ISS takes another rung on convergence ladder

The company released versions 7.0 of its RealSecure Server, RealSecure Desktop and Internet Scanner, and CTO Chris Klaus fleshed out a little more of the company’s product strategy in an interview with ComputerWire.

By the end of the year there’s going to be a huge shift in the security market towards unifying security, he said. This will be driven by a shifting threat landscape, and by businesses’ need to cut infrastructure costs, he said.

Hackers are using hybrid threats…they’re able to get around most standalone products, Klaus said. Converging security features such as IDS, intrusion prevention, firewalls and anti-virus, ISS is raising the barrier higher than they can jump over he said.

ISS’s primary route to convergence is by bundling multiple functions into its recently launched Proventia brand of appliances. This range currently runs just the RealSecure IDS software, but is intended to act as the platform for an all-in-one security gateway.

A Proventia with a stateful inspection firewall included, as well as application-layer protection will be released in the third quarter, and VPN and anti-virus capabilities will be added to a further appliance in the fourth quarter, Klaus said.

ISS is building the plumbing for this internally, and already has the IDS and intrusion prevention components in place. Klaus said: We are looking at partner companies for features we’d need to add, such as VPN.

Klaus said that the initial target for the integrated appliances is at the departmental or branch office level, where the need for more cost-effective products is greatest, but that the goal is to start downstream… and over time look at expanding that.

Yesterday, the company released version 7.0 of its RealSecure host-based IDS agent software, and Klaus said that for the first time both server, client and network IDS products run using the same protection engine and same fingerprint database.

He said that the idea is to be consistent across all layers of the infrastructure. He added: We’ve seen a lot of [competing] companies, such as Symantec and Cisco, have acquired different companies, so the plumbing is different at all three layers.

Key improvements have also been made to Internet Scanner 7.0, the software that discovers networked devices and checks them for vulnerabilities. The latest version is more accurate, able to differentiate between different flavors of Unix, for example.

The software also enables what Klaus called virtual patches. Rather than always recommending a patch to remedy a vulnerability, the software can now recommend a security policy designed specifically to block that vulnerability at the host IDS.

Combined with ISS’s SiteProtector management console, the software can now also work in a distributed fashion, with multiple instances of the software in different locations all reporting to a single console.

SiteProtector is ISS’s means to manage all types of security products in one place – users can see a policy recommendation from Internet Scanner and then create and deploy that policy to RealSecure from the same console, for example.

Convergence and unified management are key themes in the security industry this year. ISS is increasingly facing competition from the likes of NetScreen, Network Associates, Symantec and Check Point, which are all broadening their offerings in both areas.

Source: Computerwire

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up