Security vendors push intrusion-detection, professional services

Established vendors and startups last week announced products and services for network intrusion-detection and outsourced security management.

Hewlett-Packard, Axent Technologies and startup Sanctum debuted intrusion-detection software for corporate networks, while Raytheon Company announced BladeRunner, server-based software for monitoring internal corporate network traffic in order to prevent unauthorized transmission of sensitive material.

BACKGROUND: Security roundup: How did 9/11 change IT?; Microsoft premature patching; HIPAA gets nasty

"It identifies traffic-flow patterns to identity anomalies," says Jeff Waxman, president of Raytheon's newly formed information assurance product area based in Linthicum, Md. "If the R&D department suddenly starts sending information out to the wide-area Internet, you'll know that."

Available for Unix or NT, BladeRunner, priced at $65,000 per copy, is a passive-listening device that can display the entire topology of the corporate network to show what network users are doing by reporting activities to the BladeRunner console.

At its Cupertino headquarters, HP unveiled the HP Praesidium Intrusion Detection System, software offered as a $1,695 option to protect HP's new version of Unix called HP-UX11i.

"The Praesidium software detects unauthorized access, root exploits, buffer overflows or other unusual behavior and send alerts to HP OpenView," says Roberto Medrano, general manager of the Internet security solutions at HP.

HP pushed two other security products out the door last week. The first was Web Enforcer, NT-based software that works to strengthen Web servers used in e-commerce by detecting security vulnerabilities and mending these holes on an ongoing basis. The software, with service support, costs about $7,000.

HP says it has also beefed up its Web QoS, software costing between $7,000 to $12,000 used for NT, HP-UX or Solaris to prioritize traffic so that Web QoS can now detect some types of HTTP-based denial-of-service attacks and block them.

Medrano points out that Web QoS won't readily protect against massive distributed denial-of-service attacks based on SYN Floods, however.

In the area of consulting services, HP has formed the Global Security Consulting Practice with 300 security experts in its offices around the world to advise corporations on risk-management and security strategies.

Startup Guardent also opens its doors this week with 75 employees to provide security consulting. Dan McCall, founder and chief marketing officer, says the firm purchased the entire professional services practice at Secure Computing for an undisclosed sum. The company is providing managed security services as well for companies ready to outsource in this area.

Another startup, Santa Clara, Calif.-based Sanctum -- which just changed its name from Perfecto -- unveiled the second product to follow its Web-based AppShield, ingenious Web server software that prevents electronic commerce shoplifting by exploiting application flaws.

Sanctum's second product, the Linux-based AppScan, lets the network manager or application developer remotely test Web applications to determine weaknesses that could be exploited in an e-commerce setting. "It's a sort of 'Robohacker' that lets them manually simulate attacks and suggests how to fix things," says Sanctum's founder and senior vice president, Eran Reshef.

The software, set to ship next month for $20,000 per user, is under testing at Yahoo, Lycos and Exodus Communications. Concern that his AppScan could be put to criminal use in the hands of hackers has compelled Reshef to ensure AppScan has a mechanism -- which he would like to keep secret -- to prevent unauthorized use.

Axent Technologies, which spars with Internet Security Systems to claim market leadership in the intrusion-detection realm, weighed in last week with updated versions of its NetProwler vulnerability scanner and its hosted-based IntruderAlert detection software for Unix or NT.

Intrusion-detection software has to be constantly updated as new attacks are discovered, and NetProwler 3.5 can accept file downloads from the Axent Web site of these new attack signatures. In addition, the security software now runs on Windows 200 and Linux in addition to NT and Unix.

Intruder Alert 3.5, which supports updates via file transfer, now comes with Unix-based console software for HP-UX or Solaris in addition to NT.

Axent is now marketing both products as the ProwlerIDS Series, offering a combined license for both security tools for $10,995, a savings of at least $5,000 over purchasing the Axent products separately.

Axent's top rival ISS weighed in last week to say it has become the first vendor to obtain export status of its intrusion-detection software, RealSecure 3.2.2, under the more lenient encryption export rules announced January 14 by the White House.

RealSecure has options to encrypt some data for security purposes. Users can now more easily export RealSecure with Triple-DES or elliptic-curve public-key at strengths up to 239 bits, said to be stronger than the standard RSA 1,024-key. without having to fill out extensive paperwork or get approvals for most countries.

Read more about wide area network in Network World's Wide Area Network section.

Join the PC World newsletter!

Error: Please check your email address.

Tags HPfirewallssecurityMicrosoftraytheonHewlett-Packard

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ellen Messmer

Network World
Show Comments

Most Popular Reviews

Latest News Articles


PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?