Zone Labs fights viruses with Integrity

Company upgrades virus containment software, teams with Cisco.

LAS VEGAS - Zone Labs is announcing upgrades to its security software this week designed to make it easier for companies to limit the spread of viruses and worms on their networks.

Version 2.0 of Zone's Integrity software being introduced at Comdex this week lets businesses restrict individual desktops to access only select segments of corporate networks, making it easier to confine damage done by attacks.

An Integrity 2.0 server sets policies centrally, and software agents that function as personal firewalls on each desktop enforce the policies. These policies range from what IP addresses each machine can access to what applications are allowed on the network.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

LAS VEGAS - Zone Labs is announcing upgrades to its security software this week designed to make it easier for companies to limit the spread of viruses and worms on their networks.

Version 2.0 of Zone's Integrity software being introduced at Comdex this week lets businesses restrict individual desktops to access only select segments of corporate networks, making it easier to confine damage done by attacks.

An Integrity 2.0 server sets policies centrally, and software agents that function as personal firewalls on each desktop enforce the policies. These policies range from what IP addresses each machine can access to what applications are allowed on the network.

With the network access of each desktop defined by Integrity, threats can be confined more easily, which is not the case when individual workstations have unfettered rights to any network machine, says Lawrence Pingree, global network security architect for PeopleSoft. "If we can put an agent on desktops to restrict what you can do, it's a huge, huge advantage," he says.

The Code Red and Nimda worms wrought havoc with PeopleSoft's network for several days last year - a situation the Zone software could have minimized. "If you connected to the wire, you could connect to anything," Pingree says, allowing the worm  to spread. Had Integrity 2.0 been in place, it could have kept the worms in limited areas of the network, where they could be dealt with quickly, he says.

Integrity 2.0 also includes a reference-scan tool that makes sure desktops have a standard configuration of applications. Version 2.0 also includes a program-grouping feature for managing applications and application components to make it simpler to track all the software elements an application uses.

Pingree says PeopleSoft is evaluating Integrity and software from competitors Tiny Software and Symantec.

Also, Zone Labs and Cisco have cooperated to make sure corporate remote access users can't activate VPN tunnels unless their firewall is turned on.

The companies are announcing at Comdex that Zone's Integrity policy management console works with Cisco's 3000 VPN concentrator so remote access PCs don't become a weak spot attackers can exploit to gain entry to corporate networks.

"Cisco's firewall [that comes with the VPN client] is basic. With Integrity, we can ensure certain policies exist on the laptop before it connects to the VPN," Pingree says.

Integrity 2.0 ships next month and costs $65 per agent license, with a minimum of 25 licenses. There is no charge for the server. Current customers with maintenance contracts get the upgrade to Version 2.0 as part of that agreement. Current customers with maintenance contracts get the upgrade to Version 2.0 as part of that agreement.

Read more about security in Network World's Security section.