| Register/Subscribe Home |
|
| THE STAT 26Percentage of wireless customers who use their cell phones to take picturesMore Vitals
| |
DECEMBER 4, 2001 SPECIAL REPORT: SECURITY'S NEW FACE A New Twist in Computer Security Tools Intrusion-detection systems that actively ward off outside cyberattacks are becoming increasingly popular -- though still rather complex
Though traditionally most popular in the corporate world, firewalls -- which like their automotive counterparts keep bad things out -- have gained a significant foothold among individuals who have broadband Net connections and want to protect their home PCs and small businesses from hackers. Both types of protection are so cheap -- $50 or less -- that tens of millions of them are installed in the U.S. alone. Now, a new type of software is about to join these must-haves for PC users. Called intrusion-detection systems (IDS), these programs serve as active sentries on a network or a desktop, sniffing out what could be signs of unauthorized activity and alerting either the PC owner or a network administrator. They trace their roots back to tools used to map networks and determine, via remote queries, the operating systems of machines hooked to a network - both routine tasks of corporate systems departments. Advanced security experts have used complicated IDS packages for years, though they've often complained that these systems are hard to configure and slow down the networks they watch over. WORM PROTECTION. Even though both complaints are still frequently heard, IDS users are approaching critical mass, making Net security a troika of products. In part, that reflects a recent outbreak of more potent PC pathogens, such as Nimda. Rather than rely on a single method of entry into networks, the newest viruses (or worm viruses, as they are often called) test multiple entry points. They may try to get into a network from an e-mail program or through an open port in the firewall that allows a connection to the Net. They're especially dangerous because a network's number of possible entry points expands continually as more and more devices are added to it. That's why dozens of companies now sell IDS products, including Enterasys (ETS ), Cisco Systems (CSCO ), Internet Security Systems (ISSX ), Symantec (SYMC ), Network Associates (NETA ), nCircle, and Network Flight Recorder. According to market researcher International Data Corp., sales of IDS software and equipment, estimated at just shy of $200 million in 2001, will grow at a 38% compound rate annually for the next few years. And over that period, IDS will transform from a technology that's too complex to master to one that everyone must have to feel safe. Witness the story of online directory-services company YellowPages.com. The Henderson (Nev.) company is hardly a technological backwater when it comes to security. Like thousands of other small companies, YellowPages.com uses advanced firewall protection and antivirus software. But CEO Dane Madsen recently rolled out an IDS scheme to protect his 32-person company, which expects revenues of $22 million in 2001. The software, installed on individual machines around the company, cost about $20,000. CLIENT REQUEST. YellowPages.com had no alternative. One of its biggest customers, investment bank ABN Amro, requested after September 11 that all partners with data links to the financial concern's network redouble their security efforts. "They wanted every door shut that we could physically shut," says Madsen. That's likely to become a more common requirement imposed by big companies as they try to reduce potential threats that could arrive via customers or suppliers. While YellowPages.com's strategy of putting IDS on desktop machines is more common for smaller companies, a rising number of large companies are installing two-tiered IDS systems that pair a desktop program with a more powerful one that watches over data traffic on an entire network. That was the impetus behind Internet Security Systems' purchase last May of NetworkICE, maker of the BlackIce personal firewall and desktop IDS product. IDS is developing a grassroots following as well. More and more personal firewalls are including basic IDS-like capabilities, such as prohibiting outbound communications from a PC to an unknown server in, say, Romania. Two popular personal firewalls from Zone Labs and Symantec's Norton subsidiary both offer some basic blocking of behavior that seems suspicious, such as Trojan Horse programs that may try to sneak password data out of a PC and send it to an unauthorized recipient. Network Associates is rolling out a similar capability. FAST SPREAD. Big performance questions remain when it comes to using IDS on high-speed networks. Indeed, companies that make IDS have struggled to keep up with firewalls that can now allow data throughput at an eye-popping two gigabits per second. Similarly, configuring an IDS package remains largely the province of experts. That will change in a hurry, though, as IDS enters the mainstream over the next two years -- and as more companies realize that the passive defense provided by firewalls and antivirus software simply isn't good enough anymore.  By Alex Salkever Technology Editor Salkever regularly covers computer security issues in his Security Net column, only on BW Online Get BusinessWeek directly on your desktop with our RSS feeds.  Add BusinessWeek news to your Web site with our headline feed. Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video. To subscribe online to BusinessWeek magazine, please click here. Learn more, go to the BusinessWeekOnline home page  | | DECEMBER |
 Copyright 2001 , by The McGraw-Hill Companies Inc. All rights reserved.Terms of Use | Privacy Policy |
Printer-Friendly Version