LANDesk next month will upgrade its security management suite with capabilities designed to monitor network traffic and compare abnormal activity against predefined rules.

LANDesk Host Intrusion Prevention System (HIPS) is add-on software that the company says will help network managers secure internal networks from unknown threats by monitoring traffic, learning behavior and alerting when anomalies in known behavior occur. The software, part of LANDesk Security Suite, performs such tasks as behavioral blocking, whitelisting, blacklisting and compliance enforcement when it detects traffic in conflict with predefined security policies.

"Antivirus and perimeter solutions aren't enough anymore," says Devin Anderson, LANDesk Security Suite product line manager. "HIPS lets IT managers create a list of rules that are safe for their environments and leverage those to monitor and ensure activities don't fall out of the norm."

LANDesk HIPS also includes a network access control (NAC) element, the company says. The software can prevent client access to a network if it doesn't meet patch or systems security levels, for instance.

The software uses the same central server and distributed agent technology in LANDesk Security Suite. Existing customers can contact LANDesk and have them unlock the code to enable the HIPS capabilities. The company says that HIPS should be installed on a few key nodes, and the software will learn an environment's normal behavior in about two weeks. It reports what it learns to the main server and alerts when patterns stray from normal.

Like competitors Determina, McAfee and Symantec, LANDesk says its HIPS technology enables IT managers to add another layer of security to their enterprise strategy. "We cover security configuration, enforcement, antivirus and NAC," Anderson says. "HIPS addresses zero-day attacks as well as targeted attacks."

Scheduled to be available next month, HIPS is priced at $13 per managed node. It is an add-on to LANDesk Security Suite, which is priced at $69 per managed node.