BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Retina Protection Agent Part II

Posted September 10, 2010    Morey Haber

Part of being a good product manager is keeping an eye on your competition with a lifecycle development approach in mind. This considers whether the competition is expanding their product line outside of the solutions core competency and if the maturity requires rapid development and feature releases. At the end of lifecycle, the solution becomes End of Life (EoL) and dropped as a product. For standalone Host Intrusion Prevention Solutions (HIPS), the grim reaper is just around the corner.

Consider that Cisco has announced EoS (End of Sale) and EoL dates for the Cisco Security Agent and this agent was based on an acquisition of Okena in 2003, HIPS has had a relatively short life of seven years as a standalone enterprise product. Gartner, in their recent 2010 IT Market Clock for Infrastructure Protection, has also indicated that HIPS has passed the “Dusk of Obsolesce” for personal computers. So what technology is replacing HIPS to combat modern day threats?

For starters, the concept of a host-based intrusion prevention as a standalone tool has lost its value as a single agent technology solution. It targets protocol, service, and network based vulnerabilities and their accompanying exploits as a prevention product. With trends indicating that threats are evolving to web applications and client side attacks, HIPS becomes an older (but required) piece of a much larger puzzle. This is where the Retina Protection Agent (and its parent solution Blink Professional) become the next viable solution for organizations.

As I indicated above, products either mature and die like CSA, or they evolve to meet current challenges. These challenges can warrant new features, platform support, or even just updates to the workflow for simplification and usability. The Retina Protection Agent has exceeded the requirements of being a basic HIPS solution by supporting the latest Microsoft operating systems, adding key features for local agent-based vulnerability assessment to detect which client applications are vulnerability, and a new Management Console, Retina CS, to simplify the deployment and administration of this agent-based technology.

Host Intrusion Prevent Solutions may be at the end of their useful lives, but the need to protect the desktop is as important as ever. The threats have evolved and therefore the technology must evolve to meet these threats. eEye is ahead of the curve and our products will exceed your expectations for Unified Vulnerability Management from Assessment, Mitigation, to Endpoint Protection.

Leave a Reply

Additional articles

flash-logo

Adobe Patches Zero-Day Flaw Being Exploited in the Wild

Posted January 22, 2015    BeyondTrust Research Team

Earlier this week, French malware researcher Kafeine reported on a new Adobe Flash zero-day vulnerability that was being exploited in the wild using the latest versions of the Angler Exploit Toolkit. “Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to 16.0.0.287 (included) is installed and enabled”…

Tags:
, , , , ,

Your Data Security Strategy Starts with Deploying a Least Privilege Model (part 2 of 2)

Posted January 22, 2015    Scott Lang

In last week’s blog, we talked about how controls and accountability must be put into place so that only the right folks can access data and the systems on which that data resides, and that employing a least privilege model helps to achieve that and more. We’re using conclusions and data from a recent report…

Tags:
, , , ,
Larry-Brock-CISO

Basic Blocking and Tackling for Defending Against Advanced Targeted Attacks

Posted January 22, 2015    Larry Brock

With football season at its pinnacle at both the college and professional levels, the best teams continually focus on the fundamentals that make them successful. In security, we need to do the same.  It is okay for us to have a few key plays, especially in certain industries where we have to focus on unique…

Tags:
, , , , ,