Internet Security Systems has released the latest version of its
intrusion detection system (IDS) software that combines previously
owned and acquired technologies.
Featuring several components from the company's June 2001
acquisition of Network ICE, Version 7.0 of the RealSecure Network
Sensor software suite includes enhancements in the areas of
protocol analysis, signature-based detection and filtering of
packets, according to the company.
Employing the company's existing engine, the new version of
RealSecure Network Sensor processes packets at gigabit speed and
now has the ability to grab packets and inspect them through
technology devised by Network ICE.
"The result of combining the two technologies is a product that is
fast and provides detailed protocol analysis," said Dan Nadir,
director of protection solutions at Atlanta-based ISS. He added
that the product is unique because of its ability to examine all
types of traffic without a decrease in performance.
"We're not limited by what we are looking for," said Nadir. "I
think we're the only company that can say this." Nadir said that as
additional functions are added to a competitor's product, it almost
always means decreased performance.
Rather than solely relying on a signature-based engine, ISS claims
its system strips away the extraneous code hackers add to an attack
in order to bypass or trick competing IDS products.
In addition, the latest version can also determine the success of a
given attack by looking at the string returned form the server
under attack.
In an attempt to win new customers using the open-source IDS,
Snort, ISS has also added the ability to import user-created
signatures created for Snort to Version 7.0. This, Nadir said, is
beneficial for those who no longer want to maintain their own IDS
by creating new signatures.
Future releases of the product will focus on usability improvements
as well as increasing the speed at which packets are
processed.
"By year's end we expect to do protocol processing at speeds
greater than a Gigabit," said Nadir.
RealSecure Network Sensor Version 7.0 is available immediately and
price starts at $8,995 (£6,086).