Symantec guards against blended security threats
Security software vendors have had to change their tactics to respond to threats such as Code Red, which utilize legitimate means of access into enterprise networks before wreaking havoc, and Symantec is no exception. By combining firewall, anti-virus and intrusion detection technologies with a single security update mechanism, the Cupertino, California-based company claims to be offering an integrated security suite for both network clients and remote users.
Symantec Client Security comprises four main technologies to prevent malicious attacks: the System Center centralized management console; the Digital Immune System anti-virus infrastructure and services; Symantec's rules-based firewall technology; and comparison of network traffic against known signatures maintained by the Symantec Security Response team, which is also able to block IP addresses in the event of intrusion attempts.
Symantec is not the first security vendor to tackle blended attacks. The problem is at the heart of Trend Micro Inc's new Enterprise Protection Strategy, which was launched in May, and has already produced new security scanning and reporting products. Network Associates Inc also announced that it was teaming up with Internet Security Systems Inc on a security intelligence and product development deal to tackle the problem. Products from that development deal are due in the first quarter of 2003.