The Cupertino, California-based security software specialist paid $135m in cash for Recourse as part of a $355m shopping spree designed to boost its intrusion detection and warning portfolio.
Recourse’s main products included the ManHunt network intrusion detection system, now updated with version 3.0, and the ManTrap honey pot system, now known as Symantec Decoy Server. The company has also updated its host intrusion detection system for servers with Host IDS, a replacement for its earlier Intruder Alert product.
ManHunt is designed to monitor network traffic at speeds of up to two gigabits per second, combining protocol anomaly detection, signature detection, denial-of-service, scan detection and IDS evasion detection techniques.
The product can be configured to terminate TCP sessions, trace attacks back to their source, enforce flow policy compliance, initiate custom responses and notify administrators of intrusions and denial-of-service attacks.
Alongside the network-based IDS capabilities of ManHunt, Symantec has also released a new version of its host-based IDS system, now known as Host IDS. The product is designed to work with Microsoft Corp’s Windows 2000, NT and XP operating systems, as well as Sun Microsystems Inc’s Solaris 8 and 9, and provides real-time and proactive intrusion detection capabilities. The latest version also comes with new process management technologies that can help to stop buffer overflow and Trojan horse attacks, according to Symantec.
The new Symantec Decoy Server, meanwhile, is designed to complement host- and network-based IDS systems by diverting attacks away from key resources. The product acts like a fully functioning server and can simulate email usage to mirror the appearance of a live mail server, but comes equipped with attack detection and data collection modules so that actions can be recorded for analysis.
Source: Computerwire
