Level of Control over

By eweek  |  Posted 2007-11-12 Print this article Print

Applications"> Strom: Its a pain in the neck, lets face it.

Gladstein: Yeah. Thats about it, but weve heard the same thing. And if youre a company, you want to have that benefit, but you want to be able to control it, centrally, without having the end-user have any knowledge of whats going on. And so if you think about that, thats what weve done. And you see the security industry, you know, theyre trying to do something similar. When they realized that just finding the bad stuff, the malicious stuff, thats not good enough. Companies want to be able to stop Skype in an area where Skype shouldnt be running. Or to be able to stop file sharing in an area that contains sensitive information, right. So they want to have this level of control over the applications, beyond what a third party states is malicious. So you can see it really coming from a lot of areas.

Strom: So what happens if I bring my laptop into a corporation thats got your gear on it, but I dont have anything on it. Im just running willy-nilly, and I probably have 17 different pieces of malware on it. How do you stop me from messing things up, or can you?

Gladstein: Well, I mean, there are two ways to look at it. The first one is, if that enterprise has network access control, then that can be built into part of the policy, so that, when that machine went on the network, it would be brought in line with the network access control policies. But, I think more interesting, is, you know, that malware is going to try and do stuff. Its going to try and spread inside the enterprise. So you can even think of it when, you know, a user whos part of the organization goes offsite and sits in a coffee shop and connects to a public WiFi they could get something, and they could come back in, and all the enterprise security that youve put around your network perimeter, goes away, right? That desktop is really now - or that laptop, is the new perimeter. So, what Bit9 does is it says if that piece of malware is trying to jump, in any way, and put a payload thats executable on another system, thatll just be prevented from running. So, you could actually see with Bit9 that, you know, one computer [thats] now been brought inside the environment is trying to spread a particular file. The file wont run anywhere, so it wont be able to actually do any damage. But Bit9 will alert you that its happened and will be able to report that its happened and tell you where its happened, and help you identify what the problem is without exposing you to unnecessary risks.

Strom: So how often does that happen with your customers networks? Every day?

Gladstein: You mean, people bringing bad stuff inside?

Strom: Yeah. Lets say deploy your solution, they find out how promiscuous and how badly infected their end-users laptops are.

Gladstein: Yeah. Certainly they discover things that they prefer not to share with anybody. Thats, I think, the best way to put it.

Strom: Well, its a sad testimonial to the state of the Internet, unfortunately. I mean this is why we need this stuff.

Gladstein: You know, its really difficult for our customers because when you look at the compliance now, and just all the pressure that theyre under from regulations and from industry compliance and all this stuff, most customers who manage desktop environments, they dont want to ask the question, "whats out there," because theyre worried about the responses that may come back, and then they have to do something. So, you know, its the curse of knowledge in some ways, but youve got to do it these days. You have to be able to prove that you can see the software thats out there and have controls around it, and be able to stop bad things from happening.



Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel