NAI Casting Wider Net

Upcoming wares focus on getting good traffic through during attacks.

NEW YORK--Network Associates Inc. is readying a spate of new and updated products, along with a renewed focus on mergers and acquisitions, both of which are designed to broaden the companys reach beyond its bread-and-butter anti-virus offerings.

The products include updated versions of the McAfee ePolicy Orchestrator and ThreatScan as well as new security capabilities for the Sniffer network-management sensors.

Perhaps the most intriguing of the forthcoming products is NetBouncer, an anti-DDoS (distributed-denial-of-service) solution under development by NAI Labs. While most DDoS prevention software is focused on halting the flood of attack traffic, NetBouncer takes the opposite tack and concentrates on passing the good traffic through to the network.

Developed for use with the Intel Corp. IXP 1200 processor, the software builds a list of "good" clients that are allowed to send traffic to the network. Packets sent from addresses not on the list are automatically rate-limited, and the software uses Internet protocols to challenge the sender.

As packets in DDoS attacks are often sent from spoofed IP addresses, if the sender doesnt respond to an automatic NetBouncer challenge of identification, the software discards the packets.

A new version of ePolicy Orchestrator, due in the second half of this year, will have the ability to manage anti-virus and security products from vendors such as Trend Micro Inc. and eventually Computer Associates International Inc. and Symantec Corp.

Meanwhile, the Sniffer Technologies division will soon add anti-virus and intrusion detection capabilities to its sensors.

NetBouncer is still in development, and NAI has yet to set a firm release date for it. But the fact that it exists at all is evidence of the dramatic shift in thinking at the Santa Clara, Calif., company.

For years NAI has been a major presence in the anti-virus market and, to a lesser extent, in the firewall and encryption sectors. Now, as part of a reorganization orchestrated by CEO George Samenuk, NAI is shedding products--and entire divisions--that arent the leaders in their respective markets in favor of emerging technologies and a focus on its core assets.

Gone is the PGP Security unit, which Samenuk folded into the McAfee and Sniffer divisions, and some of its products, which were sold last week to Secure Computing Corp.

In its place is a renewed push to find strategic acquisition targets with technologies that Samenuk believes fit with the companys new direction. He declined to name any specific companies, but officials said NAI will be looking at companies in emerging markets such as DDoS prevention and managed security services.

However, company officials caution that this is not a reprise of the strategy under which NAI acquired more than 40 companies in the space of a few years in the 1990s.

"Its very likely that were going to be more acquisitive this year, but were going to be very selective with those acquisitions," said Sandra England, executive vice president of business development and strategic research. "Were looking for companies that we can buy for less than $100 million."

NAI also will be looking to team up with more strategic partners in the coming months.

"No one knows the future, but all I know is security is a good business to be in, and its going to grow," Samenuk said at the companys annual analysts day here. "We have an enormous opportunity to partner with companies like IBM, Microsoft [Corp. and Computer Sciences Corp.]. Theyre coming to us, and thats going to be my focus in 2002."

Industry observers said NAI has a tough road ahead of it but that the end result should be worth the risk.

"Its good to see that these anti-virus companies are waking up and finally grasping the fact that securitys not just about anti-virus," said Pete Lindstrom, an analyst with Hurwitz Group, in Framingham, Mass.