October 17, 2003 12:21 PM PDT
Plan unites desktop, server security
The Santa Clara, Calif.-based company dubbed the new integration plan its "end-node security strategy," referring to its focus on running the security software on servers and PCs rather than on a separate network device. The strategy is the most complete indication to date of how Network Associates plans to use the products from its recent acquisition of Entercept, an intrusion detection company.
"Everyone is looking at doing this," said Ryan McGee, director of product marketing for Network Associates' system protection solutions. "The difference is going to lie in the ability to execute on that vision. We think that Network Associates is one of the only vendors in the world that has the pieces to put this together in the near term--in the next year."
Get Up to Speed on...
Get the latest headlines and
company-specific news in our
expanded GUTS section.
Other security companies have already started moving toward integrating network-based security systems, which analyze network traffic to discern threats, and host-based security systems, which watch system behavior to detect potentially hostile programs. A year ago, Check Point Software Technologies and Symantec announced similar initiatives.
"At the end of the day, integration is going to win," said Tim McCormick, vice president of marketing for security company Internet Security Systems, which announced on Tuesday that it would integrate a variety of security functions into a single network device. "It's not coming out with the next best technology--the company that can integrate and simplify is going to win."
By next year, ISS plans to have modified its product into a single architecture for detecting threats. For example, the company will have a single intrusion-prevention product that runs on desktop and server computer systems.
For Network Associates, the new strategy allows it to integrate the host-based intrusion detection software it gained from its acquisition of Entercept in January. By bringing together those applications with its network monitoring and management software such as e-Policy Orchestrator, the company plans to offer a unified approach for its customers.
"It is a customer problem that we all hear: There are too many agents, too many consoles to manage," Network Associates' McGee said.
Moreover, the move highlights the company's change in focus on desktop computer systems--from combating viruses to stopping general intrusions, he said. Security on PCs today generally consists of two types of programs: antivirus software and personal firewalls. Network Associates and Symantec currently offer both types of software, and other companies, such as Zone Labs with its ZoneAlarm firewall and Trend Micro with its antivirus system, offer standalone products.
Network Associates and ISS both plan to offer a single product that integrates antivirus and firewall software as well as other intrusion-detection functions.
"It is not just a terminology change but a functional one," McGee said. "We see viruses as a subset of the overall problem--what you are doing as a customer is trying to prevent intrusions."