent and the
system offers nearly 100
percent availability. If one
component fails, the system
will continue to function.
Awarded: November 21, 2005
American Defense Systems
Wins Deal for Security Door
Controls at New Federal
Courthouse Planned for
Brooklyn
Issued by:
U.S. Marshals Service
Brooklyn, NY
Issued to: American Defense Systems, Inc.
Hicksville, NY
Value: $500,000
Scope: American Defense Systems
has inked a $500,000 deal
with the U.S. Marshals
Service to design and install
upgraded computer-driven
touch-screen security controls
for <strong>more</strong> than 200 security
doors at the new federal
courthouse in Brooklyn, NY.
The doors will be used by the
marshals to move prisoners to
restricted access points that
were previously installed by
ADSI in the old courthouse.
Awarded: November 23, 2005
Issued by:
Issued to:
CBP
Hands
BIR
Contract
for
IntellX
Gantry
System
Customs and Border Protection
Department of Homeland
Security
Washington, DC
BIR Inc. Security Systems
Division
Lincolnshire, IL
Scope: CBP covers a one-year base
contract with four one-year
renewable options. Under the
terms, BIR will provide IntellX
Gantry Vehicle and Container
Inspection System, which
combines a Varian linear
accelerator with a proprietary
detection system aimed at
scanning high-density cargoes.
Awarded: September 2005
GSA Teams With Telos to
Manage Infrastructure
Issued by:
Issued to:
Value:
Scope:
Federal Acquisition Service
General Services
Administration
Washington, DC
Telos Corp.
Ashburn, VA
$3 million over five years
The GSA’s FSA has teamed
with Telos to manage and
secure the agency’s technology
infrastructure. The base
year of the contract is valued
at $600,000, with each
of the four option years also
worth about $600,000. To
fulfill the requirements of
the GSA FAS contract, Telos
will rely on its extensive
security experience performing
Certifications &
Accreditations (C&As) and
conducting security vulnerability
management for the
GSA.
Awarded: November 21, 2005
For submissions to this section, please e-mail detailed information to: contracts@gsnmagazine.com
GSN: GOVERNMENT SECURITY NEWS 11 DECEMBER 5, 2005

People
Philip Gray has joined Hi-Tec
Systems, Inc., of Egg Harbor
Township, NJ, as vice president
of business development.
Hi-Tec also maintains an office
in Arlington, VA, which serves
customers at federal agencies
in the Washington, DC, area.
Gray’s primary responsibilities
will be to develop business
opportunities and win new government contracts
for Hi-Tec. He will focus on the company's core
competencies of information technology, aviation
safety, homeland security and defense, communication,
navigation, surveillance and air traffic management
systems and environmental engineering.
Gray holds a bachelor's degree in mathematics and
a master's degree in computer science from the
University of Maryland.
Richard Kiphart has been appointed co-chairman
and lead independent director at SAFLINK Corp., of
Bellevue, WA. Trevor Neilson has been promoted to
co-chairman. Neilson is currently the executive
director of the Global Business Coalition on
HIV/AIDS, initially funded by Bill Gates, George
Soros and Ted Turner. Kiphart was previously the
company’s chairman.
William Evenson has been
appointed vice president of
Future Fibre Technologies’
Americas operation. He was
previously president of Senstar
Stellar Inc., where he was
responsible for its U.S. operation
since 1996. Evenson has
<strong>more</strong> than 20 years experience
in the outdoor intrusion detection
market and is well known within the security
industry. FFT chief executive Bill Younger said, “We
are extremely pleased to have such a high calibre
person drive our expansion into the long range
perimeter, pipeline and network security markets.”
Evenson’s appointment coincides with the opening
of Future Fibre Technologies’ West Coast office,
located in Mountain View, CA.
F4W, Inc., of Lake Mary, FL, a developer of broadband
wireless products, has named Allan Edwards as
CEO and chairman. Edwards holds public service
positions with the City Commissioner board of
investors and chairman of the pension study committee
in Providence, RI.
Gregory Rothwell, the chief
procurement officer at DHS,
has announced his retirement.
He assumed his duties as the
department’s first chief procurement
officer in July, 2003,
pledging to create world class
acquisition and financial assistance
programs. He came to the
department from the Internal
Revenue Service where he served from 1999 to 2003
as the senior career executive responsible for agency
wide shared services. From 1990 to 1999, Rothwell
served as the IRS’s first assistant commissioner for
procurement where he was a pioneer in partnering
with the private sector through full and open communication.
He began his career as a contact negotiator
with the Department of Defense and worked at
both the Aberdeen Proving Ground in Maryland and
the Army Electronics Command in Philadelphia. A
native of Salina, KS, Rothwell holds bachelor
degrees in economics and business administration
and English (cum laude) from Marymount College in
Kansas and a masters of public administration from
the University of Denver.
SI International, Inc., a Reston, VA-based information
technology and network solutions company, has
named Lee Stratton as senior vice president of
human resources. He will oversee the company’s HR
functions, including the recruitment, management,
retention and training of employees and administration
of employment benefits. Stratton will report
directly to president and CEO Brad Antle. Stratton
joins SI International with <strong>more</strong> than 20 years of experience
in HR leadership positions. Most recently, he
managed the HR function in a growing financial services
organization active in <strong>more</strong> than 50 countries
worldwide.
Michael Goodboe, vice president
of training for The
Wackenhut Corporation, has
been elected chairman of the
National Association of Security
Companies (NASCO) — the
nation’s largest contract security
association, whose members
employ nearly 40 percent of all
security officers in the United
States. Goodboe will serve on the executive committee
of the board of directors, along with 1st Vice Chair
Martin Herman, President and CEO of Special
Response Corporation and NASCO 2nd Vice Chair
Patrick McNulty, division president of Allied-Barton
Security Services. The NASCO board elects positions
on the board each year during its fall membership meeting
which was held at NASCO’s offices last October.
Joseph Patanella, president of AmbironTrustWave,
will head up the company's new business unit aimed
at providing data security-related products and services
to federal government agencies. “The multitude of
information assuarance and compliance regulations
affects government entities as much if not <strong>more</strong> so
than private sector businesses,” said Patanella.
“Federal agencies handle large quantities of sensitive
data and, as a result, are at great risk from hackers and
other unauthorizedd parties seeking access to private
or classified information.” Patanella is an 18-year veteran
of the National Security Agency (NSA).
MTC Holdings, Inc., of Oakland, CA, has appointed
Larry Grotte as CIO. Grotte will help the company’s
business units identify and develop robust business
processes, as he tackles process and technology elements.
His office will be in the Oakland headquarters.
Prior to joining MTCH, Grotte spent <strong>more</strong> than 30
years as a CEO and C-level executive for several Silicon
Valley companies within the Fortune 500’s emerging
technology/venture capital-backed sectors. He obtained
a bachelor’s degree in business administration from San
Francisco State University and an MBA from Notre
Dame de Namur University, of Belmont, CA.
For submissions to this section, please e-mail detailed information to:
people@gsnmagazine.com
For <strong>more</strong> information go to www.info.ims.ca/5111-006
DECEMBER 5, 2005 12 GSN: GOVERNMENT SECURITY NEWS

Ask The Expert
Kevin Walsh
Director of Product Technology
Funk Software
A lot of government organizations
are wrestling with the
GSN:
challenge of introducing WiFi communications
into their networks which would
allow their internal users and, perhaps,
outside users to access their network.
After they figure out how to establish
smoothly functioning WiFi connections,
how does the concept of end-point security
come into play
The next
KEVIN WALSH: aspect of
network access for end users seeking to
get onto the network will be to determine
not only who you are, and are
your credentials valid, but what is the
current security state of your machine
Are you meeting the requirements to be
allowed to fully participate on the network
And if you’re not, how do we get
that device back to compliance so that
you can do your job
What sort of criteria are you
GSN: most commonly looking at to
determine whether a user is compliant
At the beginning, the obvious
KW: one is whether or not the antivirus
application is present, running
and configured appropriately to perform
its task. But, as we move beyond
just anti-virus to protect desktops, we
have personal firewalls, patch management,
anti-spyware and other applications
that are used to make sure that
the information on the device [which is
trying to connect to the network] is
protected, and that the device itself
cannot propagate problems to the other
devices on the network.
Let’s say I’m the IT director of
GSN: a government agency and an
outside user tries to sign onto my network.
He can be either one of my employees
(whose laptop presumably at one stage
was configured properly), or a total
stranger. Let’s take both circumstances
separately. How is this notion of end-point
security going to help me protect my network
against one of my own employees
Let’s add one twist to your scenario.
In today’s age of mobility,
KW:
your employee might be taking a
device, like a laptop, and taking it away
from your organization; taking it out
from under your control and exposing it
to other networks.
Provided it’s under your control, you
have tools to manage it on your network
every day. But, for the one hour,
one day or one week that it’s off your
network, that machine might become
out of date. It may have missed a patch
With the increasing prevalence of mobile employees and visitors signing onto corporate and governmental computer networks
through WiFi connections, a new form of software that instantly inspects the security configurations of the laptops
and desktops trying to gain access to such networks has begun to blossom. GSN’s Jacob Goodwin recently spoke with
Kevin Walsh, director of product technology for Funk Software, Inc. of Cambridge, MA, an expert in this new software
niche, known in some circles as “end-point security.”
that you delivered on Tuesday because
the machine was in Akron, OH, for
the past week. When it comes back,
you now want to know that it’s not in
compliance (because you’ve updated
your network since it was last a participant),
and you want to get it back
into compliance as quickly and easily
as possible.
How would this be different if
GSN: a total stranger shows up at
your network
The visitor or the guest to your
KW: network complicates the challenge
because you may not be able to
change their machine. You may not
have the privilege to say, “Move from
anti-virus X to anti-virus Y in order to
participate on my network.” So, you
will need a policy that will allow the
visitor to complete the job they came to
your network to do, but you might not
want to give them the keys to the kingdom
while they’re on your network.
What would happen when
GSN: end-point security software
discovers that your friendly employee’s
laptop is no longer compliant
Let’s say our traveling employee
KW: comes back, is out of compliance
and attempts to get onto the network.
They’ve presented their credentials.
We like their credentials. They are
who they’re supposed to be. But, now
their anti-virus software doesn’t have the
right virus definition file.
We have the opportunity to change the
user’s network connection from the normal
full access network to a <strong>more</strong> limited
“sandbox” network. There will be utilities
and applications on the sandbox
network — that might be user-driven or
completely automated — that will bring
that application back up-to-date. Once
it’s up-to-date, without the user having to
click any button, and once the applications
notify each other that the user is
back in compliance, the user will be
transferred back to the full network.
And then would they be able
GSN: to gain access to all of the different
applications on the network
Yes, just as they would the
KW: day before they went out of
compliance.
What happens to the stranger
GSN: who you can’t automatically
bring back into compliance Is he put in
the sandbox forever Does he have the
ability to accomplish anything on your
network
Those users will not be given
KW: the full network access because
they aren’t employees and they don’t
deserve that level of access. But, they
could be put in a modified sandbox that
gives them the privileges to do the work
they’re supposed to do, but nothing
beyond that level of network privilege.
In that circumstance, what
GSN: might they be allowed to do
There might be a file server,
KW: print services or maybe an
Internet gateway that guests are
allowed to use, that non-classified, nonprotected
information is made available
from. But, access to it would still be
logged, so you’d know who looked at
the information and what data was
used.
Let’s try to put this new software
innovation in context.
GSN:
Who are the pioneers of this concept of
end-point security How does your firm,
Funk Software, fit in with the main players
And is end-point security software
becoming commonplace
The giants of our industry have
KW: gotten involved: Cisco, with
their Network Admission Control;
Microsoft with their Network Access
Protection; and the Trusted Computing
Group with their Trusted Network
Connect. Those are probably the big
three protocols today that will help network
administrators perform this task.
What are the similarities and
GSN: the differences between
those three approaches Have their differences
slowed down the adoption of
this technology
The good news for consumers
KW: is that all three solutions share
a very similar architecture, so they’re
not being challenged to use different
architectures. If you look at the three of
them in depth, they share very similar
traits. Unfortunately, they share those
traits in very different ways, different
API’s and different interfaces, which
means that today you have to choose
only one instead of having them all
work together.
How does end-point security
GSN: typically figure in the plans for
government IT security directors
Government organizations today
KW: have gotten the components
they’ve needed, such as FIPS-enabled
clients and servers, to roll out WiFi.
That’s brought a technology to their network
that they’ve never had before. It’s
8O2.1x, or identity networking.
Once they get the wireless component
deployed, they can start to roll out
end-point integrity solutions from any
of the vendors. But, now they also have
the opportunity to change their wired
networks to 8O2.1x, to make those
<strong>more</strong> secure and to include things like
end-point security. Starting from today,
I think IT officials are going to need to
study these solutions, choose the
options that they’re going to go forward
with and define how to roll them out
on the network.
We hope that for the first half of
2006, it’s an exploratory phase for a lot
of organizations, gaining an understanding
of the technologies and their choices
within the space; with deployments
beginning in the second half of 2006.
Tell us about the concept of
GSN: “device management” and how
that fits into all of this.
KW:
Today, we can identify you as
user, we can validate your credentials,
we can check the health of
your machine and we can know where
you’re connecting to the network from.
What we’re being asked for next is to
identify whether or not the device
you’re using is completely under the IT
department’s control, or whether it is
your own personal device. By adding
that knowledge to the policy decisionmaking
process, network administrators
feel they can make even <strong>more</strong> granular
decisions over how much access to
grant you. Are you connecting to the
network properly with one of my
devices or are you connecting to the
network with your own personal device.
If they knew that, they could make different
decisions.
GSN: GOVERNMENT SECURITY NEWS 13 DECEMBER 5, 2005

From Page 1
Vulnerability mgmt. software focuses on applications
“This was the first year that a significant
piece of the vulnerability was applicationbased,”
said Mason Brown, director of the
SANS Institute to a recent E-Gov Institute
Security Conference in Washington, DC.
While the shift is noteworthy on its own,
perhaps <strong>more</strong> alarming is that cyber attackers
are increasingly targeting “the backup
and recovery tools and the antivirus and
other security tools that most organizations
think are keeping them safe from <strong>attacks</strong>
and from loss of data,” the SANS Institute
said in a statement. “Now many of those
systems have been shown to have critical
vulnerabilities.”
Brown succinctly summed up the nature
of the threat: “If you’re buying products
with bad code, you’re going to get your
lunch eaten quickly.”
Amrit Williams, research director for
information security and risk practice at
Stamford, CT-based IT research and analysis
firm Gartner, Inc., sees another, possibly
related, trend in cyber <strong>attacks</strong>.
“It’s significant that <strong>attacks</strong> are being
launched and vulnerabilities found against
security software,” Williams said. “Another
shift is that we’ve moved from a world of
hobby-based malware to a world of cyber
criminals who are financially motivated.
Because of that criminal activity, it makes
sense to attack the security applications.”
A robust and properly implemented vulnerability
management program can help
protect against these increased applicationlevel
<strong>attacks</strong>, says Allan Paller, SANS director
of research.
Most vulnerability management consists
of some form of technology – either hardware
or software – that scans a system for
existing components and known vulnerabilities
which then creates a “tickler file to ask
if you took action,” such as downloading
the latest security patch, he says.
“People who have comprehensive vulnerability
management systems and large staffs
of people who can find the patches, test the
patches and roll them out are in no worse
shape then they were before,” said Paller.
“But since the vast bulk of all organizations
have very lightweight vulnerability
management systems or rely entirely on the
vendors for updates of their operating sys-
tems,” Paller said, “they are at a radically
increased risk because the <strong>attacks</strong> that used
to be blocked by the patching of their operating
systems are not blocked because the
applications they run are not patched.”
Under this scenario, a would-be attacker
might transmit a legitimate file — text, or
data, or even music — containing malicious
code that could launch cyber mayhem at
the receiving end when opened by a vulnerable
application.
While many vulnerability assessment
tools have the ability to detect application
vulnerabilities, these technologies may not
conduct such assessments “at the granular
level that will be needed at the application
level,” said Gartner’s Williams.
“Most of the assessment tools that are
out there assess vulnerabilities against the
operating system,” he said. “They generally
don’t go into the applications themselves.”
Vulnerability management expert
Gerhard Eschelbeck said the trend
toward application-level <strong>attacks</strong> does not
require any dramatic shift in the way
enterprises analyze their vulnerabilities
and manage their risks, nor does it call for
new technology.
“The good vulnerability management
solutions have the capability built into their
systems,” said Eschelbeck, whose firm —
Redwood Shores, CA-based Qualys, Inc.
— provides on-demand network security
audits and vulnerability management. “One
of the things that people should consider is
a trusted or authenticated scan. Those are
deeper scans.”
Another strategy to identify applicationlevel
vulnerabilities that enterprises might
consider is altering the frequency of system
scans.
“You may want to consider the regularity
of when you conduct your assessments. You
may think about a schema where your
servers are scanned once a month and your
work stations once every six weeks,” said
Eschelbeck, Qualys’ chief technology officer
and vice president of engineering and
one of the security experts who produced
the SANS 2005 “Top 20” list.
One area of vulnerability management
that will likely change as a result of the
increased threat of application-level <strong>attacks</strong>
is the patching process, he said.
“Your patching patterns will change,
because instead of patching servers you
may end up patching 1,000 workstations,”
he said, noting that the patching process is
usually a manual process that can require
significant staff time and personnel.
SANS Institute’s Paller notes that federal
agencies are not immune from application
<strong>attacks</strong>.
“The federal government does have vulnerability
management, but not for all
parts,” he said, explaining that some agencies
have vulnerability management in
place only for selected IT systems or operational
divisions.
“Many of them are relying on the automated
updates that come from the vendors,”
said Paller. “What’s wrong with that
process is that the application vendors don’t
have automatic updating.”
So if an IT department does not regularly
search vendors’ Web sites for security
patches for each application used by an
agency or enterprise, those applications will
remain vulnerable, he said.
“The vendors, when you call them, will
say, ‘We’ve put out a patch, we’ve fixed
the problem.’ But they don’t have any way
of telling the user because they don’t
have automatic updating,” Paller said,
noting that, “Antivirus is the one exception
to the rule.”
GSN Classified/Marketplace
SERVICES – SALES REPRESENTATION
“You have two choices. One is you run
one of those scanners, and they’re not
cheap,” he said, noting that vulnerability
management technology for an enterprise
can cost anywhere from $25,000 to
$1 million.
“Two, you’re supposed to go look
things up on the vendor’s Web site,”
Paller said, adding, “most people aren’t
doing anything.”
Noting that 10 percent of known software
vulnerabilities account for some 90
percent of all cyber <strong>attacks</strong>, Qualys’s
Eschelbeck urged prioritization of an organization’s
identified vulnerabilities rather
than trying to patch them all.
“The biggest key to success is the prioritization,”
said Eschelbeck. “It must correlate
the vulnerabilities with mission critical
business processes.”
But Williams notes that organizations
cannot rely exclusively on their vulnerability
management programs. Enterprises still
need to deploy and regularly update their
security “shielding” technology — such as
firewalls and antivirus programs, he said.
Even when vulnerability management
technology detects an application-level vulnerability
for which a patch is available, he
explained, a large enterprise may need several
days or even weeks to apply the patch
on all affected servers or work stations,
depending on its resources. During that
patching period, it is the shielding applications
that must protect vulnerable applications
until the patches are applied.
Companies and government agencies
must develop processes for integrating their
vulnerability assessment and patch management
programs with their shielding
technology, said Williams.
“There’s no one product in vulnerability
management that does everything
that’s necessary at an adequate level,”
said Gartner’s Williams. “This is all a
work in progress, which is why companies
need to tie all the pieces together
through process today.”
National sales rep firm sought for manufacturer and marketer of extreme-duty stainless-steel video camera housings. See ad in this issue
of GSN on p. 45; Contact: Don Softness, pres., SecureVue Inc., 251 East 51st Street, New York, NY 10022. www.securevue.net;
p: 212-752-5960; f: 212-888-7387; email: don@securevue.net
For <strong>more</strong> information go to www.info.ims.ca/5111-007
DECEMBER 5, 2005 14 GSN: GOVERNMENT SECURITY NEWS

“HOW TO...”
Solutions Guide for
Government Security
How 16 of the most important segments
of the government security market tackle
their physical and IT security challenges.
CONTENTS
16 Asset Tracking
How to ensure the integrity of your
product throughout its distribution
lifecycle
18 Cargo Screening
How to rapidly screen cargo for illicit
materials and provide automatic detection
of nuclear-based WMDs and dirty
bombs, even through 17” of solid steel
20 Decontamination
How to deal with radiological
decontamination
22 Detection
How to respond to a radiological terror
event
24 Emergency Alert Notification
How to spread the word of a sudden
emergency to 5,000 employees, a public
venue or even an entire community
in 30 seconds
26 Guard Services
How to select a guard services
provider
28 Integrated Security Systems
How to build an integrated security
system that leverages your existing
technology
30 Mass Notification Systems
How to notify thousands of military
personnel or civilians of a sudden and
critical change in their situation
32 Night Vision
How to catch would-be intruders on
your property in the middle of the
night, without them even knowing
you’re watching
34 Perimeter Protection
How to secure any perimeter
36 Perimeter Surveillance
How to service your perimeter
surveillance systems
38 Security Management Systems
How to pull together alarm monitoring,
video surveillance, access controls
and smart cards into an integrated
system
40 Thermal Imaging
How to spot even the sneakiest
intruder trying to enter your property
at night or during bad weather
42 Video Surveillance
How to design a network-based video
surveillance system
44 Video Surveillance Equipment
How to protect your CCTV cameras
from damage, destruction and deluge
46 X-Ray
How to use X-ray technology to
screen airline passengers, airline cargo
and the U.S. Mail

A Special Supplement to GSN
ASSET TRACKING
HOW TO...
...ensure the integrity of your product throughout
its distribution lifecycle
It is estimated that annual cargo shipment losses range upwards of $100 billion. These
losses are largely the result of product damage and theft due to shipment hijackings,
vandalism and spoilage.
Until recently, efforts to prevent such acts have been only marginally successful because
freight forwarders and manufacturers have had few ways to monitor their goods and
services while in transit. However, technological advancements are changing this situation,
which is good news for everyone — manufacturers save on insurance costs, freight
forwarders have the opportunity to sell this new technology as a value-added service and
consumers pay less as a result of the decline in manufacturing costs and the greater efficiencies
achieved throughout the distribution supply chain.
Using Global Positioning Systems (GPS), companies can now track their products
remotely, on a real-time basis, using any standard Internet browser. Placed covertly
inside shipping crates or attached to the undercarriage of transport vehicles, asset
tracking devices can be configured to identify temperature control changes, shock and
vibration, opening doors and speed. In addition, such technologies can establish “geofencing”
parameters to ensure that one’s cargo stays on its intended route. If any of the
pre-established parameters are breached, alarms are sent immediately to the monitoring
station or the owner(s) for determination of action. Precise location information provides
owners the ability to ensure that the desired environmental and structural integrity of
their shipments are maintained.
The most recent advancement in asset tracking involves a new wireless protocol known
as “ZigBee.” ZigBee sensors are now being integrated into the design architecture of
next generation tracking devices. Using ZigBee protocol, trackers will be able to communicate
effectively with other elements of a client’s security system, such as cameras,
to enhance the accuracy of the client’s detection and deterrence system.
DECEMBER 5, 2005 16 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-013

A Special Supplement to GSN
CARGO SCREENING
HOW TO...
...rapidly screen cargo for illicit materials and
provide automatic detection of nuclear-based
WMDs and dirty bombs, even through 17” of
solid steel.
Cargo containers and truck trailers are often heavily loaded with dense objects that can
easily disguise contraband materials. This defeats gamma ray, backscatter and other
technologies because their penetrating power is simply too low to punch through such
items.
Effective cargo inspection requires a combination of good detection technology and
high-power X-ray systems. Today’s Linatron based X-ray technology answers this challenge
with its ability to resolve objects as small as four millimeters within 17 inches of
steel. Scanning is enhanced by the latest detectors and computer software, which allow
entire containers to be scanned at high resolution in less than 15 seconds. These high
resolution digital images allow operators to zoom in on suspicious objects, identify the
exact locations of concern and save or transmit the images for future use.
Since contraband nuclear materials are a critical, but infrequently found material in
cargo containers, it is important to detect these automatically, with a high degree of confidence
and a very low false alarm rate.
Dual energy scanning technology makes this possible. By alternating X-ray energy
from pulse-to-pulse at a high repetition rate, nuclear materials can be detected automatically
and differentiated from steel and other routine materials. This automatic detection
process can operate transparently during normal scanning and inspection without distracting
the operator. However, when nuclear material is detected, the operator is immediately
alerted to its size and location. Thus, operators can carry out routine inspections
for <strong>more</strong> frequent contraband, while having confidence that their dual-energy system
will clearly identify any significant quantity of nuclear material.
Overall, dual-energy scanning is a break-through technology that, for the first time,
allows automatic detection of nuclear materials while simultaneously providing exceptionally
high resolution images at unmatched speeds.
DECEMBER 5, 2005 18 GSN: GOVERNMENT SECURITY NEWS

Introducing Linatron K9
The watchdog
Cargo inspection with teeth
Varian’s Linatron K9 is the solution to high-speed interdiction of cargo containers
transporting nuclear-based WMDs and Dirty Bombs.
The K9 is the only dual-energy X-ray source capable of switching energies
pulse-to-pulse. This technology enables cargo screening systems to automatically
identify high-density materials used in WMDs and Dirty Bombs, even in heavily
loaded cargo containers.
The K9 provides unmatched penetration capabilities through 17” of solid steel,
allowing user access to fast, high-resolution images and the ability to completely
screen a fully loaded container faster than any other non-intrusive inspection system
in the world.
For <strong>more</strong> information, contact
Varian Medical Systems
Security & Inspection Products
Las Vegas, Nevada
tel: 702.938.4859
fax: 702.938.4833
www.varian.com/sip
The K9 is built on Varian’s proven high-energy Linatron accelerator technology, the
industry standard used by cargo screening system manufacturers around the world.
Put some teeth into your cargo screening system with Linatron ® K9 – The watchdog .
For <strong>more</strong> information go to www.info.ims.ca/5111-014

A Special Supplement to GSN
DECONTAMINATION
HOW TO...
...deal with radiological decontamination.
When it comes to decontamination, preparation is key. Once an incident has occurred, it
is too late to plan and prepare. Still, there are some things that everyone should know.
In the event of a radiological contamination event, immediate tracking of the contaminant
to arrest teh plume spread is critical. Without prior planning, the situation can
quickly spiral out of control and isotopic contamination can spread rapidly to otherwise
unaffected areas.
Application of water will only make matters worse, driving materials down into surfaces
and creating additional “fixed” contamination problems. Also, once the water evaporates,
the “smearable” contamination can again become airborne and spread via the wind. The
only effective solution is to have pre-positioned solutions, deployment equipment and
trained personnel executing a concise emergency response plan in order to minimize the
plume spread and begin the recovery process.
If you are working in the affected area, respiratory protection is crucial in order to protect
lungs and airways. Put on your mask or escape hood immediately. If you have a protective
escape suit, boots and gloves, put them on. Don’t take off your mask for any reason
until you are out of the Hot Zone and you have been cleared of contamination.
If a chemical or biological event takes place inside a building, the ventilation system
should be shut down as quickly as possible to stop the spread of the contaminant. In a
CBRN event outside a building, the building’s air intake must be filtered with a HEPA
system, or the building air intake must be shut down to keep from drawing contamination
inside. HEPA filtering is preferred, as running the ventilation system on maximum
settings can serve to positively pressurize the building interior. While still a monumental
task, it is much easier to decontaminate a building exterior than both the interior and
exterior.
Expect professionals to arrive and take samples of the contaminant. Additionally, the
FBI will investigate. Source retrieval and removal or remediation is critical. Gross decontamination
of equipment and rooms must be achieved before re-use. Post-decontamination
sampling is required prior to a safe release of the area.
DECEMBER 5, 2005 20 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-015

A Special Supplement to GSN
DETECTION
HOW TO...
...respond to a radiological terror event
We’ve heard of the possibility of terrorists using a radiation dispersal device (RDD) —
“dirty bomb” — to spread contamination and panic through a major city or public gathering.
Such a device consists of radioactive material — industrial, medical or waste isotopes
— spread over a wide area with conventional explosives.
The first step is to recognize that an event has occurred. Radiation is colorless, odorless
and tasteless. Electronic detection provides the only means to separate the RDD event
from any other explosion or fire, by detecting the dispersed radioactive material.
Equipping first responders (firefighters, police, HAZMAT, etc.) with personal radiation
monitors is the most typical approach for initial detection. Reliable, fast responding,
portable, rugged monitors are needed to stand up to the rigors of first emergency
response.
Once the event has been detected, the personal radiation monitor provides continuous
information about the extent of hazard. Responders can make informed decisions about
movements around the scene, approaches to victim rescue and public evacuation.
As injured victims are evacuated or non-injured members of the public leave the scene,
it is important to control contamination. Dangerous material may be attached to shoes
and clothing and unnecessarily spread — even to hospitals and emergency vehicles.
Well-equipped emergency response and HAZMAT teams set up triage/decontamination
areas to determine who is contaminated and to locate the contamination for removal.
Transportable portal monitors are the first line, followed by <strong>more</strong> close examination with
handheld survey instruments to precisely locate the contamination. Radiation identifiers
are also used to discriminate materials from the event vs. medical isotopes that may
legitimately be present in some victims.
The same equipment is also used to assess the extent and location of contamination,
keeping people away from dangerous materials until cleanup can proceed.
DECEMBER 5, 2005 22 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-016

A Special Supplement to GSN
EMERGENCY ALERT NOTIFICATION
HOW TO...
...spread the word of a sudden emergency to
5,000 employees, a public venue or even an
entire community in 30 seconds.
Release of Sarin nerve agent in office buildings, a truck bomb in a sports arena or a dirty
bomb threat in a community are but a few of the national planning scenarios published
by DHS. Specific companies have been warned that their building plans and personnel
movements were being tracked and found on PCs in Southwest Asia. Being prepared to
rapidly disseminate accurate emergency information before, during and after an attack
is critical in mitigating casualties.
To be affective, a Mass Notification System (MNS) must be able to deliver timely, concise
and event-specific instructions of what to do (and what not to do) in response to a threat.
Often, different messages must be sent to different time zones, whether indoors or outdoors,
as the situation warrants. Rather than siren tones, pre-recorded and live voice
messaging are key components of such notifications. Today’s best MNS systems feature
secure digital wireless technology that prevents jamming, interference and eavesdropping
by the enemy, and self-healing capabilities that protect the network in the event of
a disaster.
An MNS can operate stand-alone or be integrated into indigenous security systems. A
chemical/biological agent detection system relays the information to the MNS, which in
turn issues warnings, instructions and commands using voice (outdoor speaker towers
and indoor loudspeakers) and visual devices (LED signs and strobes) to personnel within
seconds. Rapid and automatic responses can be generated using scripts and prerecorded
messages, helping prevent the attack or guiding people to safety during an
attack.
Due to the complexity of threats such as chemical <strong>attacks</strong>, the use of voice is most important
to provide specific life-saving instructions. When warning times are short or nonexistent,
the message becomes even <strong>more</strong> critical. Your solution to alerting personnel is
an MNS that gets the right message to the right people at the right time.
DECEMBER 5, 2005 24 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-017

A Special Supplement to GSN
GUARD SERVICES
HOW TO...
...select a guard services provider
From highly sensitive DoD military installations to federal buildings, security guards
ensure the protection of both government employees, assets and the general public. A
successful contractor should have relevant experience with your mission. The contractor
should also offer financial stability and a proposal, with references, that demonstrates
a complete understanding of your requirements.
Things to consider when procuring guard services:
Does the offeror propose a management and supervision plan backed by the required
corporate commitment to meet the specific needs of the contract Contracts that are
operated in urban close area environments require different supervision procedures
than contracts that are operated over large rural areas. A successful supervision plan
must take into account factors such as how many supervisors are needed to adequately
oversee all posts. If the contractor doesn’t account for supervising their staff, your staff
may have to.
Does the offeror provide the corporate infrastructure and necessary technological
tools to effectively manage the contract Tools such as communications equipment
and scheduling software not only enable performance in an emergency, but also provide
situational awareness and ensure that performance can be adequately measured.
Adequate back office infrastructure to provide payroll, invoicing and quality control is
also critical to providing high quality security services.
Does the offeror provide a responsible quote You get what you pay for. Many times,
from a lack of experience, offerors do not take into account all of the expenses involved
in contract operations such as collective bargaining agreements, labor laws and equipment
costs. This can result in a contractor that finds itself under tremendous financial
constraints that may prove detrimental to its performance.
There are <strong>more</strong> than 130 security guard services providers that hold GSA FSS schedules.
When presented with such a highly competitive market, source selection authorities
must exercise caution against selecting a contractor purely on price. Having a game
plan that focuses on risk identification and cost realism, combined with a true best value
procurement, makes possible a sustainable solution that can meet a customer’s mission
critical security needs.
DECEMBER 5, 2005 26 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-018

A Special Supplement to GSN
INTEGRATED SECURITY SYSTEMS
HOW TO...
...build an integrated security system that leverages
your existing technology
There are several steps to take to ensure that your integrated security system meets
your needs, leverages your existing technology and provides long-term investment protection.
First, research best-of-breed components and systems for each security sub-system. You
should be able to determine which vendors are the leaders in access control, intrusion
detection, CCTV and digital video management systems.
Once you have a short list of vendors, you should ensure that each security sub-system
offers integration and/or the availability of a Software Development Kit (SDK), which
will facilitate seamless integration between the sub-systems. As part of this process,
obtain a list of integration references. In many cases, you may be able to purchase integration
modules used in prior development of a specific project for a set price, rather
than incurring costly development fees.
Another important note about integration is that you should ensure each of the vendors
that you are considering partner relationships. That way you can mandate a vendorteam
approach in the responses to your RFP and ensure that future revisions to each
vendor’s application will maintain the integration you originally procured.
Third, it is important that you can monitor the total security system from one central
workstation, rather than using a separate workstation for each security sub-system vendor.
This will ensure that your video surveillance operation is as efficient and easy to
manage as possible. You also may want to avoid systems that use common databases. If
a sub-system fails, a distributed database, without sub-system dependencies, will ensure
that each of the other sub-systems remain operational.
Finally, award your project to the vendor team that provides the type of integrated solution
you require. Request reference sites of similar projects that the vendor has completed
and ensure that the vendor demonstrates an ability to meet deadlines.
DECEMBER 5, 2005 28 GSN: GOVERNMENT SECURITY NEWS

What can
actionable
intelligence
do for your
security
initiatives
Verint Networked Video
Solutions equip government
organizations to minimize
security exposures and
address security threats before
they can escalate.
Verint Networked Video Solutions transform
video images into actionable intelligence - the
just-in-time information to secure government
facilities and protect assets and lives.
Verint Video Solutions interface with your
access control, magnetometer, and other state-ofthe-art
security systems, issuing automatic alerts
about exceptional events.
Visit us on the Internet at:
www.verint.com/videosolutions
No wonder they call it Actionable Intelligence
For A Safer World.
Verint. Powering Actionable Intelligence.
Copyright Verint, Inc, 2004. All rights reserved.
For <strong>more</strong> information go to www.info.ims.ca/5111-019

A Special Supplement to GSN
MASS NOTIFICATION SYSTEMS
HOW TO...
...notify thousands of military personnel or
civilians of a sudden and critical change in
their situation
Mass notification systems are at the forefront in providing emergency notification to
military and civilian personnel as well as visitors at military facilities around the world.
Especially after the terrorist tragedies in the Middle East, the immediate notification of
all base and command personnel has been recognized as a fundamental life safety and
security requirement that needs to be addressed.
Broadcast announcements for alerting military forces, family members, distinguished
visitors and other personnel under base and command jurisdiction should be adapted for
both emergencies and general use. There is no need to have separate complex systems
inside and outside a building for personnel alerting. Whether the announcement is for
bad weather, a security threat, broadcasting taps or broadcasting a speech during a ceremony,
you should be able to prioritize the functionality and size of the system and plan
for future expansion when feasible.
Equipment solutions for mass notification are flexible, expandable and use high security
technology.
A multi-function communications system that incorporates emergency evacuation, automated
messaging, background music and general paging capabilities can be built to
your specifications and budget. It can automatically broadcast emergency messages and
provide general paging throughout a facility or in selected areas. The system can also
be configured for wireless transmission for giant outdoor wide area voice applications
or it can be used within a base’s buildings such as dormitories, mess halls or auditoriums.
With mass notification, military and civilian personnel can learn what actions to
take during a crisis, whether to evacuate an entire area or move to a safe location. With
the system’s flexibility, people can be kept out of harm’s way or listen to a speech during
a graduation ceremony.
DECEMBER 5, 2005 30 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-020

A Special Supplement to GSN
NIGHT VISION
HOW TO...
...catch would-be intruders on your property in
the middle of the night, without them even
knowing you’re watching
Catching and preventing intruders at high-risk facilities has long been a challenge —
one made <strong>more</strong> difficult when darkness falls. Traditionally, the workhorse product has
been the surveillance camera, possibly integrated with perimeter lighting, intelligent
software and/or some type of “night illumination.” However, the main problems with
all these options are their effective range of visibility and the necessary light sources.
Nighttime illumination in most cases does not give you the visible range you require
in the darkness
The answer is thermal imaging technology. A high-quality thermal imaging camera
can detect potential intruders from <strong>more</strong> than 3,000 feet away — and vehicles from
even farther. They aren’t limited by light sources, are <strong>more</strong> effective in difficult weather
conditions and show people and vehicles in vast contrast to the background, allowing
easier detection both with your eye and with software. Placed at the perimeter,
thermal-imaging cameras give security professionals at high-risk facilities the early
detection capabilities they need to protect people and property.
Thermal imaging cameras detect heat signatures only, such as body temperatures versus
light sources. Because no light is required, not only can you better detect intruders
at longer range, but they can’t detect you watching them because you’re not emitting
any light. You can operate in stealth mode. This results in your ability to identify
security threats even in pitch-black darkness and makes thermal imaging cameras
perfect for nighttime perimeter security. In brief, a thermal imaging camera’s advantages
lead to earlier, <strong>more</strong> accurate threat detection and quicker response times for
your security team. You’ll have the ability to stop intruders — anyone, at any time of
day or night, under any light condition — before they enter your facility to inflict catastrophic
damage.
DECEMBER 5, 2005 32 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-021

A Special Supplement to GSN
PERIMETER PROTECTION
HOW TO...
...secure any perimeter
Securing the outer perimeter of a facility is often hampered by varying physical environments,
but the fundamentals never change. A common mistake in many perimeter
security system designs is placing too much focus on technology and not enough attention
on the overall plan. In some cases, the entire budget is spent on a CCTV system, only
to realize later that a single guard can’t watch multiple monitors with any hope of detecting
an unauthorized intrusion. In any successful perimeter security plan there are five
essential elements: Deter, Detect, Delay, Assess and Respond.
Deterrents filter out alarms caused by harmless passersby. They can be warnings posted
on the perimeter (such as signs at a main entrance) or they can be physical structures
(such as barbed-wire strands on top of a fence.)
Detection tells staff where to look. This is a critical element that is often overlooked or
undervalued. On a large, or even medium-sized perimeter, guards and CCTV systems
provide little detection. Electronic security systems (outdoor perimeter security sensors)
provide the 24x7 vigilant detection required to make a perimeter security plan effective.
Delay provides the time needed to assess the situation and react to a potential threat.
Assessment is the process of determining what type of response, if any, is required. A
lack of proper assessment can cripple a perimeter security plan. Verifying when you
should send a response, or what type of response you should dispatch, decreases system
cost and increases effectiveness.
Response is the action you take on a verified alarm. A perimeter security plan that incorporates
deterrents, effective electronic intrusion detection, sufficient delay and assessment
can dispatch a powerful response without the fear of false dispatch.
Employ these five essential elements and you can secure any perimeter.
DECEMBER 5, 2005 34 GSN: GOVERNMENT SECURITY NEWS

Outdoor
Perimeter
Security
Specialists
Reliable. Effective. Affordable.
Early warning made easy.
For <strong>more</strong> than 30 years, Magal-Senstar has been
producing outdoor perimeter intrusion detection
security systems that reliably detect intruders as
soon as they enter restricted or sensitive areas,
providing the instant advanced warning you or
your security forces need to react. In thousands of
sites, in <strong>more</strong> than 75 countries worldwide, people
are <strong>more</strong> comfortable with their security knowing
Magal-Senstar is defending the perimeter.
• Covert Buried Cable Sensors
• Fence Detection Sensors • Microwave Sensors
• Barrier Sensors • Portable Sensors
• Electrostatic Field Disturbance Sensors
• Alarm Monitoring & Control Systems
• DreamBox - All-in-One CCTV Solution
• Government & Military locations • Airports
• Industrial & Commercial sites • Utilities
• Correctional Facilities • VIP Residences
For <strong>more</strong> information go to www.info.ims.ca/5111-022
Magal-Senstar, Inc.
43180 Osgood Rd., Fremont, CA 94539
T: +1.800.676.3300 F: +1.510.249.1540
E: mkt@magalsenstarinc.com
www.magalsenstarinc.com

A Special Supplement to GSN
PERIMETER SURVEILLANCE
HOW TO...
...service your perimeter surveillance systems
Maintainability is the cornerstone of any surveillance application. When a camera
remains down for <strong>more</strong> than 15-20 minutes, the resulting vulnerability (loss of sight)
can create a passive security breach that requires the costly deployment of live personnel
to secure the area. Typical maintenance for pole- or structure-mounted cameras is
often performed using a bucket truck. The availability or accessibility of such trucks can
mean that a camera will remain off-line for several days. Excessive camera downtime can
cripple any facility, port or border from being able to effectively mount a defense from
impending threats.
Acknowledging the importance of maintainability, which in most projects virtually
always controls mounting height and location, camera deployment becomes an issue of
“how high can the local bucket truck go” and whether “we can get a bucket truck to the
area where the camera is to be located.” However, by employing a CCTV lowering system,
camera locations are no longer determined by where or how high the bucket truck
can go. If the best location for the camera pole is on a railway, on top of a parking deck
or on a pier, cameras can be placed successfully without concern about how the bucket
truck will access the camera.
Regardless of the height or location selected, the ability to quickly and easily access the
cameras for maintenance can make a huge difference in the overall success of their use.
If the camera cannot be quickly and efficiently maintained, money spent on the cameras
themselves becomes a waste. The implementation of a camera-lowering device allows a
single person to access cameras in a matter of seconds. All maintenance or replacement
can be done safely at ground level.
This CCTV lowering device technology is already in use throughout most state departments
of transportation in their intelligent transportation system deployments. This lowering
technology is also currently used by the U.S. Customs and Border Protection service,
NY/NJ Port Authority and Department of Defense at several locations. With the ability
to perform required maintenance or replace a downed camera in less than 10 minutes,
CCTV lowering systems should be an important consideration for any perimeter security
application.
DECEMBER 5, 2005 36 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-023

A Special Supplement to GSN
SECURITY MANAGEMENT SYSTEMS
HOW TO...
...pull together alarm monitoring, video
surveillance, access controls and smart cards
into an integrated system
When designing a security management system that will ensure flawless interoperability
between multiple, complex components — both now and into the future — a number
of key elements are essential.
The integration must be seamless. This implies a single system in which various components
can be seamlessly plugged through well-defined “open interfaces” and behave as
integral parts of the system.
The system must be based on an open design that relies on current de facto computing
standards for seamless integration with the corporate infrastructure, and that provides
a standard way of integrating with the outside world to offer real-time, bi-directional
data exchanges with external systems. Application software must be designed using offthe-shelf
objects libraries as well as the latest technologies and tools available.
An integrated system must provide a single network and software platform that supports
unlimited scalability. The system must offer centralized system configuration,
management, monitoring and reporting, with a single, centralized data depository and
a single graphical user interface for all applications.
The system must provide a seamless cardholder enrollment process. Biometric templates
must be captured when the cardholder is enrolled, then distributed to access controllers
or encoded directly to the cardholder’s smart card credential. The system must offer single-point
encoding and management of all smart card data, and provide all the tools
needed to manage ID-related information.
The system must have a distributed network architecture, with all access decisions and
template comparisons being made and processed in real time at the field hardware,
rather than relying on the host computer. The system must be able to link cameras to
specific hardware devices to create an association in the central database, so that digital
video clips can be linked in real time to associated alarms.
When these characteristics are built into the design, a system can be created that satisfies
an organization’s unique security requirements and achieves seamless interoperability
between the component subsystems.
DECEMBER 5, 2005 38 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-024

A Special Supplement to GSN
THERMAL IMAGING
HOW TO...
...spot even the sneakiest intruder trying to
enter your property at night or during bad
weather
As the need to maintain security 24 hours a day, seven days a week, in all weather conditions
increases, security professionals are challenged to find real solutions for intrusion
detection.
More CCTV cameras in <strong>more</strong> locations and complicated security systems don’t guarantee
coverage in all conditions. Unlit pathways become safe routes for intruders trying to
gain access to your facility.
The best solution to address all hour, all weather intrusion detection is thermal imaging.
Thermal imaging cameras detect the heat signatures of intruders and can identify a
human presence from multi-kilometer distances.
Thermal imaging also allows crisp, detailed imagery at night, with no additional lighting
required. Additionally, thermal imaging cameras are able literally to see through
weather conditions such as fog, haze and smoke.
For anyone who has a large area to monitor, or a long fence line to survey, thermal
imagers are ideal. With a wide-angle imager, you can detect movement in an area, then
slew-to-cue a long range, high-resolution imager to identify the source of the disturbance.
Thermal imaging also saves time — security officers can respond to alarms instantly by
targeting the source of the alarm with a thermal imaging camera. By identifying alarm
sources without having to be on the scene, security professionals can weed out the false
alarms and respond with the appropriate resources to real alarms.
Using thermal imaging for intrusion detection allows security professionals to see what
they are missing with traditional security cameras. Thermal imaging increases response
time, decreases false alarms and guarantees coverage of your facility in all conditions.
DECEMBER 5, 2005 40 GSN: GOVERNMENT SECURITY NEWS

77 Countries, 84 Events
One Security Solution
FLIR ThermoVision®
Preparing for the 2006 Winter Olympics, the security
team at SAGAT Turin Airport needed a perimeter
surveillance system that would operate 24/7 in snow,
rain, and fog. They selected FLIR ThermoVision. Why
Because ThermoVision harnesses the power of thermal
imaging, allowing security professionals to easily detect
movement and identify threats. Now, instead of reacting
to every tourist taking pictures or gust of wind, officials
know where and when to react - even during the harshest
winter conditions. Whether it's tourists, torrents, or
terrorists, ThermoVision is the 24/7 tool that identifies
your trouble.
ThermoVision ®
Sentry II
ThermoVision ®
Integration Series
ThermoVision ®
2000
FLIR offers a broad spectrum of solutions, price points, and performance
specifications for your specific requirements
USA: 1.888.747.FLIR
International: +44 (0) 1732 22 0011
Learn <strong>more</strong> at:
www.flir.com
For <strong>more</strong> information go to www.info.ims.ca/5111-025

A Special Supplement to GSN
VIDEO SURVEILLANCE
HOW TO...
...design a network-based video
surveillance system
Systems integrators and end-users who wish to make the transition to a network-based
video surveillance system generally begin with the deployment of cameras — usually in
remote areas such as a parking facility or satellite locations that require a dedicated network
infrastructure. Cameras operating on a network are truly digital by definition.
Digital signals being transmitted from a camera’s output across a network do not undergo
any analog-to-digital conversion. Therefore, there is little concern about signal loss
down the system’s chain as video signals are processed and eventually recorded. This
presents a significant improvement in picture quality over conventional analog-based
systems.
Ease of transmission and camera access are two other important operational benefits.
Cameras can be accessed by their assigned addresses on an Ethernet-based LAN or WAN,
using a standard Internet browser, just as you would access your favorite Web sites by
their URL addresses. This provides system designers with many different options when
establishing the control and access parameters for a video surveillance system, especially
in the areas of software-based control and digital video recording.
It’s important that you (and / or the system designer you are working with) clearly define
the role that IP cameras and related networked products will fulfill in your system.
Here are a few key questions to consider:
• What will be the man-to-machine interface PC or conventional NTSC hardware
• How many users / locations will be viewing the camera / system
• What infrastructure is available or will be needed for the camera / system — WAN,
DSL, T1 or LAN subnet
• What are the image quality / frame rate considerations
• Will recording be accomplished remotely, from a central location or some combination
of the two Will recording be done on a server or stand-alone DVRs
DECEMBER 5, 2005 42 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-026

A Special Supplement to GSN
VIDEO SURVEILLANCE EQUIPMENT
HOW TO...
...protect your CCTV cameras from damage,
destruction and deluge
Video camera security/surveillance is the best site protection against terroristic acts, and
budgets being what the are, usually the only protection. If camera surveillance doesn’t
actually protect its site, it may well identify the terrorists — as recently demonstrated in
the London Underground — and so prevent a future calamity.
Therefore, it behooves you to protect your expensive camera from various forces, both
human and natural, so it can perform its intended function. Various studies have
revealed that terrorists generally have above average intelligence, so you can be sure
they will try to disable the camera if they can do so expeditiously and swiftly.
Protect against...
Destruction: The housing must withstand repeated blows from a crowbar, tire iron or
similar implement. Therefore, the housing should be fabicated of heavy-gauge steel, not
plastic, aluminum or mild steel.
Theft: A key to theft protection is the utilization of special vandal-resistant fasteners.
Deflection off target: Terrorists and thieves know that tilting a camera’s aim as little as
two degrees off target often will leave it useless. The bracket should allow the housing
to be readily aligned and locked in place. Bracket mount should be designed so that the
weight of a 200 pound man hanging from the enclosure will not deflect it.
Hurricanes: A bracket design that protects against target aim deflection by manual force
will also protect against Category 5 hurricane winds. Protection against torrential rain
is afforded by careful construction, close tolerances and proficient use of neoprene gaskets
and O-rings. Housing should have a high IP enclosure rating. Ratings of 67 and 68
are optimal.
Rust and Corrosion: Housing should be fabricated from 304 stainless steel. Other steels
will rust; and aluminum will pit and powder.
Firearms: Even though the housing may be mounted well out of reach, its window can
still be shot out. To prevent this, window material must be triple-ply ballistic polycarbonate.
Ballistic window gauge should be 3/4” thick to protect against 9 mm, and 38 cal.
slugs 1 1/2” gauge resists a .357 Magnum.
Failure: In conclusion: Buy quality; buy once and buy right. Cheap, “budget” housings
(or virtually anything) cost infinitely <strong>more</strong> in the long run — the price of failure is astronomical,
and could be catastrophic. Don’t let it happen on your watch. It is not well
known that a product doesn’t have to have electric or electronic components to get an
Underwriters Laboratories listing. UL exhaustively tests a variety of functions, and its
mark ensures that manufacturers live up to their claims.
DECEMBER 5, 2005 44 GSN: GOVERNMENT SECURITY NEWS

Set it and Forget it
SecureCam ® by SecureVue Inc.
Protects your Video Camera...
For Sure and Forever
Defies terrorists, vandals & thieves
THEY CAN’T GET IT
THEY CAN’T BREAK IT
THEY CAN’T DAMAGE IT
THEY CAN’T SHOOT IT OUT
THEY CAN’T TILT ITS AIM OFF TARGET
SecureCam Protects Against Weather Extremes: Hurricane Force Winds Torrential Rains
Corrosive Environments. So impregnable, it earned this incredible guarantee:
The incredible guarantee
The housing itself is guaranteed forever against breakage,
deformation and corrosion. Your camera is guaranteed too!
If your camera inside a SecureCam housing is damaged, or
stolen, we will replace the camera.
The SecureCam can’t be moved off target
•SecureVue has a patented tamper-resistant bracket
mount that is easily aimed on horizontal and vertical
axes.
•It is locked in place by a proprietary hex wrench that
protects it against manual force.
•Protected by two U.S. patents, SecureCam is the only
totally vandal-proof housing in the world
The SecureCam is invulnerable and bulletproof
•Entire housing is heavy-gauge type 304 stainless steel
and the window is 3/4” gauge ballistic three-ply polycarbonate,
which stops 9 mm or 38 caliber bullets.
The SecureCam image is always right-side-up
•Camera enclosure compartment is cylindrical and
rotatable — a patented feature — so the monitor’s
image is still in an upright position even when the housing
is mounted upside-down or vertically, and locked.
Buy SecureCam. Enjoy Peace of Mind.
UL Listed • Highest IL-68 Rating
Holds two U.S. Patents
SecureVue Inc.
251 East 51st Street, New York, NY 10022
ph: 212-752-5960; fax: 212-888-7387
e-mail: don@securevue.net
Web site: www.securevue.net
For <strong>more</strong> information go to www.info.ims.ca/5111-027

A Special Supplement to GSN
X-RAY
HOW TO...
...use X-ray technology to screen airline passengers,
airline cargo and the U.S. Mail.
X-ray technology has provided the basis of security screening for decades and will continue
to play a vital role in the future. Like any technology, X-ray has strengths and
weaknesses and when used alone can be inadequate at detecting some types of threats.
The most effective way to screen passengers and cargo employs X-ray along with other
approaches. When complementary technologies are combined into a single system,
detection is improved and security is enhanced.
Passenger screening can be improved with backscatter systems that complement today’s
metal detectors. Backscatter X-ray is completely safe, available today and is the most
effective way to screen for non-metallic threats such as explosives or ceramic weapons
that may be concealed under clothing.
Quadrupole resonance (QR), in combination with X-ray, can be deployed to detect automatically
the most dangerous and hard to find categories of explosives in both baggage
and mail. Combined X-ray and QR systems are now available.
The most effective way to screen airborne cargo is high energy X-ray combined with
neutron analysis. The addition of neutron analysis provides automatic detection of
explosives (by gamma-ray spectroscopy) whereas X-ray alone provides an image that
requires operator inspection. Automatic detection is a vital part of cargo screening
because it reduces false alarms and preserves the rapid flow of commerce.
Technology alone is not the answer. Resources are limited, money does not grow on trees
and our society must find a lawful and effective way to allocate the vast majority of security
spending to the small fraction of passengers and cargo that pose real threats.
Without a resolution to this problem, scarce resources can drive an unacceptable outcome
— the lowest-common-denominator.
When looking to solve the most difficult challenges in security, X-ray combined with
other complementary methods provides a logical path forward.
DECEMBER 5, 2005 46 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-028

From Page 1
GE builds a diverse security portfolio
strives to offer innovative solutions to
provide optimal security to its customers.
According to GE Homeland
Protection President Dennis Cooke,
GE reviewed its businesses
a few years ago and
picked those in its portfolio
that would grow faster
than the global economy
and to which GE could
bring value through technology
and service. GE
identified the top four
growth markets as
healthcare, energy, water
and security. Noting that
the security arena had
significant potential, GE
Security officially formed its homeland
protection division on Dec. 6, 2004.
Chief Marketing Officer Mike
Cavanaugh said that, while the official
creation of the division took place only
a year ago, the events of September
11, 2001, heightened the company’s
dedication to security issues, causing
it to devote significant resources to
acquire companies like Ion Track and
InVision, as well as to the research
and development of new homeland
security solutions.
Initially, Cavanaugh said, the division
was very focused on the aviation market.
While GE Security is still concentrated
in that arena, the company’s
focus has evolved to include solutions
for transportation and mass transit,
local and state governments, corrections
and law enforcement, nuclear
and petrochemical plants and the private
sector as well.
“Aviation, the military, and the federal
government continue to be big markets
for us,” Cavanaugh said. “But
there are lots of opportunities in mass
transit and the private sector. We’ve
just scratched the surface.”
Cavanaugh said the marketplace has
been very receptive to GE and its products,
although he is not sure to what
extent the market is aware of GE’s
broad range of solutions.
“GE is a name that’s familiar and
that people can trust,” Cavanaugh
said. “Protecting people, assets and
community is at the absolute core of
what we do.”
PRODUCT FOCUS
From a product perspective, GE’s
homeland protection division relies primarily
on two technologies: trace products
and explosives detection systems
(EDS).
Trace products are categorized as
portables, desktop devices or portals,
and are most commonly used by the
federal government, the military and
law enforcement. Trace products are
Dennis Cooke
used for explosives and narcotics
detection.
GE’s VaporTracer is a portable, handheld
device used to detect and identify
microscopic traces of explosives or narcotics
in a matter of seconds.
At seven pounds, the
VaporTracer has numerous
applications at airports,
seaports, military
bases, embassies, nuclear
plants, corrections facilities,
crime scenes and
other venues. With instant
results, operators aren’t
required to analyze data.
Instead, they can concentrate
on obtaining samples
by swiping, direct
sampling or vacuum sampling.
One application of the VaporTracer
is its use at military bases in the
Middle East. Door handles of vehicles
are swabbed before the vehicles are
allowed past checkpoints or entry into
secured areas.
“We’ve gotten really positive
feedback from the troops,”
Jim Housman, government
and military sales manager,
said of the company’s explosive
trace detection (ETD)
technology.
With approximately 1,000
units in Iraq, the ETD was
recently employed to locate
improvised explosive
devices (IEDs).
“You never know when
something will have an
impact,” Housman added.
Another portable trace
device being used by law
enforcement, customs and
borders officials, forensics
labs and first responders is
StreetLab, a seven-pound
substance identification
system. With a single test,
StreetLab uses laser-based
Raman technology to identify
a wide range of contraband-like
explosives, powders
and pills, without damaging the original
sample. No chemicals are used in
the identification of unknown substances,
making this methodology both
economical and safe to use. The device
contains an extensive library of identified
substances that can be updated
and expanded by the user.
Categorized as a desktop device, the
Itemiser FX is used to detect traces of
explosives and narcotics in a matter of
seconds with the imprint of a single
finger. Shaped like a projector with an
instructional screen, Itemiser FX can
be used at security checkpoints, such
as airport security terminals, public
transportation and government buildings,
prior to allowing entry. With this
system, people can do the screening
themselves, while being monitored
remotely by security personnel.
Introduced last September, the
Itemiser FX is in beta testing in the
Persian Gulf nation of Qatar and by
the U.S. Coast Guard.
Yotam Margalit, marketing leader of
aviation and transportation, envisions a
number of uses for the Itemiser FX
technology. For example, it could be
introduced into GE’s shoe scanner or
as part of a mass transit kiosk where
passengers are screened when purchasing
their boarding passes. In the long
term, Margalit said the Itemiser FX
could be used as part of the baggage
checking process at airports, which he
expects to be <strong>more</strong> highly scrutinized
in the future.
GE’s EntryScan, a trace product categorized
as a portal, is used to do full
body scans at a point of entry. Using
non-intrusive technology, the user
walks through the entry scan portal
that resembles a
metal detector used in federal buildings
and airports. The user is then tested
for explosives and narcotics residue.
The EntryScan product is currently
being used on visitors to the Statue of
Liberty who must be screened before
entry into the federal monument. GE
executives point out that the end user
determines the protocol as to how and
by whom the mechanism functions,
and what actions will be taken if explosives
or narcotics are detected.
In addition to its current use,
Margalit expects the EntryScan to be a
key component in the company’s vision
for the security checkpoint of the
future, an integrated approach that
envisions using a combination of technologies
to enhance security.
On the EDS side of the house, GE
employs several technologies to identify
explosives and weapons. Using X-ray
diffraction, for example, GE’s CTX
machines screen checked baggage for
objects falling within a certain density
that are known to be explosives or
weapons. When suspicious items are
found, the CTX machine identifies the
object based on its molecular signature.
If an item is found to be a potential
threat, the system triggers an
alarm, and the object appears on a
screen for evaluation by a trained technician.
It is then flagged for secondary
screening according to the end user’s
security policies and procedures.
Certified by the TSA, the CTX 5500
DS is the most widely used EDS system
in the world. Although specific
locations were not shared with GSN,
Margalit did say that GE has the
largest market share of such devices in
airports today.
“It’s a big thing for us right now,”
Margalit said. “We have a physical
product certified by the TSA. That’s a
very exciting element for us.”
In addition, Margalit said this
product has the potential for
reducing manpower as well
as the human error inherent
in the screening
process.
“Security technology
actually has the potential
for reducing
costs,” he said.
Another EDS product
developed by GE is
a shoe scanner that
scans shoes without
having to be removed.
Instead, the passenger
steps onto a small
bridge that scans the
soles of the person’s
shoes for metals and explosives.
In addition, GE offers its
millimeter wave imaging portal
as an alternative body imaging device.
Using harmless, non-ionizing radiation,
the portal takes a full body scan
to generate a three-dimensional image
of a given subject. The operator looks
for anomalies that are not a part of the
anatomy. Subjects who are cleared may
continue through the security checkpoint,
while those in question will proceed
to a security team for further
investigation. This device replaces
metal detectors and is considered to be
far less intrusive.
Of some concern with this product,
however, is the perception that a person’s
privacy might be invaded. Chief
technology officer Jay Hill addressed
those concerns, stating that GE deals
regularly with privacy sensitivities all
DECEMBER 5, 2005 48 GSN: GOVERNMENT SECURITY NEWS
MARK KAPLAN

around the world.
“Privacy is really important to us,” Hill
said. “We want to do the right things.”
While not a part of GE’s homeland
protection business, GE Security’s
Commerce-Guard is another innovative
product designed to protect assets. The
CommerceGuard container security
system includes a container security
device (CSD) that, when armed, alerts
officials electronically if an ocean-going
container has been opened. If the container
is not opened, a tracking report is
provided along the route. However, if it
has been opened, officials at key transit
points are notified of the trespass so
that further action can be taken. Using
radio frequency technology, the product
is being used worldwide to protect
cargo, its carriers and recipients.
LIVING UP TO EXPECTATIONS
Cooke said GE’s homeland protection
business has “absolutely” lived up to the
company’s expectations in its first year.
While historically focused on the area
of aviation, Cooke said the company is
growing quickly in the international
market and is working toward increasing
passenger security, efficiency and
throughput, while reducing the end
user’s costs.
As homeland protection celebrates
its first anniversary this month, Cooke
expects the business to expand into
other vertical markets, including
nuclear power plants, mass transit,
corrections facilities and police
departments.
“We have the opportunity to integrate
multiple technologies in a given market
for use in other markets,” Cooke said.
“We’re excited about security and are
pleased to be in the space.”
BEATING THE COMPETITION
Since 9/11, a number of vendors have
brought homeland security products to
the marketplace. None, however, has
done so in quite so diversified a way as
General Electric. It is the only company
that has combined CT technology, X-ray
diffraction, trace products and biotechnology
along with <strong>more</strong> traditional
GE’s “security checkpoint of the future” envisions using multiple technologies
security products to solve its customers’
challenges.
“We’re the company that has all of
these technologies available, and our
objective is to pull them together into
comprehensive solutions for customers,”
Cooke said. “I don’t think
anybody in the world has that today
outside GE.”
In addition, GE prides itself on its
training and customer support services.
Not only does it train end users to operate
its products, but it also provides
ongoing service, support, maintenance
and repair as needed. It can even provide
financing when needed.
“It’s a full turn-key solution,”
Housman said.
WHAT’S NEXT
While GE officials would not speak
about the company’s future acquisition
plans, they did say the company would
allocate additional resources to its trace
business and to the CT technology used
for checked baggage, including new
technology to determine the content of
bags. It will also devote funds to reducing
the number of false alarms generated
by such systems, as well as costs for
the end user.
“Our passion for technology is the key
to solving the world’s problems and
driving organic growth,” Cooke said.
“We are zeroed in on technology development
to solve the key problems in the
world and to be both a good and a great
company.”
“A great company is defined as a
company that is profitable and able to
grow, and a good company means that
we do things that help solve the
world’s problems.”
For <strong>more</strong> information go to www.info.ims.ca/5111-008
GSN: GOVERNMENT SECURITY NEWS 49 DECEMBER 5, 2005

From Page 1
CBP copes with heavy traffic at the border
Protection port director holds his left hand
in the classic wingman position with one
plane which he says represents security at
the 12 o’clock position and the right hand
representing rapid logistics at the 6 o’clock
position.
But in the war on terrorism, Garza said
he wants equilibrium between security and
the logistical nightmare of expediting thousands
of trucks and railroad cars that travel
through this south Texas community.
“I want a balance between security and
moving people to their destinations,” Garza
said, moving his hands to the 3 o’clock and
9 o’clock positions. Standing outside his
office, located within 50 feet of the
Lincoln-Juarez Bridge, Garza said he has a
goal of moving each vehicle heading south
or north within 55 minutes, if not less.
“If my people are not meeting these
standards,” he said, “I am not happy, and if
I keep people waiting for almost two hours,
I have to inform my bosses in Washington,
DC, about the reason for those delays.”
Technology has helped agents like Garza
to try to secure the U.S.-Mexican border,
while moving passengers and freight
through Laredo. The United States Visitor
and Immigrant Status Indication
Technology (US-VISIT) program helps
Garza and the DHS staff identify both possible
risks as well as those who pose low
risk. With the help of specialized radar and
other sensors, U.S. Customs and Border
Protection agents can quickly expedite the
movement of either tractor trailers or
freight trains.
“If an agent suspected something was
wrong, it could take him up to six hours to
manually inspect a vehicle,” said Jose
Uribe, the U.S. Customs and Border
Protection assistant port director of trade
operations. “Now,” he continued, “the
same agent could inspect a vehicle with a
special X-ray in about six to eight minutes.”
Agents have special gamma ray monitoring
devices, and each agent wears a personal
radiation detector during his duties at ports
like Laredo.
“The CBP does not rely on any single
technology or inspection process,” said
Rick Pauza, the Laredo-based U.S.
Customs and Border Protection public
affairs officer. “Instead, officers and agents
use these technologies in different combination
to substantially increase the likelihood
that terrorist weapons, including a
nuclear or radiological weapon, will be
detected and interdicted.”
Adding a special freight inspection center
for semi-trucks has also expedited the
flow of goods via the 18-wheeled vehicles
that travel down Interstate 35 from San
Antonio and other major throughways.
“Having a separate facility has really
helped us expedite these vehicles,” said
Uribe, describing the difference the separate
facility has on expediting both commercial
and passenger vehicles through
the port of Laredo.
The inspection facility for trucks
resembles that of Checkpoint Bravo from
the days of a divided Germany. Set off
from the people who drive personal autos
for vacations, to visit families or to legally
work in the U.S., the U.S. Customs
and Border Protection facility changes
staffing hourly to meet the 55-minute
standard.
Transportation companies work with
brokers to further expedite the inspection
paperwork needed to travel into Mexico
and the U.S. Arriving early in the morning,
these brokers can turn in the paperwork or
they can use the Automated Commercial
Environment (ACE) to provide the documentation
of goods moving between both
countries for truckers who transit Laredo
at 7 p.m. every day.
Uribe said his staff works with their
Mexican counterparts to make sure that
his staff has enough people for holidays
such as the Nov. 2 All Souls Day holiday
and the Jan. 6 Feast of the Three Kings.
“A lot of people try to make it home for
these Mexican holidays, and we need to
have sufficient staffing to handle them,”
he said.
Still, Garza said he knows that terrorists
would love nothing better than to upset
traffic between the two countries. “If a
terrorist act has disrupted trade, it can
have a major impact on our two
economies.”
“Losing a bridge to terrorism could
raise the cost of goods and add extra
inconvenience,” said Joe McKinney, a
professor of international economics at
Baylor University.
Trade between the two countries
dropped by about 400,000 export and
import vehicles in the first year following
the 9/11 tragedy, Pauza said. His
agency projects that this year shipping
will return to the pre-9/11 levels.
Even while technology has helped
agents do their jobs in battling terrorism,
deterring drug traffic and the flow
of illegal immigrants through the ports,
Uribe said his agents still have to rely
upon training and experience.
“Technology can only do so much,”
he maintained,”but a well-trained agent
who has a gut feeling can deter a terrorist
or find a drug smuggler based on the
way he observes the eyes of a driver
crossing our border.”
For <strong>more</strong> information go to www.info.ims.ca/5111-009
DECEMBER 5, 2005 50 GSN: GOVERNMENT SECURITY NEWS

From Page 1
Smart buildings can improve safety
Fire Research Lab at the National
Institute of Standards and Technology
(NIST).
Holmberg and his colleagues think
there’s a better way. That’s why NIST is
now studying how “intelligent” building
systems can be used by first responders to
accurately assess real-time emergency
conditions. “In the Building and Fire
Research lab,” said Holmberg, “our focus
is on connecting the first responder to
information available from various control
systems.”
Under NIST’s program, the building’s
floor plans, along with data from motion,
heat, biochemical and other sensors and
video cameras go directly to dispatchers.
First responders would also get status
information concerning a specific building’s
elevators, mechanical, lighting, security
and fire systems, its temperature and
smoke conditions and most importantly,
the locations of the building’s occupants.
The key isn’t just having the technology.
That already exists. The solution is creating
an interface so that first responders
can monitor the systems in these buildings,
regardless of manufacturer, in case of
an emergency. NIST is working to develop
standards so that manufacturers can create
intelligent building systems that use
wireless networks and other types of communications
to send information to first
responders.
“Company B may use different formats
that cannot connect to the dispatch software
or the building,” said Holmberg.
“Both sides are proprietary and you have
some proprietary gateway interface. Our
focus is on getting those companies to say
what they’re doing.”
Add intelligent software to read the
building’s situation while providing
a model of the fire’s scale,
and suddenly first
responders have a
complete picture
of what’s happening
inside
a building.
“Intelligent
software
based on
alarms and
temperature
can tell you
how big the
fire is, how
dangerous
it is and how
fast it’s
growing,”
Holmberg
said.
Not surprisingly, first
responders would welcome
the data a building
could provide to dispatchers.
Lt. Dallas Lipp, of Montgomery
County Fire and Rescue in Montgomery
County, MD, has worked with NIST on the
smart buildings program and thinks that
the biggest advantage is its potential to help
first responders know exactly what’s going
on in a building before they even get there.
Others feel the same way.
“The <strong>more</strong> information we have, the
better,”
said Bill
Killen,
president
of the
International
Association
of Fire
Chiefs and
RANDALL KAPLAN
a first
responder
for almost
50 years.
“It [smart
technology]
makes
sense from
a pre-fire
planning
perspective.”
With software
providing
an idea of a
fire’s scale, and sensors feeding information
back to the dispatchers, the incident
commanders will not only know where
the fire is but also how to respond. That
means knowing how many trucks and
people should be sent to the scene, as
well as having a plan to fight the fire
within 5 or 10 minutes of alert.
Otherwise, firemen have to get to the
scene and go inside the building to know
how to properly mobilize. “The information
would be readily available to us in a
common format,” Lipp said. “We would
be better able to scale the event.”
Smart technology also gives first responders
<strong>more</strong> control. The incident commander
is able to monitor devices in the
fire control room, which could be a huge
advantage in the case of a nuclear, biological
or chemical attack that made the fire
control room inaccessible.
Firefighters would also have fewer surprises
when going into a burning building.
“When we do send people in, they’d have
greater situational awareness,” said Lipp.
“For instance, if we see doors opening, we
know people are in the building. Knowing
where the people are in the building is one
of our ultimate goals. It’s very time consuming
to find people.”
In the long run, finding people and saving
lives is the first responder’s goal. “To
be able to send information about the
floorplan or information from sensors,
detectors or video equipment, can
absolutely be a remarkable tool,” said
Killen. “I believe it would enhance the
ability for us to do our jobs better as emergency
responders and would clearly help
in preventing loss of lives.”
DIRECTORY OF CONTACT INFORMATION FOR ADVERTISERS IN THIS ISSUE
For <strong>more</strong> information from any of the companies listed below, please use the contact information presented here.
Actcom Security Solutions
Ad on page 52
877-613-3580
www.actcom.org
For <strong>more</strong> info go to
www.info.ims.ca/5111-010
Canberra Industries, Inc.
Ad on page 23
800-243-4422
www.canberra-hs.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-016
GSA Schedules, Inc.
Ad on page 14
301-805-1300
www.gsa-schedules.com
For <strong>more</strong> info go
www.info.ims.ca/5111-007
Intelagard
Ad on page 21
303-309-6309
www.intelagard.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-015
Magal-Senstar Inc.
Ad on page 35
800-676-3300
www.magalsenstarinc.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-022
RSA Conference 2006
Ad on page 3
www.rsaconference.com
Varian
Ad on page 19
702-938-4859
www.varian.com/SIP
For <strong>more</strong> info go to
www.info.ims.ca/5111-014
Ameristar Fence
Ad on page 55
866-467-2773
www.ameristarfence.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-011
Chyron
Ad on page 4
631-845-3880
www.chytv.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-001
HID Corp.
Ad on page 56
800-237-7769
www.hidcorp.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-012
L3 / Thermal Eye
Ad on page 33
800-990-3275
www.thermal-eye.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-021
MG Squared
Ad on page 37
205-823-6688
www.loweringsystems.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-023
Sceptor
Ad on page 50
816-360-3895
www.sceptorindustries.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-009
Verint Systems Inc.
Ad on page 29
303-450-5900
www.verint.com/videosolutions
For <strong>more</strong> info go to
www.info.ims.ca/5111-019
ARGOTracker
Ad on page 17
520-202-2785
www.gsn.argotracker.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-013
Evan Scott Group Int’l
Ad on page 12
610-940-1677
www.evanscottgroup.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-006
International Fiber Systems
Ad on page 5
800-824-5990 x180
www.ifs.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-002
Lenel Systems Int’l, Inc.
Ads on pages 8 & 39
585-248-9720
www.lenel.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-004, p.8
www.info.ims.ca/5111-024, p.39
Panasonic
Ad on page 43
www.panasonic.com/intelligent
For <strong>more</strong> info go to
www.info.ims.ca/5111-026
SecureVueInc.
Ad on page 45
212-752-5960
www.securevue.net
For <strong>more</strong> info go to
www.info.ims.ca/5111-027
Wheelock Inc.
Ad on page 31
800-631-2148
www.wheelockinc.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-020
To join this list of
GSN advertisers,
please contact
Ed Tyler, Publisher, at
212-925-7300, ext 232
Black Hat
Ad on page 49
206-443-5489
www.blackhat.com
For <strong>more</strong> info go
towww.info.ims.ca/5111-008
FLIR Systems, Inc.
Ad on page 41
888-747-FLIR
www.flir.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-025
InfoUSA
Ad on page 10
866-325-8140
infousagov.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-005
MadahCom
Ad on page 25
941-487-2300
www.madah.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-017
Rapiscan
Ad on page 47
310-978-1457
www.rapiscansystems.com
For <strong>more</strong> info go to
www.info.ims.ca/5111-028
US Protect
Ads on pages 1, 7 & 27
301-587-8001
www.usprotect.com/gsn
For <strong>more</strong> info go to
www.info.ims.ca/5111-003, p.7
www.info.ims.ca/5111-018, p.27
GSN: GOVERNMENT SECURITY NEWS 51 DECEMBER 5, 2005

From Page 1
GIS moves into security’s mainstream
In a landmark achievement, President vant data for strategic planning. GIS can The Pennsylvania Enterprise
Bush signed into effect the “Safe, also help emergency personnel track locations
Geospatial Technologies Data
Accountable, Flexible, Efficient
using sophisticated mapping tech-
Architecture (EGTDA) project has been
Transportation Equity Act: A Legacy for
Users,” (HR 3) last August. The bill calls
for inclusion of GIS technology in any
comprehensive interoperability or information-sharing
plan.
niques during times of actual incidents.
The threat of terrorism and the dangers it
presents is a challenge for all responders. A
prudent response depends not only on federal
agencies, but also on local public works
funded by the U.S. Department of
Homeland Security’s 2004 Information
Technology Evaluation Program (ITEP)
grant project. Pennsylvania is one of 13
states to receive this grant to enhance its
Additionally, the Senate Appropriations departments and
homeland security
Committee has approved funding for a
“Real Time Geospatial Video Sensor
organizations.
These organizations
efforts.
According to a
Intelligence” project with the U.S. Army. have the logistical
statement by
Sen. Conrad Burns (R-MT), a staunch
proponent of the project, said “we must
expertise to expedite
the response and
GeoDecisions, interoperable
geospatial
always be seeking ways to improve the carry out essential
mapping services
safety and effectiveness of our armed
forces. Technological research such as this
is a key component to not only ensuring
the effectiveness of our troops, but making
tasks when it comes
to the prevention
and detection of
threats.
and XML application
Web services
are being implemented
to provide
sure that they hold the edge far into the Since March
data integration
future. I'm hopeful we will be able to
maintain the funding for this program
through the congressional process.”
The use of GIS technology is vital in
supporting our nation's homeland security
efforts. The system is able to display tables
based on geographic references in the
2003, the DHS
grant program, including the Office for
Domestic Preparedness (ODP), FEMA
and TSP, have dispersed $7 billion to
state governments for emergency preparedness
and response.
One state that is an active player in the
among state agencies
and first responders throughout the
state. Creating this single source of data for
homeland security will support decision
makers in generating intelligent maps and
performing further geospatial analysis.
“Geospatial technologies are essential to
form of maps. GIS is a type of geospatial arena of geospatial technology is creating successful and effective homeland
technology which is able to store and analyze
data that represents geospatial features.
GIS databases have been previously
used to grant both governmental and nongovernmental
Pennsylvania. GeoDecisions, of Camp
Hill, PA, has built a model that will make it
feasible for all government levels to share
geospatial data to enhance that state’s
security and incident response sys-
tems to support threat assessment, planning,
and response capabilities,” said Jim
Knudson, director of the bureau of
organizations access to rele-
homeland security response.
geospatial technologies in the
Pennsylvania Governor’s Office for
Information Technology.
Last year, Congress directed $8 million
of the IT part of the 2005 DHS
budget toward development of geospatial
mapping.
Last March, DHS issued detailed guidelines
specifying the need for a closer look
at the Commercial Equipment Direct
Assistance Program (CEDAP). In these
guidelines, the DHS announced a new
pilot program designed to transfer GIS
technology to smaller jurisdictions.
The time has come for GIS capability to
be channeled in a user-friendly way for
smaller areas. This means DHS will have
to shift its focus from larger to smaller
areas, since smaller areas have proven to
be <strong>more</strong> vulnerable and less than adequate
in dealing with security threats.
In his June 2004 congressional testimony,
Fred Corle, president of the Spatial
Technologies Industry Association, noted
that cities as well as counties have used
GIS to track, analyze and respond to
threats, which range from natural disasters
to national security.
In hopes of increasing profitability and
gaining an edge, companies are calling for
governmental departments to subsidize
GIS technology. With this boost, such
companies hope to acquire a portion of this
marketplace before it becomes saturated.
In a press release last August,
Plangraphics, Inc., of Frankfort, KY,
announced the extension of its GIS services
contract, which will allow it to continue
For <strong>more</strong> information go to www.info.ims.ca/5111-010
to pursue projects from multiple city agencies.
Plangraphics has implemented a
mapping application (ArcIMS) and an
Emergency Online Locator System
(EMOLS). The programs have a spatial
template design for emergency preparedness
that allows for the extraction
of GIS data and to share that information
via a portal.
The most recent development in terms
of integration of security systems has
occurred at the Tallahassee Regional
Airport. Vidient Systems Inc., of
Sunnyvale, CA, has designed a new system
called SmartCatch 2.5 which is based on a
model by G5 Technologies, Inc., of
Cherry Hill, NJ. SmartCatch uses realtime
video data and feeds it into a GIS program
to send alert messages to airport
security. Bill Adams, CEO of G5
Technologies, which is the systems design
and general contractor for the project, said
that G5 has added software that will let
agencies consume data from various
remote sensing devices such as cameras,
pagers, radios and PDAs.
“GIS can provide a unified environment
to make sensor and data systems <strong>more</strong> useable
to the operators of those systems,”
Adams added. “GIS systems are just beginning
to hit the markets and will be <strong>more</strong>
user friendly as time progresses.”
According to the market research firm
IDC, based in Framingham, MA, spending
on GIS software in 2004 was $1.8 billion, of
which $544 million was spent by U.S. federal,
state and local government agencies.
IDC’s senior consultant, David Sonnan,
noted that Environmental Systems
Reasearch Institute, Inc. (ESRI), based in
Redlands, CA, has roughly 80 percent of the
software market share in the federal, state
and local government space. ESRI programs
specialize in technical/GIS consulting, and
system upgrades and maintenance.
Last February, with the help of ESRI,
IBM was awarded the contract for providing
IT services for a nation-wide Multi-
Hazard Flood Map Modernization project.
The five-year project, with an estimated
worth of $750 million, was commissioned
by FEMA.
Senior GIS product manager for IBM,
David Beddoe, has been promoting Big
Blue recently for its GIS-related work at the
state and local level. The company is assisting
San Francisco in applying geospatial
technology for economic development as
well as emergency management initiatives.
Similarly, Science Applications
International Corp. (SAIC), of San
Diego, CA, is helping the Michigan State
Police with its crisis management software
by forging an alliance with Keyhole Corp.,
of Mountain View, CA, a subsidiary of
Google Inc. Through its alliance with
Keyhole and in conjunction with Google
Earth and Google Maps, SAIC is offering
mapping information and images collected
from satellites and airplanes.
GIS technology allows a user to simultaneously
view and manipulate numerous
layers of data-sets. In an era of fast-paced
and ever evolving technology, the arrival of
GIS is extremely important and has presented
several sectors of our society with
untapped opportunities.
DECEMBER 5, 2005 52 GSN: GOVERNMENT SECURITY NEWS

Daon Delivers Biometric Identity
Assurance Software Products
Daon enables system integrators to implement fast, flexible and
secure identity-based solutions that meet the demands of government
ID programs. Daon’s identity assurance product suite is vendor
neutral, providing a choice of multiple platforms, multiple biometric
types (finger, face, iris), multiple algorithms, multiple credentials and
multiple databases on a standards-based open architecture, ensuring
the future proofing of any system deployed. Independent assessments
show that Daon provides a best-in-class platform for managing identities in Border Management
Environments, Civil Identity Applications, Traveler ID Solutions and Employee Credentialing Solutions.
Daon
Tel: 703.984.4000
Web: www.daon.com
Email: fiona.darcy@daon.com
ISO 14443 Lighted Keypad Reader
The new ISO 14443 reader with lighted keypad from Integrated Engineering
adds extra security to those access points where you need
double (card + PIN) authentication. To improve the user PIN
interface in low light areas, and after dark, red lights are built
in to backlight the keypad buttons. The backlighting is activated
when a card is presented or key pressed. This combined
card and PIN reader is fully configurable, providing the
flexibility and compliance expected from all Integrated
Engineering readers. The flash configuration capability allows all these readers to be completely reprogrammed.
The reader supports amongst others Mifare, DESFire (PIV II compliant) and PIV 7816 SmartMX.
Integrated Engineering
Tel: 831.659.3218 or 717.666.1107
Web: www.smart-id.com Email: info@smart-id.com
Milestone XProtect Enterprise
Milestone XProtect Enterprise is the world’s leading open platform
IP video surveillance software. It manages unlimited cameras,
multiple servers and multiple sites. Delivered with a Remote
Client, Smart Client and optional PDA Client, XPE is well suited to
the needs of an increasingly sophisticated security market. It is
reliable and robust, providing support for the widest choice in network
cameras from <strong>more</strong> than 30 manufacturers. You can view
both JPEG and MPEG4 images at the same time – live or recorded
– centrally, locally or remotely. XPE provides advanced management, fast searching, easy analysis and export
of evidence. Open architecture provides endless integration options with other systems.
Milestone Systems, Inc.
Tel: 503.906.7910
Web: www.milestonesys.com
Optelecom-NKF
Tel: 301.444.2200
Web: www.optelecom-nkf.com
Email: info@milestonesys.com
MX Viewer PC-based Video Client
Software
As the front-end interface for Optelecom-NKF’s suite of IP Video Network products,
MX Viewer Lite offers the operator intuitive access to live images on a
PC or laptop. Featuring live recording, two-way CD quality audio for PA systems
or intercom, alarm handling and PTZ control, MX Viewer provides a powerful
tool to aid safety, security and remote monitoring. The PC-based software
allows simultaneous viewing of 1-4 high-quality images in full D1, 2/3D1,
1/2D1 or CIF resolution. The software supports multicast streams, enabling a
virtually unlimited number of MX Viewers to operate simultaneously.
Email: marketing.us@optelecom-nkf.com
Baxall Launches New ICE Camera
Range
Baxall, the leading British manufacturer of high-quality CCTV equipment
and video network solutions, has launched the ICE Camera
Range, soon to replace Baxall’s existing portfolio of cameras. Baxall
is well known around the world for its quality CCTV cameras and has
been first in the field with many technological advances and an
extensive array of cameras for Homeland Security applications. The
ICE range features a new, modern design, smaller size and superior picture quality, which comes as a result
of improved software technology, although the same highly competitive pricing structure remains. Product
codes have also been adjusted to make ordering simpler.
Baxall USA, Inc
Tel: 719.282.6780
Web: www.baxall.com/ice
Email: marketing@baxall.com
For <strong>more</strong> information go to
www.info.ims.ca/5111-029
For <strong>more</strong> information go to
www.info.ims.ca/5111-031
For <strong>more</strong> information go to
www.info.ims.ca/5111-033
For <strong>more</strong> information go to
www.info.ims.ca/5111-035
For <strong>more</strong> information go to
www.info.ims.ca/5111-037
PhoneBase 2: First Phone Analysis System to
offer Complete Legal Security
Envisage Systems has moved to allay the fears of many police forces, concerned
about the possible legal implications if cell phones in their possession
should receive calls or messages while the phone's SIM card and memory are
being analyzed by cell phone analysis systems. The steel APM (Acquisition
Prevention Module) completely isolates the phone from all network connections,
enabling the police to analyze the phone in completely secure conditions.
Inside the compact desktop enclosure, the phone can be interrogated by infra red or
cable connection without affecting the integrity of the evidence.
Envisage Systems
Tel: UK (01144) 1442 877 770
Web: www.phonebase.info Email: info@phonebase.info
The Smallest In-the-Ear
RF Receiver
invisity, the new RF receiver from Phonak Communication
Systems, is the smallest, and only, in-the-ear receiver in the
world, improved to meet the requirements of the demanding
security market. invisity will find application in many situations
where discretion and freedom of movement are a necessity.
invisity 4 channels with reprogrammable frequencies is
bundled with the handheld invisity remote control to
change the pre-set channels, increase the volume or alter the audio level.
Phonak Communications AG
Tel: Switzerland (01141) 26 672 9630
Web: www.phonakcom.ch Email: info@phonakcom.ch
Vehicle-borne Non-Lethal Deterrent
System
Minimizing danger to innocent bystanders, the vehicle-borne, retrofitted,
Non-Lethal Deterrent (NLD) System from MS Instruments comprises
Smoke, Sound and rear Air Burst / Multi-Stun firing sets. Aggressors
such as pursuing gunmen are diverted, disoriented and deprived of the
initiative. Transferable between all vehicles, the system enables the firing,
from within a moving or stationary vehicle, of all or any of 12 externally
mounted pyrotechnic units. To reach maximum output rate, the
integral smoke unit takes 6 seconds, whilst the 155-decibel sound unit detonates 1-1.5 seconds after
being jettisoned.
MS Instruments plc
Tel: UK (01144) 1732 749 580
Web: www.msinstruments.co.uk/cps/skynews.wmv
Skyquest Aviation
Email: info@msinstruments.co.uk
Display Solutions for the Aircraft Cockpit
Skyquest Aviation designs and manufactures airborne surveillance systems,
rugged video recorders, multi-function LCD video and mission displays,
moving map systems, DGPS, microwave link systems, gyrostabilized
camera platforms and cargo hook cameras. Now Skyquest has launched a
new range of ultra-high-resolution aircraft mission displays to complement
new-technology stabilized cameras. It has also designed a unique
video distribution system which takes the feed from the airborne camera
systems in its highest resolution and routes this via a single cable to any
number of onboard video displays and video recorders.
Tel: UK (01144) 1628 785 143
Web: www.skyquest.co.uk Email: info@skyquest.co.uk
Plasan Sasa
Tel: Israel (00972) 4 680 9000
Web: www.plasansasa.com
Advanced Tactical Assault Vest
Plasan Sasa, a leading manufacturer of combat-proven ballistic protection
products in advanced composite materials, presents the Advanced
Tactical Assault Vest. Developed in cooperation with NATO’s international
association of police forces, TFWG, this highly engineered vest is
specifically designed for the needs of Special Forces and police units.
The ergonomic design offers not only comfort but also maximum coverage
area. The ultra lightweight and flexible vest has a valve that can be
adapted to the threat level and offers maximum protection against high
velocity projectiles, such as AK-47 and NATO Ball.
Email: plasan@plasan.com
For <strong>more</strong> information go to
www.info.ims.ca/5111-030
For <strong>more</strong> information go to
www.info.ims.ca/5111-032
For <strong>more</strong> information go to
www.info.ims.ca/5111-034
For <strong>more</strong> information go to
www.info.ims.ca/5111-036
For <strong>more</strong> information go to
www.info.ims.ca/5111-038
GSN: GOVERNMENT SECURITY NEWS 53 DECEMBER 5, 2005

Personality Profile
John Banghart
“On Duty”
Current job:
Director of Benchmark Services at The Center for Internet Security (CIS)
Career steppingstones:
System and security administrator at OneMain.com (1994-2000); Director of Technology,
Re-Route, Inc. (2000-2002); Director of Benchmark Services, CIS (2002-current)
Education:
Bachelor of Arts degree in English from Towson State University, MD. CISSP and GCFA
certifications.
Homeland security mission:
Provide trusted security configuration information to public and private institutions to help
raise the bar on information security.
Top job priority:
Creation of comprehensive security guidance across a wide range of technologies.
Biggest obstacle:
Finding the time to be involved with all the great security-related projects, both at CIS and
across the industry.
Homeland security involvement outside work:
Participating on the FBI/SANS Top 20 development team; speaking on security topics at industry conferences.
Your role model:
My father, John Banghart, a successful businessman and gifted “people person”.
Career ambition:
To keep “fighting the good fight” for better information security for as long as I can.
Birth year: 1971
Hometown:
Childhood nickname:
Indiana, PA
Johnny
“At Ease”
Current residence:
Herndon, VA
Family:
Wife Rebecca; sons Stephen and Jeffrey
Last book read:
“The Art of Intrusion,” by Kevin D. Mitnick
Favorite film: “Inherit the Wind,” directed by Stanley Kramer (1960)
Ideal vacation:
Going anywhere and leaving behind my mobile phone.
Hobby/sport:
Airsoft and playing computer games with my kids.
Favorite meal:
Clubs / groups:
Anything Tex/Mex
First Lego League; Odyssey of the Mind
John Banghart enjoys time with his sons Stephen and Jeffrey
Inspiring quotation:
“An investment in knowledge always pays the best interest.” – Benjamin Franklin
DECEMBER 5, 2005 54 GSN: GOVERNMENT SECURITY NEWS

For <strong>more</strong> information go to www.info.ims.ca/5111-011

For <strong>more</strong> information go to www.info.ims.ca/5111-012
For <strong>more</strong> information go to www.info.ims.ca/5110-011