Symantec Updates Enterprise Client SecuritySymantec Updates Enterprise Client Security

Symantec Corp. on Monday introduced client-side security software for business that borrows some tools and techniques from the company's consumer line.

Symantec Client Security 2.0 is the result of "commingling of our technologies," said Kevin Murray, director of product marketing. "There were features in our consumer space security products that corporate customers thought would be useful in a managed environment, so we're starting to bring them to the enterprise."

Client Security integrates firewall, anti-virus, and intrusion-detection defenses for desktops and laptops, then puts all the protected clients under control from a single management console. Its target: systems that are beyond the company's perimeter, such as employee PCs, mobile workers' notebooks, and branch-office systems unguarded at the gateway.

"If clients always stayed behind the perimeter, you wouldn't need something like Client Security," Murray said. "But they're moving beyond the perimeter, and enterprises need to protect every aspect of the corporate environment."

Blended threats, such as SQLSlammer and Code Red, said Murray, were the drivers behind companies wanting a client-based firewall on their systems to add another layer of protection to already-existing perimeter defenses of the network.

"The real milestones were Slammer, Code Red, and topmost, MSBlast, because of their port scanning," he said. "Defenses comprised only of anti-virus were totally vulnerable to how these worms looked for vulnerable systems."

Among the new features in version 2.0 are several which made their debut in the consumer-level Symantec Internet Security, said Murray. Client Security now includes a Web ad blocker, as well as an adware-spyware detector, all tools that have been part of the Internet Security for consumers. "Corporate administrators are now saying, 'I don't want that on my networks,'" said Murray.

Client Security also boasts several new features expressly for enterprises, including a VPN compliance checker that verifies an outside system meets set policies before it's allowed to connect with the network. Some VPN providers, including Nortel, CheckPoint, iPass, and Fiberlink, already have implemented Symantec's new client compliancy application program interface; others, said Murray, will follow suit during 2004.

Administrators can demand that remote machines accessing the network via a VPN tunnel, for instance, have up-to-date virus definitions and a properly configured and enabled firewall.

"Before a user establishes that VPN tunnel, Client Security checks the defenses of the client," said Murray. "In today's blended threat climate, during the time it takes to log on [to a VPN], there are loads of threats that could impact the client."

Such fast-acting exploits seen last year, said Murray, included MSBlast, also known as Blaster, which was able to infect an unprotected system in just fractions of a second.

Another new feature sniffs out suspicious E-mail activity that may mean a worm has installed an SMTP engine in an infected client and is getting ready to mail a slew of copies to others. Client Security now stops such mailings before they're sent, said Murray.

Client Security 2.0 has about half the hard-drive footprint of its predecessor--just 18 Mbytes, compared with 34 Mbytes--includes a location awareness feature that lets administrators control the client's access depending on its physical location, and can trace infections spread through open file shares to the originally infected system.

Client Security's pricing depends on the number of clients protected. For a company with 499 to 2,450 nodes, the software is priced at $43.40 per node; for larger installations, the price falls to $31.80 per client.