Smarter, Sneakier Systems Spot IntrudersSmarter, Sneakier Systems Spot Intruders

OneSecure and ForeScout offer simplified management, refined detection

information Staff, Contributor

February 9, 2002

2 Min Read
information logo in a gray background | information

Administrators charged with protecting a network can't live without intrusion-detection systems, but they often find it's hard to live with them, too. Most systems plague IT staff with false alarms that take a serious toll on administrators' productivity. Two new products may dramatically reduce, if not eliminate, the problem.

Storageway Inc., a storage provider in Fremont, Calif., is beta testing OneSecure Inc.'s Intrusion Detection and Prevention system. William Turner, chief security officer at Storageway, says IDP's refined sleuthing capabilities have virtually eliminated false positives. For example, instead of merely conducting signature inspections, which sound alarms whenever the system notices that some activity on the network resembles a known hacking technique, IDP conducts "stateful inspections." These inspections take into account the context of the activity as well, to avoid generating alerts for activities that may look suspicious on the surface but are legitimate. The software also detects protocol and traffic anomalies.

Management is also simplified, Turner says. Any IT staff members who have managed a firewall will be familiar with managing IDP, he says. The appliance easily imports additional intrusion signatures, including those written for use with the popular open-source Snort intrusion-detection system.

ForeScout Technologies Inc. takes a novel--and sneaky--approach to reducing false alarms. After ActiveScout identifies what appears to be a hacker scanning for network vulnerabilities, it feeds the suspected attacker false data, such as user names and passwords. It's the digital equivalent of giving marked bills to a bank robber, says Pete Lindstrom, director of security strategies for Hurwitz Group. When hackers try to use that information to attack the network, ActiveScout recognizes the data and automatically blocks the attacker. "You won't get false positives because the software only reacts when a hacker actually makes his move to attack," Lindstrom says.

Both of the products are available this week. OneSecure's system is priced at $16,495, and ActiveScout prices start at $8,995.

Read more about:

20022002

About the Author

information Staff

information Staff

Contributor

See more from information Staff
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

A group of smiling college graduates celebrating their graduation.
IT Leadership
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era

Jan 17, 2025

Flame front of the Eaton Fire on the first night during the January 2025 California wildfires in Altadena and Los Angeles
IT Sectors
How Tech Supports the Emergency Response to the LA County Wildfires
How Tech Supports the Emergency Response to the LA County Wildfires

Jan 16, 2025

Graphic Pop Art style Illustration of Keanu Reeves as NEO from the film, The Matrix
IT Infrastructure
Y2K and Infrastructure Resilience 25 Years Later
Y2K and Infrastructure Resilience 25 Years Later

Jan 7, 2025

Young businessman working on a virtual screen of the future and sees the inscription: Now hiring
IT Leadership
Help Wanted: IT Hiring Trends in 2025
Help Wanted: IT Hiring Trends in 2025

Nov 20, 2024

Cobol programming language software development concept on vitual screen.
IT Leadership
Untangling Enterprise Reliance on Legacy Systems
Untangling Enterprise Reliance on Legacy Systems

Jan 21, 2025

Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports