Three new products from three different security companies all point to the increasing issue of remote employees and mobile workers accessing a company system.
Symantec, Configuresoft and StillSecure all have new products or product updates to secure mobile computers and enforce security policies on remote machines that are trying to connect to corporate networks. These vendors are just the latest to offer a technology fix for companies plagued by worms and viruses that jump from mobile computers and home offices onto corporate networks.
Client security is "all the rage" among enterprises that are looking for ways to protect their corporate networks from workers on laptops and home computers who connect to the office network over broadband Internet connections, said Eric Ogren, senior analyst at The Yankee Group. "Enterprises should really be taking a look at this technology to protect themselves and make sure that those remote machines are up to date and redirect them to signatures or get patched if need be," he said.
StillSecure will unveil StillSecure Safe Access 1.0, an end-point security product that tests network devices for compliance with security policies when they attempt to connect to a network through a common gateway, virtual private network (VPN), wireless or dial-up connection. The product does not require a separate software agent to be installed on remote computers, but uses a Linux-based server to manage clients, according to StillSecure CEO Mitchell Ashley.
Administrators can choose from a number of pre-defined compliance tests, which verify the operating system version and the presence of fixes for vulnerabilities used by worms like MSBlaster and SQL Slammer. Safe Access 1.0 also allows administrators to create custom tests using an application programming interface (API), StillSecure said.
As devices attempt to connect to a network, they are tested for compliance with security policies, then either allowed to access the network, denied access or quarantined. Devices that remain on the network can be periodically checked for system changes that violate corporate policy or for banned applications such as file-sharing and peer-to-peer programs, the company said. HTML templates allow sysadmins to customize messages and instructions for employees, reducing overhead for IT staff, the company said.
Like StillSecure, configuration management company Configuresoft plans to announce technology to help enforce security policies.
A new version of its Enterprise Configuration Manager (ECM) product will automatically assess and correct configuration settings on remote machines when they try to connect to a network.
Like the StillSecure product, ECM checks devices as they attempt to log on to networks. However, Configuresoft's technology focuses on enforcing network security policies regarding device configuration, Configuresoft said.
ECM can look a device configuration with granular detail, taking a picture of a device's configuration and store that in a central database. The product can track up to 80,000 configuration settings for a device, and typically captures around 25,000 unique settings for workstations and 50,000 for servers, said Configuresoft CEO Alex Goldstein.
The product does not quarantine or reject devices, but automatically adjusts configurations or installs software patches to bring devices into compliance with network security policy, Goldstein said. In addition, the new version of ECM contains templates for assessing compliance with a variety of new regulations.
Meanwhile, adding its voice to the client security chorus, Symantec plans to announce a new version of its Client Security product, the company said.
Symantec Client Security Version 2.0 is an integrated anti-virus, firewall and intrusion prevention product that protects machines from viruses and other unauthorized intrusions and introduces a number of new features.
A location-awareness feature will adjust client security settings depending on location, tightening defenses if a machine is accessing the Internet through an unprotected wireless hot spot, and loosening them when the device is connected behind a network firewall, said Kevin Murray, director of product marketing at Symantec.
An outbound e-mail worm blocker in Client Security 2.0 looks for and stops suspicious outbound e-mail activity that might indicate an infection by a mass-mailing worm such as Mydoom or Netsky, Symantec said.
Also, a VPN Compliancy Check feature provides an API that allows devices running Client Security 2.0 to interact with firewalls by Symantec partners such as Check Point and Nortel. This allows administrators using those products to block access to devices that do not meet corporate security standards, Murray said.
And the rest
The companies are just the latest to offer products and features to boost the security of mobile devices. In recent months, Cisco and IBM announced they were collaborating to address endpoint security for networks.
Under an agreement announced in February, IBM will joining the Cisco Network Admission Control (NAC) program, which is designed to enable Cisco routers to evaluate information, such as whether a particular computer's anti-virus definitions are up to date and its operating system is adequately patched, before allowing it to connect to a network. IBM will integrate the Tivoli security management software with Cisco products involved in the NAC program.
Microsoft indicated that it is entering the endpoint security game as well.
In an e-mail sent to the company's customers on Wednesday, Bill Gates said Microsoft is researching technology to inspect remote devices such as home computers that try to connect to corporate networks, blocking access for machines that don't pass a health inspection. The company is also developing active protection technologies that will adjust a computer's defenses based on changes in its "state", or block behaviors that might be caused by infection from a virus or a malicious hacker, the e-mail said.