Okena Inc. this week introduced its new integrated security suite, StormSystem, which combines its two previously released products.
The new suite is based on StormWatch, which installs agents at various points of the network and collects data, which is in turn fed to the other components of StormSystem.
The new release comprises StormWatch and StormFront, and like all of Okenas software, focuses on intrusion prevention instead of detection and eschews the traditional signature-based approach to network security. Instead of relying on patterns of known attacks, the software uses the data gathered by the StormWatch agents on each applications behavior characteristics, analyzes the data and then produces security policies for each application.
StormFront performs this analysis and policy generation and then moves the policies into the StormWatch manager for use on other applications.
The security policies work by intercepting the software calls before they hit the operating system, comparing them to the policy for that specific application and rejecting any behavior thats not permitted.
This approach was born of the companys belief that security should be a proactive discipline, not a reactive one.
"Things mutate so quickly, you cant get ahead of them," said Tom Turner, director of marketing at Okena, based in Waltham, Mass. "We look at the application as a known quantity."
The company later this year will be following up the release of StormSystem with StormTrack, a package that will audit the security policies on all of the servers connected to a given network, identifying any unprotected boxes. The software can then recommend new policies for each machine or apply an existing one.
StormSystem is available immediately.