Network Associates Ships CyberCop Sting
CyberCop Sting allows IS managers to silently monitor suspicious activity on their corporate network and identify potential problems. It operates by creating a series of fictitious corporate systems on a specially outfitted server that combines moderate security protection with sophisticated monitoring technology. The Sting product creates a decoy, virtual TCP/IP network on a single server or workstation and can simulate a network containing several different types of network devices, including Windows NT servers, Unix servers and routers. Each virtual network device has a real IP address and can receive and send genuine-looking packets from and to the larger network environment. Each virtual network node can also run simulated daemons, such as finger and FTP, to further emulate the activity of a genuine system and avoid suspicion by would-be intruders. While watching all traffic destined to hosts in its virtual network, Sting performs IP fragmentation reassembly and TCP stream reassembly on the packets destined to these hosts, convincing snoopers of the legitimacy of the secret network they've discovered. Network Associates, Inc. today announced the availability of its CyberCop Sting software, a new ``decoy'' server that silently traces and tracks hackers, recording and reporting all intrusive activity to security administrators. CyberCop Sting is a component of the CyberCop intrusion protection software family which also includes CyberCop Monitor, a real-time intrusion detection application that monitors critical systems and networks for signs of attack and CyberCop Scanner, a network vulnerability scanner.
CyberCop Sting provides a number of benefits for security administrators, including:
- Detection of suspicious activity inside network; Log files serve to alert administrators to potential attackers prying into reserved areas.
- Virtual decoy network can contain multiple "hosts" without the expense and maintenance that real systems require.
- CyberCop Sting software's virtual hosts return realistic packet information.
- CyberCop Sting logs snooper activity immediately, so collection of information about potential attackers can occur before they leave.
- CyberCop Sting requires very little file space but creates a sophisticated virtual network.
CyberCop Sting is free with the purchase of CyberCop Monitor, Network Associates' new real-time intrusion detection software. Sting is also available as part of the full CyberCop suite, which also includes CyberCop Scanner, CyberCop Monitor and the CASL Custom Scripting Toolkit. The CyberCop Intrusion Protection suite is priced at $17 per seat for a 1,000 user license.
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...