By Cameron Sturdevant  |  Posted 2004-08-16 Print this article Print

eEye Digital Security Inc.s new Blink centralized network and user endpoint protection software aims to protect user systems, including desktops and laptops. However, eWEEK Labs tests showed Blink still has some blind spots to fix.

Blink 1.0, which shipped last month, provides application and network firewalls, vulnerability scanning, and quarantining capabilities. The software is priced at $56 per managed endpoint (desktop/ laptop) per year.

IT managers considering eEyes solution—host-based vulnerability assessment with centralized policy administered to individual systems—should wait for a maintenance release that addresses the implementation problems we experienced in tests.

The Blink console had trouble deploying agents to our test systems, which were using Novell Inc.s NetWare Windows client. Even after we got the Blink agent installed, it had trouble starting and reporting vulnerabilities to a Blink console installed on the same network.

Our dual-boot systems had difficulty integrating with the Blink system, but eEye engineers were able to solve that problem. In fact, eEye solved every problem we reported, so were confident that Blink just needs some tweaking to overcome its trouble spots.

The Blink console and agents run only in Windows environments. The console had no problem scanning our network and seeing all our devices. After discovery, it was simple to deploy the Blink agent to Windows machines that were not part of our NetWare environment.

Our tests showed that Blink will help make patching routine for most users. However, it lacks integration with other centralized desktop security tools—notably, anti-virus scanners.

The Blink agent melds an adequate network- and application-layer firewall, intrusion prevention, and vulnerability assessment reports, along with a small number of options to control such things as off-limits IP addresses.

To set up firewall rules, we followed the standard conventions of defining a hierarchy of allow/disallow rules. We were able to group these policies and send them to desktop and laptop systems easily. The Blink console enabled us to make logical groups of machines and push specific policies to those groups.

The vulnerability assessment tools—eEyes claim to fame—worked well. The best part of the vulnerability assessment scans was that we could take actions such as blocking user access to the network until the vulnerability was remediated.

Blink is not a remediation tool. IT managers who opt for Blink should purchase a tool such as PatchLink Corp.s PatchLink Update to take care of bringing systems up-to-date.

Blinks vulnerability reporting is adequate but told us little about the test systems that our patch management tools didnt divulge.

Labs Technical Director Cameron Sturdevant is at cameron_sturdevant@ziffdavis.com.

Check out eWEEK.coms Security Center at http://security.eweek.com for the latest security news, reviews and analysis.

Be sure to add our eWEEK.com developer and Web services news feed to your RSS newsreader or My Yahoo page

Cameron Sturdevant Cameron Sturdevant has been with the Labs since 1997, and before that paid his IT management dues at a software publishing firm working with several Fortune 100 companies. Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility, with a focus on Android in the enterprise. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his reviews and analysis are grounded in real-world concern. Cameron is a regular speaker at Ziff-Davis Enterprise online and face-to-face events. Follow Cameron on Twitter at csturdevant, or reach him by email at csturdevant@eweek.com.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel