FREMONT, Calif. -- iPolicy Networks, provider of next-generation network security solutions, today established a new industry standard for securing public and private networks with Release 3.0 of the iPolicy Security Manager and Intrusion Prevention Firewalls. This latest iPolicy product release includes real-time vulnerability correlation (RVC) with support for multiple vulnerability assessment scanners, which provides dynamic Intrusion Detection/Prevention (IDS/IPS) actions and improved IDS/IPS accuracy, among several other new security capabilities. The release also introduces integrated anti-virus for enhanced protection against blended threats, and dynamic-port application support for VoIP, P2P and IM security.
Performance and accuracy are the key metrics for network security products, said Eric Ogren, security analyst with Enterprise Strategy Group. The ability to correlate vulnerability scan data when inspecting traffic is important in producing precise security controls without impact on end-users. This is imperative when securing latency-sensitive applications such as VoIP and interactive Web applications.
With the intricacy of todays threat landscape, IT administrators face an uphill battle to ensure ongoing integrity in their networks. For example, while distributed IDS/IPS is crucial across all critical network segments, rather than just the perimeter, the high ratio of false positives and lack of accuracy have previously limited wider adoption of inline IPS.
iPolicy Release 3.0 breaks new ground in helping companies aim for a zero-threat network. iPolicy RVC uses vulnerability scan data from widely used scanners like Nessus 2 and 3 (by Tenable Network Security) and eEye Digital Securitys Retina, and industry-standard threat databases such as CVE and BugTraq. iPolicy RVC also allows security administrators to attach an asset value to their network-connected servers/hosts. Using the iPolicy RVC, iPolicy appliances perform automated correlation of threats detected by the IDS/IPS module with the host vulnerability data imported from the scanners. This enables real-time dynamic adjustment of IDS/IPS actions based on the degree of threat-vulnerability correlation and the asset value assigned to the host, as the threat events occur. RVC also simplifies prioritization of event analysis based on specific, individual assets/targets and eliminates manual correlation overhead to allow efficient usage of vulnerability data.