Intrusion response dips down to end-user level

The need for companies to respond in real time to both external and internal network attacks is fueling interest in automated intrusion-response technologies.

Enterasys Networks Inc. this week started shipping new software that’s designed to allow companies to drive this response down to individual users without disrupting the rest of the network.

Enterasys’ new NetSight Atlas Automated Security Manager (ASM) works with the Andover, Mass.-based company’s Dragon intrusion-detection system and its network switches.

Together, the products allow companies to automatically identify the network port from which an attack originates, quarantine individual users’ machines that are vulnerable and make policy changes without broad disruption.

The ASM technology is the first to give companies this sort of granular control when responding to network attacks, according to Stan Schatt, an analyst at Forrester Research Inc. in Cambridge, Mass.

“This is a pretty powerful kind of improvement,” Schatt said. With this technology, he added, “you are not going to have to cut off an entire port if you see an intruder.”

The new capability builds on the intrusion-response functions already enabled by Enterasys, said Bob Hartland, director of IT at Baylor University in Waco, Tex.

The university is using Enterasys technology to apply policies and block certain kinds of traffic on its dormitory networks. “We apply policy to ports that blocks everyone with the policy group equally,” Hartland said.

The more sophisticated response enabled by ASM will allow Baylor to apply such policies as needed at an individual user level, he said.

Eaton Vance Distributors Inc. in Boston is planning to use Enterasys’ dynamic intrusion-response capabilities to monitor core applications.

“As a financial services company, we have to be very careful about who has access to what,” said Vinnie Cottone, Eaton Vance’s vice-president of infrastructure services.

Enterasys’ technology will help the company become more proactive by “letting us know who’s on our network, what kind of access they have and what they are doing with that access,” Cottone said.

Enterasys’ moves to incorporate more security functions in its network technology are similar to those being made by other vendors, most notably Cisco Systems Inc.

“What they are doing is integrating security into the infrastructure itself from a switching perspective,” Schatt said.

Pricing for Enterasys’ NetSight ASM v1.0 technology starts at US$17,000 and includes the NetSight Atlas Console v1.4.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now