Microsoft Corp.’s plans to hawk a subscription-based product bundling anti-virus, anti-spyware and firewall tools might be the security industry’s worse-kept secret, but that has not stopped the guessing games leading up to next week’s RSA Conference 2005.

Officials at the Redmond, Wash., company remain tight-lipped on specifics, refusing to confirm or deny widespread speculation that the first version of an anti-virus offering will be the highlight of Bill Gates’ opening keynote.

Historically, Microsoft has used the RSA Conference to debut enterprise-focused security offerings—Windows RMS (Rights Management Services) in 2003 and “Active Protection” technologies in 2004—and this year figures to be no different.

Behavioral blocking, a key part of the “Active Protection” initiative, has progressed to the point where a product code-named “Mako” may enjoy prime billing at the confab.

The Mako product is styled as the next generation of intelligent prevention of malicious attacks, and it includes technologies that limit the ability of worms and viruses to wreak havoc on an infected machine.

“This is an enterprise security show, so I’m not expecting anything major from Microsoft regarding spyware and viruses. We might see some demos and some discussions around anti-virus, but I don’t believe we’ll get any betas,” said Gartner security analyst John Pescatore.

“I expect to hear [Gates] talking mostly about rights management and the security technologies they’re planning for Longhorn.”

The rights management team at Microsoft is slated to provide “an update on advances in the technology” at the show, hinting that a service pack or word on Version 2.0 of RMS could be forthcoming.

RMS 2.0, which is touted as a big part of Longhorn, will focus on improving business-to-business capabilities and support for interorganizational collaboration scenarios.

Burton Group analyst Mike Neuenschwander said he thinks the RSA Conference is the perfect place to hear more about Microsoft’s InfoCard, the federated ID initiative that promises technology to allow users to control how their personal information is managed on the Internet.

“Identity management will be a big focus at this show, so we could hear about what Microsoft has up its sleeve. They haven’t talked much about InfoCard in the past, although we know they’re working on it,” Neuenschwander told eWEEK.com.

Beyond Microsoft, security vendors are expected to turn out in droves to showcase their latest wares, ranging from authentication appliances to endpoint security solutions to virus-throttling software.

RSA Security Inc. plans to unveil the RSA SecurID Appliance, a rack-mounted authentication tool for the SMB (small and midsized business) market. Designed specifically for organizations with fewer than 1,000 employees, the appliance is bundled software and hardware for SMBs looking to use two-factor authentication to replace static passwords.

Rival Verisign Inc. also plans to announce news related to its Unified Authentication platform, which offers provisioning and management of all types of two-factor authentication credentials.

Enterprise firewall and VPN vendor Checkpoint Software Technologies Inc. plans to display Eventia Analyzer, the newest member of its product portfolio. At the conference, Checkpoint executives also are expected to talk up the new features of Integrity 6.0, the subscription-based endpoint security product.

Beyond the product fare, Burton Group’s Neuenschwander said the work of the OASIS Security Services Technical Committee on SAML 2.0 (Security Assurance Markup Language) will be a big focus of the conference.

“There will be a lot of vendors there demonstrating interoperability, and this feeds into the work of the Liberty Alliance, so it could be an interesting part of the discussions,” Neuenschwander said.

Another highlight of the show is the keynote by Frank Abagnale, the consultant and author who formed the focus of the best-selling book and movie “Catch Me If You Can.”

Check out eWEEK.com’s Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer’s Weblog.