Security Web Digest: Network Associates Inc. releases Intrusion Detection/Prevention Product

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

A little more than three months after announcing its intention to purchase IntruVert Networks Inc., Network Associates Inc. announced its first release of IntruVert technology, a new hardware appliance that provides intrusion detection and prevention to mid-size networks and corporate branch offices. The IntruShield 1200 is a 1U rack-mount hardware appliance that is both an intrusion detection system (IDS) and intrusion prevention system (IPS) device. On the IDS side, the IntruShield 1200 offers signature- and traffic-anomaly detection capabilities that allow it to detect denial of service attacks. The 1200 qualifies as an “intrusion prevention” appliance because it is capable of running “in-line,” disassembling and analyzing the data packets and stopping attacks in “real time” as they are occurring, Network Associates said.

Three months after launching a cross-industry group to develop standards for integrating physical and information technology (IT) security, Computer Associates International Inc. is handing off management of that group to the Industry Standards and Technology Organization (ISTO). The ISTO, which was spun off of IEEE in 1999, will assume administrative control of the Open Security Exchange (OSE), providing staff and resources to manage the finances and logistics of the group, according to Greg Kohn, director of industry programs at ISTO. IEEE-ISTO management will make the OSE more open and public and advance the development of integrated security management standards, according to CA Senior Vice President Ron Moritz. In addition to CA, OSE members include smart card provider Gemplus International, fire and security alarm giant Tyco International and private investigation firm Pinkerton Consulting & Investigations, part of Securitas.

The Liberty Alliance, in a document published last week, is emphasizing that business issues, not just technology, affect federated network identity. Liberty Alliance in its Business Guidelines document cites four business requirements to consider in the context of identity federation: mutual confidence, risk management, liability assessment and compliance. The organization, which features member companies such as Hewlett-Packard, Sun Microsystems, SAP, and American Express, focuses on developing specifications for federated identity, which involves the verification of identities of parties in e-commerce across the Internet. The real value of Web services will not be reached until companies can more securely and efficiently manage trusted relationships among partners, according to Liberty Alliance.

The government will provide companies investing in antiterrorism technologies with legal protection to minimize their risk in case theyre sued in connection with a terrorist attack. Employing the same reasoning behind Good Samaritan laws — in which those who aid people hurt in accidents cant be sued for further injury — the Department of Homeland Security issued rules last week to implement the Support Anti-Terrorism By Fostering Effective Technologies, or Safety, Act, which Congress enacted last year. Many companies might not invest in potential lifesaving technologies without the act, the laws supporters say.

Antivirus software maker Sophos Inc. announced Monday that it would introduce a Mac OS X-native solution at the MacWorld Expo this week. Sophos Mac OS X entry builds on earlier versions developed for the Macintosh, incorporating an enhanced user interface and new security features, including prevention of de-installation by end users; on-access scanning technology that transparently checks files as theyre accessed and more. Sophos plans to ship the full version of Sophos Anti-Virus for Mac OS X in August. A beta version is available now.