BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Retina Protection Agent Part II

Posted September 10, 2010    Morey Haber

Part of being a good product manager is keeping an eye on your competition with a lifecycle development approach in mind. This considers whether the competition is expanding their product line outside of the solutions core competency and if the maturity requires rapid development and feature releases. At the end of lifecycle, the solution becomes End of Life (EoL) and dropped as a product. For standalone Host Intrusion Prevention Solutions (HIPS), the grim reaper is just around the corner.

Consider that Cisco has announced EoS (End of Sale) and EoL dates for the Cisco Security Agent and this agent was based on an acquisition of Okena in 2003, HIPS has had a relatively short life of seven years as a standalone enterprise product. Gartner, in their recent 2010 IT Market Clock for Infrastructure Protection, has also indicated that HIPS has passed the “Dusk of Obsolesce” for personal computers. So what technology is replacing HIPS to combat modern day threats?

For starters, the concept of a host-based intrusion prevention as a standalone tool has lost its value as a single agent technology solution. It targets protocol, service, and network based vulnerabilities and their accompanying exploits as a prevention product. With trends indicating that threats are evolving to web applications and client side attacks, HIPS becomes an older (but required) piece of a much larger puzzle. This is where the Retina Protection Agent (and its parent solution Blink Professional) become the next viable solution for organizations.

As I indicated above, products either mature and die like CSA, or they evolve to meet current challenges. These challenges can warrant new features, platform support, or even just updates to the workflow for simplification and usability. The Retina Protection Agent has exceeded the requirements of being a basic HIPS solution by supporting the latest Microsoft operating systems, adding key features for local agent-based vulnerability assessment to detect which client applications are vulnerability, and a new Management Console, Retina CS, to simplify the deployment and administration of this agent-based technology.

Host Intrusion Prevent Solutions may be at the end of their useful lives, but the need to protect the desktop is as important as ever. The threats have evolved and therefore the technology must evolve to meet these threats. eEye is ahead of the curve and our products will exceed your expectations for Unified Vulnerability Management from Assessment, Mitigation, to Endpoint Protection.

Leave a Reply

Additional articles

ovum-research

New Analyst SWOT Assessment Identifies Key Strengths of PowerBroker

Posted November 24, 2014    Scott Lang

Following on the heels of the Gartner PAM market guide and Frost & Sullivan review of Password Safe comes a new analyst review of our BeyondInsight and PowerBroker platforms, a SWOT assessment of BeyondTrust written by Ovum. Ovum’s honest and thorough review of BeyondTrust indicates that we are delivering, “…an integrated, one-stop approach to PAM….

Tags:
, , ,

Patented Windows privilege management brings you unmatched benefits

Posted November 24, 2014    Scott Lang

We are pleased to announce that BeyondTrust has been granted a new U.S. Patent (No. 8,850,549) for privilege management, validating our approach to helping our customers achieve least privilege in Windows environments. The methods and systems that we employ for controlling access to resources and privileges per process are unique to BeyondTrust PowerBroker for Windows….

Tags:
6

A Quick Look at MS14-068

Posted November 20, 2014    BeyondTrust Research Team

Microsoft recently released an out of band patch for Kerberos.  Taking a look at the Microsoft security bulletin, it seems like there is some kind of issue with Kerberos signatures related to tickets. Further information is available in the Microsoft SRD Blogpost So it looks like there is an issue with PAC signatures.  But what…

Tags:
, , , ,