Security Blanket


NFR unites intrusion-detection offerings under new initiative


NFR Security this week expects to launch its Intrusion Management System initiative, which brings together enhanced versions of its intrusion-detection products.

The Rockville-based vendor plans to roll out new Network Intrusion Detection and Host Intrusion Detection offerings under the Intrusion Management System umbrella to provide a tighter net of protection for customers, said Jack Reis, NFR CEO.

The effort promotes a multitiered approach to security that accounts for the existence of an attack time line, in which technologies are needed to provide protection, detection, analysis and response, Reis said.


The NFR NID-320S product includes a single Gigabit Ethernet interface.

"The real value of putting things under this umbrella is to foster interoperability between the various entities. You could buy any one of these technologies from a point solution provider, but the real benefit comes from the interoperability," he said.

Customers traditionally have opted for either network-based or host-based intrusion-detection systems but are now realizing that both are required, according to Reis.

Brenda Wilkins, vice president of sales at WhiteHat, a security solution provider in Toronto, said that point-based solutions aren't enough when it comes to security, and she lauded NFR's initiative.

"It's excellent, seeing a security vendor have such a thorough vision of security and all that it encompasses," Wilkins said.

NFR's updated Network Intrusion Detection offering includes a range of sensors that support high-speed networks as well as a console with enhanced administration and management capabilities that reduces false alerts. It also features a new data-mining tool that lets administrators analyze data collected over an extended period of time, Reis said.

The sensors come in four versions, ranging from the NID-320S, which includes a single Gigabit Ethernet interface, to the NID-310, which includes two 10/100-Mbps Ethernet interfaces. All sensors come as pre-configured hardware appliances, but the NID-310 also is available in a software-only version, the company said.

NFR's new Host Intrusion Detection system can manage more than 10,000 sensors, whereas the current version manages only up to 600, Reis said. The system provides multifunction host protection, including vulnerability assessment, security policy management and log analysis, he said.

The ability to bring together NFR's intrusion-detection systems and correlate the data they generate is key, said Avi Rembaum, director of partner development at Veritect, a security integrator and MSP based in Reston, Va.

"Network security is about putting the right products and technologies in place. But if you can't understand the reports they're producing, then you're no safer than before," Rembaum said.

Pricing for Network Intrusion Detection sensors ranges from $7,000 to $19,900. A Host Intrusion Detection starter kit,which includes 10 sensors, administration console and distributed data broker,costs $13,000.