'Ecosystem' extends cybersecurity

Two intrusion prevention vendors took steps this week to help organizations detect and thwart cyberattacks, extending security from the network core all the way to mobile users connected via virtual private networks (VPNs).

IntruVert Networks and Okena Inc. introduced the Intrusion Prevention Ecosystem, which is based on the Open Platform for Security (OPSEC) framework from firewall vendor Check Point Software Technologies Ltd.

OPSEC provides application programming interfaces (APIs) that enable security vendors to integrate their devices with Check Point's VPN-1 and Firewall-1 products. A working demonstration of the ecosystem was on display at the Networld+Interop trade show in Atlanta this week.

With the new system, IntruVert's IntruShield, which detects network-based attacks, and Okena's StormWatch, which looks for intrusions in servers, can work with and modify Firewall-1 to block a broad range of attacks.

"If an [attack] occurs, the intrusion systems can modify firewall policies," said Jeffrey Williams, vice president of sales at San Jose, Calif.-based IntruVert. The ecosystem turns on all three companies' security engines to create a much stronger intrusion prevention system, Williams said.

The ecosystem extends security "to the network core to desktops to remote VPN users," said Ted Doty, director of product management at Waltham, Mass.-based Okena.

Both intrusion prevention companies' wares are used by federal agencies. The House of Representatives and the National Library of Medicine are IntruShield users. The Energy and Transportation departments and the Federal Aviation Administration have deployed Okena's StormWatch.