Enira Tool Speeds Threat Response

By Paula Musich  |  Posted 2006-01-02

Enira Technologies LLC is trying to get a leg up in the fast-growing and confusing network access control space with the latest version of its Network Response System.

The Enira NRS 4.0 appliance is designed to allow security teams to respond faster to security threats such as worms or viruses by helping them quarantine or shut down network access in a more automated fashion.

The system automates response strategies according to predefined threat levels. Based on the potential risk, security administrators can quickly shut down an entire network or a network port with a mouse click, or they can quarantine specific users rather than network nodes.

The NRS is based on a fully automated network policy manager that allows customers to use plain language to execute provisioning functions. In the new release, users can create a range of different labels.

For one user who sees hundreds of attacks every month, the offering allows operators in seconds to block out or quarantine incoming threats. "It really works in a matter of seconds if you know exactly where the threats are coming from," said the user, who asked not to be identified. "You can section off a VLAN [virtual LAN] or the whole thing and continue to research where it is. For any anomalies it sees, it automatically generates a report, and we block it off. If its a false positive, we allow that node or network segment back on. We perform these blocks almost routinely."

Also new in Version 4.0 is the ability to quarantine users rather than network nodes. Users can search by user, click on a check box and quarantine the specific user. Enira also boosted the multiuser systems ability to handle multiple types of user accounts, allowing for every task to be subdivided within the system.

The NRS does not prevent or detect security breaches, but it can be integrated with intrusion detection and prevention systems. Version 4.0 is available now.

Rocket Fuel