Security vendors team up to promisestrength in breadth

Internet Security Systems (ISS) and Network Associates have reached a deal to integrate products and research teams and develop...

Internet Security Systems (ISS) and Network Associates have reached a deal to integrate products and research teams and develop new offerings.

The move, they say, is to help provide users with more comprehensive security protection in the aftermath of "blended" attacks such as Nimda and Code Red.

The three-year partnership will see the companies combine Network Associates' (NAI) Sniffer network detection and analysis software, McAfee antivirus software and ePolicy Orchestrator management system with ISS' RealSecure IDS (Intrusion Detection System) and SiteProtector management console.

The combination will provide customers with better network analysis and security tools, said George Samenuk, NAI's chief executive officer.

As a consequence of the integration, NAI will offer a series of products based on a combination of the companies' offerings in 2003, Samenuk said. In the first quarter of 2003, NAI will ship an IDS product built on Sniffer and RealSecure, which will integrate into the Sniffer management system, he said.

In the first half of next year, Network Associates will also ship a version of ePolicy Orchestrator that will allow companies to identify and block blended threats through the co-ordination of policy, antivirus and IDS data using the McAfee antivirus software and RealSecure IDS, he said.

ISS, for its part, will integrate antivirus software from NAI's McAfee division into the RealSecure server and gateway sensors products, said Tom Noonan, chairman and chief executive officer of ISS.

ISS will also update its SiteProtector console to manage McAfee antivirus updates and distribute them to its RealSecure sensors, he said. Lastly, ISS will offer McAfee's antivirus protection as a managed service for gateways and desktops, he said.

The two companies will also co-ordinate the operations of their threat research and response teams, Samenuk said.

NAI's AVERT Labs and ISS's X-Force will work together to respond to emerging threats and will "create the largest private Internet threat response team in the entire world", Samenuk said.

The smooth compatibility of antivirus software and IDS is needed as hackers and virus writers are increasingly becoming the same group, instead of the two distinct groups they had once been, ISS's Noonan said.

"ISS has been really focused on the spectrum of threat convergence for a long time," he said.

Attacks like Code Red and Nimda, which had some of the hallmarks of traditional viruses and worms, also exploited security vulnerabilities in order to further their spread.

The combined products will offer companies "a better way to detect and respond to attacks on their systems," said NAI's Samenuk.

The deal "makes complete sense", said Peter Lindstrom, senior security strategies analyst with the Hurwitz Group.

The combination of the companies' products offers "a clear complementary approach, particularly as viruses and hack attacks become similar in nature".

The announcement also signals that the companies are beginning to think about security across more platforms, rather than deep protection on only one platform, he said.

"We're starting to see talk about breadth now," he said. "For a long time, these guys were talking about depth. Security is about breadth."

"It's clear that point products have a limited life in the security space ... and people have to be thinking solution-oriented," he said. This sort of integration offers customers that kind of broad package, he added.

Read more on Antivirus, firewall and IDS products