Product announcements from three security companies underscore the growing interest in so-called "end point" security...
products that protect corporate networks from infections introduced by mobile or remote employees.
Symantec, Configuresoft and StillSecure have products or product updates that secure mobile computers and enforce security policies on remote machines trying to connect to corporate networks.
"Enterprises should really be taking a look at this technology to protect themselves and make sure that those remote machines are up to date and redirect them to signatures or get patched if need be," said Eric Ogren, senior analyst at The Yankee Group.
StillSecure's Safe Access 1.0 is an endpoint security product that tests network devices for compliance with security policies when they attempt to connect to a network through a common gateway, VPN, wireless or dial-up connection.
The product does not require a separate software agent to be installed on remote computers, but uses a Linux-based server to manage clients.
Administrators can choose from a number of predefined compliance tests, which verify the operating system version and the presence of fixes for vulnerabilities used by worms. Safe Access 1.0 also allows administrators to create custom tests using an application programming interface (API).
As devices attempt to connect to a network, they are tested for compliance with security policies, then either allowed to access the network, denied access or quarantined. Devices that remain on the network can be checked periodically for system changes that violate corporate policy or for banned applications such as file-sharing and peer-to-peer programs.
HTML templates allow administrators to customise messages and instructions for employees on resolving compliance problems that are preventing network access, reducing overhead for IT staff.
Configuresoft's latest version of Enterprise Configuration Manager (ECM) product will assess and correct configuration settings automatically on remote machines when they try to connect to a network.
ECM can examine a device configuration in detail, taking a picture of a device's configuration and storing that in a central database. The product can track up to 80,000 configuration settings for a device, and typically captures around 25,000 unique settings for workstations and 50,000 for servers.
The product does not quarantine or reject devices, but automatically adjusts configurations or installs software patches to bring devices into compliance with network security policy.
ECM also contains templates for assessing compliance with a number of US regulations.
Meanwhile, Symantec Client Security Version 2.0 is an integrated antivirus, firewall and intrusion prevention product that protects machines from viruses and intrusions and introduces a number of new features.
A location-awareness feature will adjust client security settings depending on location, tightening defences if a machine is accessing the internet through an unprotected wireless "hot spot", and loosening them when the device is connected behind a network firewall.
An outbound e-mail worm blocker in Client Security 2.0 looks for and stops suspicious outbound e-mail activity that might indicate an infection by a mass-mailing worm.
A VPN Compliancy Check feature provides an API that allows devices running Client Security 2.0 to interact with firewalls by Symantec partners such as Check Point Software Technologies and Nortel Networks. This means administrators using those products can block access to devices that do not meet corporate security standards.
Paul Roberts writes for IDG News Service