N+I: Security trio forms Intrusion Prevention Ecosystem

To help end users thwart a broad range of network attacks aimed at exploiting multiple parts of an enterprise, Check Point Software Technologies Ltd., Okena Inc., and Intruvert Networks Inc. announced the creation of a new Intrusion Prevention Ecosystem on Monday at the Networld+Interop and Comdex 2002 conference, in Atlanta.

Based on Check Point’s OPSEC (Open Platform for Security) framework, the Ecosystem will provide integrated out-of-the-box technology from each of the three security vendors to boost threat detection accuracy through in-line connected firewall and VPN capabilities, host-based IDS (intrusion detection security), and network layer protection, said Raj Dhingra, vice-president of Marketing, for San Jose-based Intruvert.

“The security industry is starting to move from detection to prevention. [Customers] want prevention at multiple levels [through] a distributed deployment layer in the enterprise,” Dhingra said. “Each level of the Intrusion Prevention EcoSystem is contributing to better accuracy and getting more comprehensive attack coverage.”

The Ecosystem will be available for live demonstrations at the Check Point OPSEC Pavilion at N+I this week. Also, Ecosystem-ready products from the three vendors are currently shipping.

Initially, the Ecosystem will be comprised of Check Point’s VPN-1/FireWall-1 Next Generation product, Intruvert’s IntruShield intrusion prevention solution, and Okena’s StormWatch host-based IDS product. Dhingra said the Ecosystem is open for the admission of other intrusion prevention technologies that meet certain prerequisites to afford customers high levels of integrated policy management.

The importance of stringent security policies to recognize and block malformed or malicious traffic capable of penetrating a network’s defenses is becoming paramount to end-users, noted Richard Stiennon, research director for Stamford, Conn.-based Gartner.

Stiennon viewed the launch of the Intrusion Prevention Ecosystem as a clear response to scramble and match up against Netscreen Technologies’ announced plans last month to acquire OneSecure and build an IDS appliance featuring integrated network security gateway, firewall, VPN, and in-line-oriented intrusion prevention muscle.

“Future directions of the firewall are going deeper and deeper into packets and becoming more robust in applying polices,” Stiennon said. “The dance has started and NetScreen has already chosen their dance partner. I think [the Ecosystem] from Checkpoint, Intruvert, and Okena is part of that.”