Symantec took the wraps off a new intrusion prevention product on Monday, as rival McAfee announced a Linux update to its Entercept software.
Symantec's new Critical System Protection 4.5 is based on technology from Platform Logic, a company Symantec acquired in December. Like other behavior-based intrusion products, Critical System Protection 4.5 defends networks by monitoring program behavior, and spotting and blocking viruses and worms. It's designed to protect corporate desktops and servers against yet unknown attacks.
Symantec has overhauled Platform Logic's original AppFire software to make it compatible with its other products, said Chirantan Desai, director of product management at the Cupertino, Calif.-based company. Critical System Protection 4.5 requires its own management interface, but Symantec is working on a common interface for its products, he said.
Desai said the new software, aimed at large enterprises, is meant to be used with other Symantec products--specifically, AntiVirus Corporate Edition and Client Security. Where the Critical System Protection provides behavior-based defenses, Client Security includes signature-based intrusion protection.
Signature-based intrusion detection products detect attacks based on definitions that are created by the product vendor and regularly updated, much like antivirus definitions.
Rival McAfee's Entercept software offers protection based on both behavioral rules and intrusion prevention signatures. The company, formerly known as Network Associates, is scheduled to announce on Monday that Entercept now runs on Red Hat Enterprise Linux 3 servers. The product already supports Microsoft's Windows and Sun Microsystems' Solaris operating systems.
Symantec's Critical System Protection 4.5 is due out by the end of June and will run on Windows XP and Windows 2000 (server and client), Windows Server 2003 and Suse Linux and Solaris. The server product costs $995, and the client is priced at $69, the company said.