Symantec expands security arsenal
Published: 24 Jun 2003 14:07 BST
Security-software maker Symantec's latest products use intrusion-detection technology that it acquired from other companies.
Two of the products that it unveiled on Monday fall into the major categories of intrusion-detection systems (IDSes): software that runs on and protects individual servers, known as a host-based IDS, and appliances that detect potentially hostile data traversing a corporate network, known as a network IDS. In addition, the company announced that it would enter the "honey pot" arena -- offering software that detects attacks by emulating computers in hopes of attracting intruders.
Symantec believes that different companies will focus on different types of intrusion-detection capabilities, so it plans to broadly cover the market, said John Harrison, the company's product manager.
"We believe there is a place for IDS -- that it plays a critical role in protecting organisations," Harrison said. "It needs to be flexible. There is not one type of solution for every company."
Intrusion-detection systems have a bad reputation for triggering alerts based on innocuous data and inundating security administrators with false alarms. The problem has led one analyst firm -- Gartner -- to declare the technology a failure. However, Symantec and other security companies continue to bet that improvements in the technology will solve the problems.
Symantec Manhunt 3.0, designed to protect corporate networks, can analyse network data at 2 gigabits per second and combines detection that's based on both attack signatures and program behavior, the company said. It builds on technology that it acquired from Recourse Technologies, which Symantec bought last July. The new honey-pot software, Decoy Server, comes from Recourse as well, based on that company's ManTrap system.
Symantec's host-based system has a longer history with the company, coming out of its purchase of Accent in early 2001. Symantec Host IDS 4.1 runs on servers, detecting attacks and intrusions. It is not unlike antivirus systems.
The company's main rival, Network Associates, is also looking to snare a part of the IDS market with two recent purchases. In April, the company bought Entercept, a maker of host-based intrusion detection systems, for $120m (£72.01m) in cash. Earlier that month, Network Associates also announced that it would buy IntruVert Networks, a maker of network intrusion-detection systems, for $100m.
Let the editors know what you think in the Mailroom.
Did you find this article useful?
76 out of 139 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
