Forwarded From: William Knowles <erehwonat_private> [News.com] (6.26.98) Network Associates is expected to announce Monday a new suite of "intrusion protection" tools, including one that creates a decoy network that draws hackers in, then "stings" them. "We are creating a network for hackers to break into. It's a virtual network, but it has all the services of a real network," Art Wong, former chief executive of Secure Networks, a Canadian firm acquired last month by Network Associates, said in an interview earlier this month. "When they are in this virtual network, they are not in your real data. Once they go in, you can collect information on who they are, where they come from, and what vulnerabilities they try to exploit," Wong added. "You have to make it sweeter for them to access. They'll look for accounting information, secretive data, personal data--anything with passwords on it. So you put things in there that hackers would think are sensitive." The "honey pot" software, slated for release by the end of the year, is due to be announced Monday with Network Associates' intrusion protection suite, according to sources familiar with the announcement. The security tools are designed to help network administrators detect, then ward off unauthorized users from both inside and outside the organization who are trying to break into data or networks without permission. The intrusion detection market has been active in the first half of this year, with Cisco Systems, Security Dynamics, and others making forays into the space. Like Secure Networks' "honey pot," many of the technologies in the "intrusion protection" suite came to Network Associates in a string of acquisitions in the last seven months. Other elements expected to be announced in the suite include the following: * The existing CyberCop software, acquired in the December merger with Network General. Dubbed a "high-tech burglar alarm," it monitors networks with software sensors at critical intersections. It also includes software licensed from WheelGroup, an intrusion detection player Cisco bought in February. * Ballista, a network scanning tool to probe networks from outside for security weaknesses. It was Secure Networks' first product. * Stalker, another kind of intrusion detection software that guards individual servers, rather than sitting on a network, as CyberCop does. Called host-based intrusion detection, this technology came to Network Associates with its February acquisition of Trusted Information Systems, which had earlier purchased the technology with Haystack Labs. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:57:04 PDT