Hitting The Target

Page 1 of 2

But despite the challenges involved in securing Windows, many security ISVs have been tweaking traditional approaches and coming up with new ways of identifying and managing threats.

Shavlik Technologies, a Roseville, Minn.-based vendor specializing in vulnerability assessment and remediation software, believes the key to protecting networks is to give organizations a simpler way to monitor their security posture, said President and CEO Mark Shavlik.

Shavlik, a Microsoft partner that in the 1990s helped develop Microsoft's Baseline Security Analyzer (MBSA), in mid-July plans to release Shavlik Security Intelligence, an application that lets organizations keep tabs on their local and remote networks through a dashboard that tracks device configuration settings, system patch levels and malware infections.

"Every vendor has a dashboard with pretty pictures, but users need to have visibility into remote sites to really understand their security posture," Shavlik said.

Although the vendor has built much of its business around Windows, Shavlik says the security measures baked into Vista have made it more difficult for third-party vendors to develop products for the platform. "Microsoft did a good job of making Vista more secure, but security vendors face the challenge of getting to the administrator level that Vista is designed to protect," said Shavlik, who nonetheless expects to significantly boost his company's support for Vista in the coming months.

Shavlik's software addresses the critical need to keep Microsoft products up to date and also deals with the challenge of helping customers understand where security issues exist on their networks, said Pete Greco, vice president of sales at Productive, a Shavlik reseller based in Minneapolis.

"Shavlik does this in a way that's easier to manage than Microsoft Windows Server Update Services [WSUS], and which greatly cuts down on the time and complexity of security management," said Greco, who adds that current demand for this technology is particularly high in the midmarket.

Blue Lane, Cupertino, Calif., is building a channel program and recruiting partners on the strength of its unique ability to protect servers, said Greg Ness, vice president of marketing at Blue Lane. Blue Lane works with Solaris or Linux servers, as well as Windows. Blue Lane's Virtual Shield is a software hypervisor that plugs into VMware implementations and focuses on "correcting" malicious traffic rather than blocking it, Ness said.

Servers have unique security requirements, and applying patches too quickly can lead to downtime, Ness said. Blue Lane's technology looks deep into applications and operating systems to allow the vendor to apply corrective action before the patch is applied, he added.

"If you apply patches too quickly to the server, you risk availability. Therefore, vulnerability windows are generally tolerated as a necessary evil," Ness said. "Our technology is very application- and protocol-aware, as opposed to focusing only on vulnerabilities and exploits."

Applying the patch to traffic as it's coming through the network without having to touch the servers could be a major differentiator, said Jeff Roback, president of Praxis Computing, a Marina Del Rey, Calif.-based solution provider.

"This could be Blue Lane's response to the difficulties of doing behavior-based detection—it looks like they've decided to go in the opposite direction," Roback said.

Next: Server Protection

1 | 2 | Next >>

Tweet

   

More Security

Comments by Vanilla