* August 31, 2006: Draft Special Publication 800-45A, Guidelines on
Electronic Mail Security
Adobe PDF (1,912 KB)
Zipped PDF (1,068 KB)
A new version of NIST Special Publication (SP) 800-45, Guidelines
on Electronic Mail Security, is now available for public comment. The
draft document, SP 800-45A, is a revision of the 2002 guideline and
structured similarly, although a good deal of the material has been
rewritten and augmented with new information. The guide is intended to
aid organizations in the installation, configuration, and maintenance of
secure mail servers and mail clients. Administrators of electronic mail
and other infrastructure services are encouraged to provide feedback on
all or part of the document. NIST requests submission of public comments
on the draft on or before October 6, 2006. Comments may be sent to
SP800-45A@xxxxxxxxx
* August 31, 2006: Draft Special Publication 800-94, Guide to
Intrusion Detection and Prevention (IDP) Systems
Adobe PDF (2,333 KB)
Zipped PDF (1,844 KB)
NIST announces the release of draft Special Publication (SP)
800-94, Guide to Intrusion Detection and Prevention (IDP) Systems. SP
800-94 seeks to assist organizations in understanding intrusion
detection system (IDS) and intrusion prevention system (IPS)
technologies and in designing, implementing, configuring, securing,
monitoring, and maintaining intrusion detection and prevention (IDP)
solutions. It provides practical, real-world guidance for each of four
classes of IDP products: network-based, wireless, network behavior
anomaly detection software, and host-based. The publication also
provides an overview of complementary technologies that can detect
intrusions, such as security information and event management software.
It focuses on enterprise IDP solutions, but most of the information in
the publication is also applicable to standalone and small-scale IDP
deployments. This publication replaces NIST SP 800-31, Intrusion
Detection Systems.
NIST requests comments on SP 800-94 by October 20, 2006. Please
submit comments to 800-94comments@xxxxxxxx with "Comments SP800-94" in
the subject line.
* August 31, 2006: Draft Special Publication 800-95, Guide to Secure
Web Services
Adobe PDF (1,253 KB)
Zipped PDF (879 KB)
NIST is pleased to announce the public comment release of draft
Special Publication (SP) 800-95, Guide to Secure Web Services. SP 800-95
provides detailed information on standards for Web services security.
This document explains the security features of Extensible Markup
Language (XML), Simple Object Access Protocol (SOAP), the Universal
Description, Discovery and Integration (UDDI) protocol, and related open
standards in the area of Web services. It also provides specific
recommendations to ensure the security of Web services-based
applications.
NIST requests comments on SP 800-95 by October 30, 2006. Please
submit comments to 800-95comments@xxxxxxxx with "Comments SP800-95" in
the subject line.
