Security vendors push intrusion-detection, professional services

Established vendors and startups last week announced products and services for network intrusion-detection and outsourced security management.

Hewlett-Packard, Axent Technologies and startup Sanctum debuted intrusion-detection software for corporate networks, while Raytheon Company announced BladeRunner, server-based software for monitoring internal corporate network traffic in order to prevent unauthorized transmission of sensitive material.

BACKGROUND: Security roundup: How did 9/11 change IT?; Microsoft premature patching; HIPAA gets nasty

"It identifies traffic-flow patterns to identity anomalies," says Jeff Waxman, president of Raytheon's newly formed information assurance product area based in Linthicum, Md. "If the R&D department suddenly starts sending information out to the wide-area Internet, you'll know that."

Available for Unix or NT, BladeRunner, priced at $65,000 per copy, is a passive-listening device that can display the entire topology of the corporate network to show what network users are doing by reporting activities to the BladeRunner console.

At its Cupertino headquarters, HP unveiled the HP Praesidium Intrusion Detection System, software offered as a $1,695 option to protect HP's new version of Unix called HP-UX11i.

"The Praesidium software detects unauthorized access, root exploits, buffer overflows or other unusual behavior and send alerts to HP OpenView," says Roberto Medrano, general manager of the Internet security solutions at HP.

HP pushed two other security products out the door last week. The first was Web Enforcer, NT-based software that works to strengthen Web servers used in e-commerce by detecting security vulnerabilities and mending these holes on an ongoing basis. The software, with service support, costs about $7,000.

HP says it has also beefed up its Web QoS, software costing between $7,000 to $12,000 used for NT, HP-UX or Solaris to prioritize traffic so that Web QoS can now detect some types of HTTP-based denial-of-service attacks and block them.

Medrano points out that Web QoS won't readily protect against massive distributed denial-of-service attacks based on SYN Floods, however.

In the area of consulting services, HP has formed the Global Security Consulting Practice with 300 security experts in its offices around the world to advise corporations on risk-management and security strategies.

Startup Guardent also opens its doors this week with 75 employees to provide security consulting. Dan McCall, founder and chief marketing officer, says the firm purchased the entire professional services practice at Secure Computing for an undisclosed sum. The company is providing managed security services as well for companies ready to outsource in this area.

Another startup, Santa Clara, Calif.-based Sanctum -- which just changed its name from Perfecto -- unveiled the second product to follow its Web-based AppShield, ingenious Web server software that prevents electronic commerce shoplifting by exploiting application flaws.

Sanctum's second product, the Linux-based AppScan, lets the network manager or application developer remotely test Web applications to determine weaknesses that could be exploited in an e-commerce setting. "It's a sort of 'Robohacker' that lets them manually simulate attacks and suggests how to fix things," says Sanctum's founder and senior vice president, Eran Reshef.

The software, set to ship next month for $20,000 per user, is under testing at Yahoo, Lycos and Exodus Communications. Concern that his AppScan could be put to criminal use in the hands of hackers has compelled Reshef to ensure AppScan has a mechanism -- which he would like to keep secret -- to prevent unauthorized use.

Axent Technologies, which spars with Internet Security Systems to claim market leadership in the intrusion-detection realm, weighed in last week with updated versions of its NetProwler vulnerability scanner and its hosted-based IntruderAlert detection software for Unix or NT.

Intrusion-detection software has to be constantly updated as new attacks are discovered, and NetProwler 3.5 can accept file downloads from the Axent Web site of these new attack signatures. In addition, the security software now runs on Windows 200 and Linux in addition to NT and Unix.

Intruder Alert 3.5, which supports updates via file transfer, now comes with Unix-based console software for HP-UX or Solaris in addition to NT.

Axent is now marketing both products as the ProwlerIDS Series, offering a combined license for both security tools for $10,995, a savings of at least $5,000 over purchasing the Axent products separately.

Axent's top rival ISS weighed in last week to say it has become the first vendor to obtain export status of its intrusion-detection software, RealSecure 3.2.2, under the more lenient encryption export rules announced January 14 by the White House.

RealSecure has options to encrypt some data for security purposes. Users can now more easily export RealSecure with Triple-DES or elliptic-curve public-key at strengths up to 239 bits, said to be stronger than the standard RSA 1,024-key. without having to fill out extensive paperwork or get approvals for most countries.

Read more about wide area network in Network World's Wide Area Network section.

Join the PC World newsletter!

Error: Please check your email address.

Tags firewallsHPMicrosoftsecurityraytheonHewlett-Packard

Struggling for Christmas presents this year? Check out our Christmas Gift Guide for some top tech suggestions and more.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ellen Messmer

Network World

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?