Part of being a good product manager is keeping an eye on your competition with a lifecycle development approach in mind. This considers whether the competition is expanding their product line outside of the solutions core competency and if the maturity requires rapid development and feature releases. At the end of lifecycle, the solution becomes End of Life (EoL) and dropped as a product. For standalone Host Intrusion Prevention Solutions (HIPS), the grim reaper is just around the corner.
Consider that Cisco has announced EoS (End of Sale) and EoL dates for the Cisco Security Agent and this agent was based on an acquisition of Okena in 2003, HIPS has had a relatively short life of seven years as a standalone enterprise product. Gartner, in their recent 2010 IT Market Clock for Infrastructure Protection, has also indicated that HIPS has passed the “Dusk of Obsolesce” for personal computers. So what technology is replacing HIPS to combat modern day threats?
For starters, the concept of a host-based intrusion prevention as a standalone tool has lost its value as a single agent technology solution. It targets protocol, service, and network based vulnerabilities and their accompanying exploits as a prevention product. With trends indicating that threats are evolving to web applications and client side attacks, HIPS becomes an older (but required) piece of a much larger puzzle. This is where the Retina Protection Agent (and its parent solution Blink Professional) become the next viable solution for organizations.
As I indicated above, products either mature and die like CSA, or they evolve to meet current challenges. These challenges can warrant new features, platform support, or even just updates to the workflow for simplification and usability. The Retina Protection Agent has exceeded the requirements of being a basic HIPS solution by supporting the latest Microsoft operating systems, adding key features for local agent-based vulnerability assessment to detect which client applications are vulnerability, and a new Management Console, Retina CS, to simplify the deployment and administration of this agent-based technology.
Host Intrusion Prevent Solutions may be at the end of their useful lives, but the need to protect the desktop is as important as ever. The threats have evolved and therefore the technology must evolve to meet these threats. eEye is ahead of the curve and our products will exceed your expectations for Unified Vulnerability Management from Assessment, Mitigation, to Endpoint Protection.
Morey J. Haber, Chief Security Officer, BeyondTrust
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored three books: Privileged Attack Vectors, Asset Attack Vectors, and Identity Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.
