ISS unveils Dynamic Threat Protection platform

Internet Security Systems (ISS) announced improved versions of its RealSecure Site Protector and Fusion products wrapped around...

Internet Security Systems (ISS) announced improved versions of its RealSecure Site Protector and Fusion products wrapped around its centrally managed Dynamic Threat Protection Platform.

ISS heavily promoted the influence of integration, consolidation and security event management on its existing and future product plans.

The intrusion detection systems (IDS) supplier unveiled technology partnerships with IBM iSeries-focused software security supplier PowerTech Group, as well as Crossbeam Systems and its high-performance XS40S multi-gigabit appliance.

Tom Noonan, president and chief executive officer of ISS, said RealSecure Site Protector would be fully integrated and pool information with third-party solutions, including CheckPoint Software Technologies Firewall-1 and Cisco Systems PIX by the second quarter.

"Customers' biggest request is to make [security] effective," said Noonan. "People don't want to see [multiple security incidents and logs] anymore. They want to see a threat connected with a vulnerability they can act on."

He added that built-in security services, proactive security information management, and monitoring must be established closer to application security and away from the hardened network perimeter to shift an automated defensive scheme.

"This industry is changing because it has to change, and we're trying to get security into all critical pieces of an environment," said Matthew Kovar, director of security solutions and services at Yankee Group. "[Customers are] trying to understand what applications are doing on a web server or a desktop."

Last October, Symantec shook up the security landscape by introducing its Security Event Management System, a set of management applications designed to knit disparate security product data closely together to enable proactive security response and detection.

ISS' Dynamic Threat Platform promises to deliver many of the same benefits and processes of a unified and easy-to-manage security infrastructure.

RealSecure SiteProtector 2.0, earmarked by Noonan as the primary management cog behind ISS' Dynamic Threat Protection platform, features automated deployment of protection agents, policy administration, agent and asset grouping, and advanced incident analysis and reporting.

The product joins a growing security trend of bringing together traditional standalone security solutions, such as vulnerability assessment, intrusion prevention, and firewall and blocking capabilities.

RealSecure Fusion 2.0 can automatically identify hidden security threats and greatly reduce false positive alarms by utilising embedded intelligence from X-Force, ISS' security response team. Fusion's correlation engine can discern properties of an attack or threat associated with vulnerabilities. For example, revealing data about a host or operating system-associated vulnerabilities.

RealSecure Site Protector 2.0 will be available this month. RealSecureFusion 2.0 should be ready by the first quarter of 2003.

Read more on IT risk management