Symantec Web Security Monitoring Warns Customers of Impending Attacks
- By Lee Pender
- March 23, 2010
Symantec is delivering Symantec Web Security Monitoring as a hosted managed service to monitor and complement the security vendor's on-premises Web-security applications, such as Symantec Web Gateway.
This approach to threat management bridges the gap between Software-as-a-Service (SaaS) and on-premises security offerings, said Chris Christiansen, program vice president at analyst firm IDC.
"It extends the hybrid model from just SaaS and Web gateways all the way out to managed services," Christiansen said.
The primary functionality that Web Security Monitoring offers is the ability to warn customers of attacks on their Web infrastructures as the attacks are unfolding and, ideally, before the attacks can do any damage to companies and users of their Web sites.
For instance, if an attacker is installing malcode in a graphic on a company's Web site that will later take the form of a malicious bot in a user's browser, the new monitoring service can notify the company as the attack is taking place rather than after it has already happened. The company can then take action to stop the attack. As such, Web Security Monitoring not only helps companies fight off impending attacks but also helps protect end-users of Web sites from becoming attack victims, Symantec officials said.
"We can start to see the very first steps of a time when the end user's getting infected, and we can track and correlate every aspect [of an attack]," said Grant Geyer, vice president of Symantec's Global Managed Services. "We can literally see every step of the attack taking place and notify the customer of risk. It moves the ability to protect against attacks from reactive to proactive, so customers can do something before the attack does any damage to the environment."
While Web Security Monitoring does notify customers of attacks, it doesn't actually block malicious Web traffic, Geyer said.
"Most customers don't want a third party to start blocking traffic because we could inadvertently block good traffic," he said. Web Security Monitoring "lets customers know [about an attack] so they can do something about it. This is done in real time. Is it possible to catch [malcode] before it installs? Sure."
Web Security Monitoring "reduces the complexity of finding infected computers very dramatically," Geyer said.
IDC's Christiansen said that the real-time nature of Web Security Monitoring makes it an important product for IT departments to consider.
"Being able to warn customers on a worldwide basis that an anomaly is occurring and provide a prescriptive reaction in advance of an update being available for it is extremely important," Christiansen said.
Symantec Web Security Monitoring is available today. The company has not revealed pricing details.
Lee Pender is Redmond Channel Partner magazine's senior editor. You can reach him at [email protected].