ClickNet develops hacker detection product
(IDG) -- Desktop management vendor ClickNet Software is jumping into the security field with a product called Entercept that detects and prevents hacker attempts on servers and PCs.
Entercept seeks to prevent hacker activity through host-based server and desktop "agent" software that observes each request made to the operating system and checks to see if it's legitimate by comparing it to a list of known "attack signatures." The NT-based Entercept console can institute a security policy for up to 1,000 of these software agents and generate alerts if trouble is detected.
ClickNet didn't develop the Entercept product but rather bought it by acquiring Israeli-based start-up Corekt earlier this year for an undisclosed price, acknowledges Christopher Tomlinson, ClickNet's vice president of marketing.
"Corekt was still in the research phase, and their 15 security experts joined our staff," Tomlinson says.
ClickNet will continue marketing its traditional desktop management software, but the firm wants to remake itself into a security firm, he adds. The reason? "The growth in the security market," says Tomlinson, citing an International Data Corp. report predicting that the $2 billion market will triple in three years.
Can a 5-year-old privately held firm such as ClickNet, without known security expertise, convince the corporate world to give it a chance? Aberdeen Group analyst Eric Hemmendinger is ready to give the firm the benefit of the doubt. "A company that has a history already and knows how to run a business probably has a leg up on a start-up that's unknown," he says.
The Entercept product will be formally unveiled in mid-November. A few companies, including EMC, say they are preparing to beta test it.
Entercept will ship with NT and Solaris agent software that can evaluate every incoming request for system resources, such as opening a file, read-write, or a request to access a device. The user names and privileges are defined by the NT domain controller in the NT-based Entercept console, says Oace Dada, senior product manager for security at ClickNet.
At present, Entercept knows about 300 types of attacks, such as buffer overflows and Trojan horses like BackOrifice. As new attacks are identified, the Entercept console can download them in encrypted fashion from the clicknet.com Web site. The agent software can communicate with the Entercept console every 30 seconds as a default setting to get the attack signature updates. If the agent software on the server sees an attack, it can terminate the session, log it or send an alert.
The Entercept console will cost $5,000, with server agents costing $1,000 and desktop agents $95 each.
The hacker in all of us
RELATED IDG.net STORIES:
ClickNet Y2K provides detailed enterprise view
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.