ISS upgrades RealSecure Desktop Protector
- 13 August, 2002 08:00
Internet Security Systems (ISS) announced an upgrade to its RealSecure Desktop Protector software that provides security features on desktop PCs, adding more security features to work with VPNs (virtual private networks), as well as features designed to block the spread of worms and other unwanted applications.
Version 3.5 of RealSecure Desktop Protector, announced Monday, will allow users more flexibility in how the software protects them during VPN sessions, said Dan Naider, director of RealSecure product solutions at Atlanta-based ISS. Users will now be able to tell the software where they are connecting from via a VPN -- be it remotely, inside a network or from other locations -- and the software will adjust its protection level accordingly, he said.
Such a change will allow users to maintain a level of protection, take advantage of the security measures afforded to them by the network they are on and use services and applications they might not be able to access with stricter security, he added.
ISS also announced the addition of application protection to Desktop Protector. Application protection is a new feature that prevents unauthorized or unwanted applications from running by cryptographically signing each application, Naider said.
When a user or administrator installs the new version of the software, it will scan their PC to determine what applications are installed on it and will create a checksum, or mathematical signature, for each application, he said. When an application without a checksum tries to run, it will be blocked from doing so, he said.
The software can be configured to present a pop-up window offering the user the option to run the application when an unauthorized program tries to run, he added. Checksums can be generated when new software is installed, he said. The software also allows users to lock their systems to prevent unauthorized writing of files, he said.
Application protection will allow users to block the spread of worms and trojan horses, since those applications will not have checksums and therefore will not be able to run, he said. Naider did caution that users should run a virus scan before creating the checksums to avoid unintentionally authorizing any viruses or worms that may already be on their systems.
RealSecure Desktop Protector is a valuable tool in the University of Washington's security arsenal, where it is used on 3,000 administration and staff desktops, said Brian Donohue, a security engineer at the university in Seattle.
The university installed the software about a year and a half ago, after a hack into its network was widely publicized in December 2000, Donohue said. The software is easy-to-manage and, due to its reporting features, can operate similarly to an intrusion detection system, giving administrators a larger view of attacks on their network, he said.
Donohue has been testing version 3.5 of the software and has found it to work well, though the application protection feature is of little use to him, he said.
Because there are so many groups within the university that each have their own software configurations, "it would be very difficult to centrally manage groups of desktops to control what applications can execute," he said.
Nonetheless, Donohue would recommend the software to other large enterprises due to its manageability and security features.
The new software is immediately available worldwide, at a cost of US$2,500 for 25 users in the corporate version or about $60 per user in the consumer version.