Security company Symantec has issued updated versions of a number of software products under the guise of a new security framework it calls Symantec Intrusion Protection.
The company refreshed its ManHunt network intrusion detection system (IDS) product, as well as the Intruder Alert host-based IDS and ManTrap ‘honeypot’ products. Intruder Alert is now known as Symantec Host IDS and ManTrap is branded as Symantec Decoy Server.
The centerpiece of Symantec's announcements was Symantec ManHunt 3.0, which updates the IDS technology that Symantec purchased from Recourse Technology in July 2002.
The new version of ManHunt includes a feature that delivered security updates to ManHunt sensors in response to emerging threats. Those updates used information from Symantec's Security Response research organization to update the ManHunt devices, providing updated vulnerability information, attack signatures and rules to refine event data and spot attacks, according to Sandeep Kumar, director of product management at Symantec.
Previous versions of ManHunt permitted attack signature updates, but not modifications to the sensors, Kumar said.
ManHunt would now run on Red Hat Linux 8 platform, in addition to Sun Microsystems’ Solaris operating system, he said.
For companies looking for host-based intrusion detection and prevention, Symantec updated its Intruder Alert product, rebranding it as Symantec Host IDS version 4.1.
The new version of the Host IDS product included improved "process management" features that made it easier to harden applications against attacks, according to Matt Rodgers, senior product manager at Symantec.
For example, for a webserver, the process management features would allow administrators to create security policies that enforced a core set of capabilities out of a much larger set of supported capabilities, blocking the server from spawning nonessential processes.
Those policies can be applied to individual hosts or groupings of servers based on operating system, department or other internal designations, Rodgers said.
Symantec also expanded the number of supported platforms for Host IDS. In addition to Sun's Solaris 8 and 9 operating systems, it now supported Microsoft’s Windows XP, 2000 and NT 4.0 operating systems.