New HP Security Suite Aims to 'Throttle' ThreatsBy John Pallatto | Print
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
The suite of security services in Hewlett-Packard's new Security Incident Management Program gives enterprise and SMB customers a way to "throttle" malware attacks before they degrade network performance.SAN FRANCISCOHewlett Packard Co. Tuesday introduced a suite of security services spanning the enterprise, SMB (small- and medium-sized businesses) and the consumer PC markets. The company said the new, integrated solutions are designed provide comprehensive protection against malware such as viruses, worms, spam and spyware.
Called the HP Security Incident Management Program, the offering is a suite of threat detection and assessment technologies combined with management processes that help organizations head off viruses, worms or denial of service attacks before the get out of hand..
HP is offering these integrated services because "the threats are becoming more complex, more malignant, more persistent and becoming more pervasive," said Tony Redmond, chief technology officer with HP Services based in Dublin, Ireland
Such technology is essential these days, Redmond said, because virus infections are designed to multiply far faster than even a few years ago, so fast that it's impossible for humans to respond them manually.
Hackers are also extremely quick to respond to public notices of system and security vulnerabilities than ever before. Some respond with exploits just weeks after release of a public vulnerability notice.
HP's package is based on technology the company developed over the past four years to protect its own systems and is running internally, according to Douglas Brown, HP security solutions architect. The company plans to release the incident management package early in 2005 for enterprise and SMB customers. HP has yet to set the pricing for this suite.
The package allows the system to detect when it has come under attack from a virus or worm that has newly emerged "in the wild," Brown said. HP provides the expertise to analyze and reverse engineer the virus or other threat to determine the most effective way to block it, Douglas said.
The suite brings together in an integrated package a wide range of security products, processes, features and functions that are available separately from HP or third-party suppliers.
The suite components can work with HP's OpenView network management software, but it's not a requirement, Redmond said. For example, customers can choose the latest component of HP's federated identity management technology, called OpenView Select Federation, which provides centralized management of user authentication and data resource access.
The contributions from third-party vendors span both software and hardware: Microsoft Corp.'s server software; Trend Micro Inc.'s antivirus and antispam software, Symantec Corp. antivirus and firewall software, Sygate Inc.'s end-point security agent technology, Harris Corp.'s trusted computing systems, Trustgenix Inc.'s federated sign-on and user authentication technology; Kensington Technology Group's locking devices for PC physical security; and Credant Technologies Inc.'s security products for mobile computers.
The suite also includes vulnerability detection along with threat analysis and response tools that can assign severity and criticality levels as well as suggest effective responses or remedial action
Other services in the package include network intrusion detection and response that can thwart attempts by hackers to gain access to corporate data, HP said. The suite can also watch for DoS (denial of service) attacks and provide an early warning for system administrators to take action and head off the attack before it causes significant service disruption.
The package also provides investigation and forensic analysis features that will allow organizations to assess the damage and costs of malware attacks. This will help companies when working with legal and law enforcement authorities to prosecute attackers if they can be identified.
The concept of a comprehensive security bundle for SMBs sounded potentially useful to Mike Hogan, CEO, ZiXXo Inc of Belmont, Calif. Zixxo is preparing to launch a new nationwide online classified advertisement service that would compete with the well-know Craig's List online classified ad service.
Zixxo currently uses HP's Internet Security Acceleration Server, developed in conjunction with Microsoft Corp., that combines a firewall, VPN (virtual private network) and cache server functions, Hogan said.
"What we are currently using is more of a best-of-breed point solution," Hogan said. "Now the idea of having a complete solution that addresses all of those other aspects with virus protection and intrusion detection is something we would be very interested in," Hogan said.
His company has already obtained adequate virus protection for its desktops, laptops and servers, he said. But having an automated system that can detect and suppress infections from newly emerging viruses would be interesting to ZiXXo, he said.
For home PCs, HP is offering an PC Security Initiative, which provides a combination of antivirus and antispam software along with dedicated online security support with one-hour e-mail response on security questions. It also will offers real-time chat for PC users who want help setting up new security systems or who trying to troubleshoot security problems.
These services will be provided at no charge for HP PCs that are now under warranty, company officials said.
HP will also provide virus alert classes that will be held via phone during major virus outbreaks. Other recorded security tutorials are available on the Web. An HP Help and Support Center will support performance and security diagnostic software installed notebooks.
Check out eWEEK.com's for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's Weblog.