ISS adds 'virtual' patching

Internet Security Systems this week will upgrade its Dynamic Threat Protection software suite with enhanced vulnerability...

Internet Security Systems this week will upgrade its Dynamic Threat Protection software suite with enhanced vulnerability assessment and intrusion-detection tools.

A key capability enabled by the new technology is a "virtual patch process", which has been claimed to reduce the need to apply so-called hot fixes for protecting against viruses and worms that exploit system vulnerabilities.

The virtual process is designed to let security administrators block certain types of traffic and look for particular virus signatures or suspicious data patterns using vulnerability information gathered by the company's upgraded Internet Scanner 7.0 tool.

ISS will also soon release a Catastrophic Risk Index that lists some of the most dangerous security vulnerabilities. The index will give users more information on what to defend against and how to do it, said ISS chief technology officer Chris Klaus.

The vulnerability identification and proactive defense measures being offered by ISS could save companies from having to install patches or develop manual workarounds every time a security flaw is found, said Andrew Plato, a principal consultant at Anitian.

The virtual patching features are only a part of a wider range of intrusion-prevention capabilities being touted by security product suppliers.

Other companies, such as Sanctum, Kavado and Teros also offer tools that use behavioural rules, usage models and correlation engines to enforce authorised network behavior. In some cases, these tools can, automatically, prevent unauthorised or malicious code from executing on systems.

However, users have, so far, been cautious in their acceptance of such technologies, citing their immaturity, lack of promised functionality and tendency to block legitimate as well as malicious traffic.

Jaikumar Vijayan writes for Computerworld

Read more on IT strategy

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.