http://www.news.com/News/Item/0,4,24391,00.html?st.ne.ni.rel
HP, Check Point detect intrusions
By Tim Clark
Staff Writer, CNET News.com
July 20, 1998, 12:45 p.m. PT
Hewlett-Packard and Check Point Software today beefed up their security
offerings with agreements to add intrusion detection software, which
monitors networks for break-ins by unauthorized users.
The hot intrusion detection market has seen a flurry of activity since
January, with acquisitions, start-ups, an IPO, new products, and, earlier
this month, a patent lawsuit. The activity responds to worries by
corporate network managers that firewalls alone aren't enough to protect
against attacks.
Check Point, which began as a firewall company but has expanded into
broader security and network software offerings, will sell the RealSecure
intrusion detection software from Internet Security Systems under Check
Point's name, one of only a few OEM relationships for either firm.
Hewlett-Packard announced that it will license intrusion detection
software from Cisco Systems, giving HP access to technology that Cisco
acquired in February with the Wheel Group. HP will incorporate the network
intrusion detection software into its OpenView network management
software, calling it HP OpenView Node Sentry.
HP also made two other security-related announcements today about giving
employees or outsiders access to sensitive information on a corporate
network. HP OpenView Access Manager regulates individual employees' access
to operating systems such as HP-UX or Windows NT, databases such as
Oracle's, and applications like SAP's R/3.
HP also announced that a new product, Praesidium Authorization Server, is
now shipping. Authorization Server lets intranet and extranet managers
control who can see specific data or perform specific actions on an
individual basis. HP says the authorization server, part of its Praesidium
family of security software, goes beyond authentication, which vouches for
the identity of a specific user.
"Authorization Server provides IS managers with the safety valve needed
for rapidly deploying and maintaining virtual business relationships over
the Net," Jim Hurley, an Aberdeen Group security analyst, said in a
statement.
HP's version of the intrusion detection software uses sensors to monitor
network traffic, then consolidates the data on a console to allow
surveillance and to detect patterns of intrusions. Like the Access
Manager, Node Sentry integrates into OpenView.
"We see intrusion detection as a significant emerging market opportunity,"
said Bradley Brown, Check Point's director of business development, noting
that Check Point looked at several options before settling on ISS, which
had already been a Check Point partner.
In a report earlier this month Yankee Group estimated the "adaptive
network security management" market, which includes both intrusion
detection software and tools to probe networks for security holes, at the
$45 million mark last year. That's consistent with Aberdeen Group's
estimate in January.
Yankee estimates the market will boom to $160 million this year and reach
$315 million in 1999.
Both reports name ISS, which went public in March, as the leading vendor,
garnering 30 percent last year in Yankee's estimates. Yankee lists Axent
Technologies at 19 percent, Network Associates and Cisco at 11 percent
each, and Security Dynamics at 10 percent, with smaller firms dividing up
the remainder.
Activity in the intrusion detection space began last fall, when firewall
vendor Trusted Information Systems acquired Haystack Labs. In March, TIS
itself was purchased by Network Associates, days after Cisco bought
WheelGroup.
In May, Network Associates also bought intrusion protection firm Secure
Networks, which makes software for security managers to probe their
networks for vulnerabilities.
Earlier this month, Network Associates sued ISS, charging it with
violating a patent held by Haystack Lab. ISS disputes the allegation. In
an effort to undermine ISS, Network Associates also is giving resellers a
free copy of its CyberCop Scanner tool, which competes with ISS'
RealSecure.
Check Point said its version of RealSecure will be available through
resellers by October for $8,995, similar to pricing from ISS.
HP OpenView Access Manager and HP OpenView Node Sentry are expected to be
available in the fall, with pricing to be released in September.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Tue Dec 8 08:58:57 1998