eEye Digital Security Inc.s new Blink centralized network and user endpoint protection software aims to protect user systems, including desktops and laptops. However, eWEEK Labs tests showed Blink still has some blind spots to fix. Blink 1.0, which shipped last month, provides application and network firewalls, vulnerability scanning, and quarantining capabilities. The software is priced at $56 per managed endpoint (desktop/ laptop) per year.The Blink console had trouble deploying agents to our test systems, which were using Novell Inc.s NetWare Windows client. Even after we got the Blink agent installed, it had trouble starting and reporting vulnerabilities to a Blink console installed on the same network. Our dual-boot systems had difficulty integrating with the Blink system, but eEye engineers were able to solve that problem. In fact, eEye solved every problem we reported, so were confident that Blink just needs some tweaking to overcome its trouble spots. The Blink console and agents run only in Windows environments. The console had no problem scanning our network and seeing all our devices. After discovery, it was simple to deploy the Blink agent to Windows machines that were not part of our NetWare environment. Our tests showed that Blink will help make patching routine for most users. However, it lacks integration with other centralized desktop security toolsnotably, anti-virus scanners. The Blink agent melds an adequate network- and application-layer firewall, intrusion prevention, and vulnerability assessment reports, along with a small number of options to control such things as off-limits IP addresses.
To set up firewall rules, we followed the standard conventions of defining a hierarchy of allow/disallow rules. We were able to group these policies and send them to desktop and laptop systems easily. The Blink console enabled us to make logical groups of machines and push specific policies to those groups.
The vulnerability assessment toolseEyes claim to fameworked well. The best part of the vulnerability assessment scans was that we could take actions such as blocking user access to the network until the vulnerability was remediated.
Blink is not a remediation tool. IT managers who opt for Blink should purchase a tool such as PatchLink Corp.s PatchLink Update to take care of bringing systems up-to-date.
Blinks vulnerability reporting is adequate but told us little about the test systems that our patch management tools didnt divulge.
Labs Technical Director Cameron Sturdevant is at email@example.com.
Check out eWEEK.coms Security Center at http://security.eweek.com for the latest security news, reviews and analysis.
IT managers considering eEyes solutionhost-based vulnerability assessment with centralized policy administered to individual systemsshould wait for a maintenance release that addresses the implementation problems we experienced in tests.