HP is publicising new anti-virus technology in its servers and switches that it claims will slow virus outbreaks.
Commercial implementations of what it calls "virus throttling" now come with ProLiant Servers and ProCurve Networking by HP 5300 series switches. HP also announced the Security Containment software suite, which locks down software applications that have been compromised by an attack, said Tony Redmond, head of HP's Security Office.
The new software is part of HP's program to develop technology that keeps computer networks operating in the face of fast-moving attacks. HP will be demonstrating both new technologies at the 2005 RSA Conference this week.
Virus throttling is a technology developed at HP Labs which can spot systems on a computer network that are attempting to make a large number of network connections, a common symptom of virus infection. After identifying an infected system, the software notifies administrators and automatically chokes off, or throttles, outbound connections from it, which keeps the system online but prevents the virus from spreading rapidly, Redmond said.
It won't prevent infected computers from communicating with other systems on a network, but it will keep them from bogging down other computers and applications and allow legitimate traffic to circulate. The technology is intended to be a tool that will allow organisations to keep their network functioning even if a virus slips through perimeter defenses, he said.
"If you have a mistake in your firewall or IDS and a virus gets through, it can wreak havoc in your corporate environment. Administrators can find it difficult to cope, trying to swim upstream against a mass of viruses that are trying to connect at hundreds or thousands of connections a minute," Redmond said.
The virus throttling feature is available on ProLiant Servers running Windows 2000 or 2003 Server, as part of the ProLiant Essentials Intelligent Networking Pack, which can be purchased from HP for $149. The feature is also available as a free download for ProCurve Networking 5300 switch customers who have active maintenance and support agreements. HP hopes to add the virus throttling features to more of its switches in the future, Redmond said.