Security vendors tout new wares

Network Associates, Trend Micro and eEye Digital Security this week will each unveil upgraded versions of their products aimed at protecting networks from viruses, worms and other types of attacks.

Network Associates has an upgrade of its intrusion-prevention system (IPS), IntruShield, with new features that include the ability to decrypt Secure Sockets Layer (SSL)-encrypted data streams to check for signs of attacks.

The IntruShield appliance will do this by storing the enterprise customer’s SSL key in IntruShield 2.1 “We don’t terminate the SSL traffic but we buffer it, copy it and inspect it with IntruShield,” explains Vimal Solanki, senior product marketing manager. The upgrade is expected to ship next month.

Network Associates also is adding firewall-based, access control list and virtualization capabilities to IntruShield 2.1 for more detailed control of ports, which can be useful in combating worm attacks.

In other changes, the McAfee IntruShield Manager console will be able to accept security alerts and reporting from Network Associates’ host-based IPS for desktops and servers. Entercept 5.0 IntruShield starts at about $11,000.

Trend Micro this week is expected to introduce OfficeScan Corporate Edition 6.5, which combines Trend Micro’s desktop-based virus protection and integrates Trend Micro’s desktop firewall, Enterprise Client Firewall. The software, available this week for about $20 per user, is designed to monitor inbound and outbound communications, and block unauthorized attempts to reach the desktop. In addition, the software will watch for spyware, adware and password-stealing applications.

The new edition of OfficeScan also includes the so-called Security Trust Agent developed under Cisco‘s Network Admission Control program. Network managers will be able to take advantage of the desktop Security Trust Agent to report on anti-virus status to Cisco management equipment for purposes of “quarantining” users in Cisco-based router and switch networks if they lack anti-virus software updates.

Cisco, which is in beta testing with anti-virus vendors and IBM in the Network Admission Control program, is expected to have products to support this policy-enforcement mechanism next month.

Trend Micro this week also is expected to announce InterScan Web Security 2.0, an HTTP/FTP proxy that runs on Windows, Solaris or Linux to perform virus filtering. The new edition of the product adds support for spyware and a means to protect users against so-called phishing scams by blocking access to known scam sites that dupe users into giving away sensitive personal and financial information. An optional Web filtering module option is priced at $8.80 per user for 1,000 users, with the entire proxy altogether priced at $17.60 per user.

A third vendor, eEye Digital Security, which specializes in vulnerability-assessment tools, is expected to announce the fifth version of its Retina Network Security Scanner for discovering vulnerabilities in Windows, Unix or Linux machines and networked devices, including firewalls and routers.

The updated scanner, which starts at $1,000 per year for a 16-machine work environment, will include remediation management. This workflow-based remediation is based on the BigFix patching management software that eEye has licensed.