Tech Industry

Network Associates plots strategy

Capping an acquisition binge in 1997, Network Associates will outline a strategic blueprint Monday for network security and encryption.

Capping an acquisitions binge late last year, Network Associates (NETA) on Monday will outline a strategic blueprint for network security and encryption.

It builds on antivirus applications from McAfee, intrusion detection hardware and software from Network General, and desktop encryption and secure email technologies and products from Pretty Good Privacy. Network Associates is the resulting company from the merger of McAfee and Network General.

In addition to those homegrown and acquired technologies, Network Associates also has built into its blueprint a place for its partners in SecureOne, a security framework McAfee announced in July with encryption firm RSA Data Security, its parent Security Dynamics, and certificate authority VeriSign.

Network Associates also sees a role in its blueprint for new partners, such as firewall and virtual private network (VPN) companies.

Its security strategy will be embodied in a suite of products called Net Tools Secure. Network Associates also intends to develop a single, central management console for enterprise security, aiming to simplify for IS managers a bewildering array of security technologies.

"We hope the blueprint will drive a consolidation among industry standards," Gene Hodges, Network Associates' director of security and virus product marketing, said in an interview. The company thinks fewer standards will make security software work together and make management easier.

The strategy is built upon antivirus software, the technology legacy from McAfee Associates and a strength that chief executive William Larson thinks will give Network Associates an entree into the broader corporate security market.

"There's lots of evidence that markets will consolidate around the most popular application," Larson said in an October 1997 interview. A recent Zona Research report noted that antivirus software is by far the most popular security application in enterprises.

In addition to antivirus software, Hodges said Network Associates' blueprint covers security tools for desktop encryption, secure email, authentication and digital certificates, intrusion detection, encrypted virtual disks, firewalls, VPNs, and other forms of secure intranets and extranets.

He said PGP technologies would be used for desktop encryption, secure email, and authentication via certificates; Network General's CyberCop for intrusion detection; and McAfee's antivirus, VPN, and firewall technologies.

"It's important that people understand our objective is to give an integration capability that our partners can use," Hodges said, seeking to reassure RSA, Security Dynamics, and VeriSign. "The integration would occur at the policy management level."

The centralized console would allow security chiefs to create and manage security policies for all those technologies from a single point. Those policies address such issues as which individuals can see sensitive data, whether certain email messages must be encrypted, what kind of software code can be downloaded from the Internet, which Web sites might be off limits, and others.

Network Associates said the same console potentially could manage devices such as smart cards, authentication tokens (such as Security Dynamics' SecurID), and biometric devices such as fingerprint readers or voice recognition systems.

The proposed new security management console will be similar to earlier consoles from McAfee and Network General. It could potentially compete with management consoles from Computer Associates and perhaps even Hewlett-Packard and IBM's Tivoli unit. No time frame has been offered on when Network General's console may become available.

Network General will outline its strategy Monday at RSA's annual conference in San Francisco. The company also is expected to name a prominent new partner for its Viper antivirus technology.

In addition, a certificate authority from Utah called Arcanvs is expected to announce it will offer digital certificates based on PGP technology. Also, CBT Systems is expected to include training on Network General products in its launch Monday of its Internet Security Courseware Consortium.