informa
/
Risk
News

Security Upgrades Proliferate

Vendors roll out refinements to plug the many ways data might leak from the enterprise

Security is a top priority for IT pros these days, so it's no surprise to find vendors upgrading to meet demand for better wares.

Reconnex, which competes with Proofpoint and PortAuthority in the internal threat protection space, today released version 6.0 of its appliances, adding tracking of thumb drives, PDAs, and laptops.

The Endpoint Agent, as the new appliances are called, detect suspicious activity in any I/O activity on the network, including email messages, wireless IM, file transfers, and the like. If it identifies suspicious activity (per predefined rules), data center managers are pinged, and end users are notified of a violation.

Reconnex says it's aiming to compete with other threat-control vendors by supporting a wider variety of network activity, though its rivals have also been active in augmenting their wares. Pricing for the Reconnex appliance, set for shipment in April, starts at $25,000.

Finnish startup Codenomicon also stepped up its storage security efforts today. (See Codenomicon Intros Defensics.) The vendor, which has a U.S. headquarters in San Jose, Calif., beefed up its Defensics solution with support for storage protocols such as CIFS, NFS, and iSCSI.

The idea is that users can run the software to check for vulnerabilities in their SAN and NAS systems. "We're sending hundreds of thousands of malformed packets at the device," says Brenda Fox, Codenomicon's president of U.S. operations, adding that this simulates a buffer overflow or denial-of-service attack.

Previous versions of Defensics focused on networking devices such as switches and routers by using protocols such as HTTP, IPv6, and SSL. (See Riverbed Steps on SSL Gas and Blue Coat Secures Mobile Devices.) The vendor also offers a version of Defensics targeted at telecom equipment and protocols such as SIP, GTP, and RTP. "Verizon is using it as a gateway for anything coming onto their network," says Fox.

The startup says that it has around 52 customers using the previous versions of Defensics, although Codenomicon is not the only vendor playing in this space. Fellow startup Mu Security, for example, also checks storage gear for vulnerabilities and recently signed up Decru as a customer. (See Decru Selects Mu.)

Unlike Codenomicon, Mu Security uses an appliance to check for security problems. Last year the vendor unveiled its Mu-4000 Security Analyzer product, aimed at IP-based systems, applications, and network devices. (See Security Startup Says Mu to Bugs.) The device uses a technique called Protocol Spidering to emulate the vulnerability discovery techniques that hackers use, then warns the user of potential system flaws and characterizes their severity.

The storage-based version of Codenomicon's Defensics product is available now, with a list price starting at $20,000.

Mary Jander, Site Editor, and James Rogers, Senior Editor Byte and Switch

  • Codenomicon Ltd.
  • Mu Security Inc.
  • Verizon Communications Inc. (NYSE: VZ)

  • Recommended Reading: