Search our
entire site
Enter your search
terms below, or visit
our search page

Search case
studies only
Enter your search
terms below:

For the table
of contents and
hyperlinks to
general topics
proceed to toc

Network Associates seamlessly integrates security booty
October 1998

Network Associates Inc. is finally integrating the many network security technologies it has collected over its 12-month acquisition spree.

At the heart of the integration plan is the new CyberCop Suite, to be released this week. The suite includes the CyberCop Scanner, Server and Network components for intrusion detection and monitoring, as well as laboratory services from the newly acquired Secure Networks Inc.

Later this year, Network Associates will add a network decoy device, code-named Honey Pot, that's designed to lure hackers into a phony network, officials said.

Network Associates officials believe they've done a better job at integrating the new products than at merging the multiple customer support services that came with the products. However, what remains to be seen is whether users will bite.

One user of WebStalker, who began working with the agent technology when it was owned by Trusted Information Systems Inc., said integration is critical if he is going to buy more Network Associates software.

"They're selling them together, but they haven't really integrated them yet, and that's what I'm going to need down the road," said the user, who requested anonymity.

Shopping sprees

The CyberCop Scanner was called Ballista when Network Associates picked up the software in its acquisition two months ago of Secure Networks, as was the Secure Networks Labs.

CyberCop Server came from the acquisition this year of TIS. In turn, the Stalker Agent and WebStalker portions of that product came from TIS' acquisition of Haystack Labs Inc. last year.

CyberCop Network came from Network General Inc., which merged with McAfee Associates Inc. in mid-1997 to form Network Associates, which is based in Santa Clara, Calif. The Sniffer technology in that package comes from Network General's earlier acquisition of Cinco Systems Inc., which built the Net X-Ray, a packet analyzer and sniffer.

Confusing?

Not to Peter Watkins, general manager of security at Network Associates. What IT administrators need to know, Watkins claims, is that the products in the suite work together with little or no tinkering by users. As a result, companies can buy security software without worrying about sizable implementation and integration costs.

Beyond the product integration, Network Associates has bolstered the individual programs.

CyberCop Scanner, for example, adds 22 new attack signatures to the 300 that were already in Ballista. It can be used by administrators to test for network vulnerabilities and then provide automated advisories on how to correct those problems. The Secure Networks Labs provides a monthly update on new hacker attacks and ways to prevent them.

CyberCop Server sits on the host and has an active report module that searches for back doors created by hackers and sets off alarms when an attack is occurring. Likewise, CyberCop Network examines IP packets coming into the network, looks for known attacks, such as denial-of-service packets, and alerts administrators when an attack is taking place.

The CyberCop Suite will initially be sold directly as part of the company's Total Network Security suite at $49 per user for 5,000 users. It will be sold on its own through resellers later this summer.

In related security integration news, Network Associates and VeriSign Inc., of Mountain View, Calif., last week took a giant step toward digital certificate interoperability.

The vendors jointly announced that digital certificates issued that are based on Network Associates' PGP (Pretty Good Privacy) software will be able to work within VeriSign's CA (certificate authority) by the end of next quarter.

The deal is an important step out of isolation for Network Associates. PGP-based certificates use a proprietary format and do not interoperate with the certificates in the x.509 standard, which is commonly issued by CAs such as VeriSign.

For VeriSign, it's a big step into international markets. The PGP format is widely used in Europe--analysts estimate it has up to 6 million users worldwide. In addition, PGP users will be able to tie their back-end processing, via VeriSign's OnSite service, to the CA.

For corporate and consumer customers, the move is a step toward erasing interoperability issues that have vexed the digital certificate market. "This is good news," said Chris Christiansen, an analyst at International Data Corp., in Framingham, Mass. "People are enormously worried about interoperability."

TABLE OF CONTENTS