Putting 2,400 Security Experts In A Box
A unit of Ernst & Young is migrating its security vulnerability scanning service to a product format, with an appliance that can alert users to systems and applications that are subject to exploitation by known vulnerabilities.
The new eSO Advisor effectively puts to work in a customer's enterprise the 2,400 E&Y experts that are constantly on the lookout for security vulnerabilities, says Robin Hutchinson, CEO of eSecurityOnline, based in Kansas City, Mo.
eSecurityOnline's existing Framework service likewise identifies enterprise-specific vulnerabilities and provides remediation instructions, Hutchinson says. But eSO Advisor adds automated asset discovery and inventory capabilities, as well as workflow and correlation features that help ensure vulnerabilities get repaired.
Upon installation, eSO Advisor surveys devices within specific IP address ranges to determine identifying information about each one. It can monitor devices including firewalls and intrusion detection systems as well as databases, Web servers, enterprise resource planning (ERP) and other applications running on any of six operating systems: HP UX, Windows NT, 2000 or XP, Red Hat Linux and Solaris. The device will find up to 500 assets. Users choose up to 254 that they want to manage -- the limit for each appliance.
"This is different from compliance testing and vulnerability scanning," Hutchinson notes. "Scanners can find vulnerabilities; eSO Advisor tells you whether they've been fixed."
List price for eSO Advisor is $32,495. Another component, eSO Director, is used to manage multiple Advisors. It, too, costs $32,495.
By Paul Desmond
October 25, 2002
Security vendor Fortinet Inc. next week will announce a new 3G bps member of its FortiGate Network Protection Gateway family of appliances, which provide a bevy of services in a single box.