Is antiworm technology for real?
Vendors often tout “new technology” that’s nothing more than vaporware or a rehash of existing products, but is this true of so-called “antiworm” technology, which promises new detection and prevention techniques to contain worms by weeding out bad traffic? This technology is being hawked in a number of forms by Mirage Networks, ForeScout, Check Point Software Technologies, Silicon Defense and IBM. The products vary, but Pete Lindstrom, research director at Spire Security, said antiworm technology is a specialized form of intrusion detection system that, for example, looks for unfulfilled Address Resolution Protocol requests. Some products are based on anomaly detection, while others automatically isolate compromised hosts. Still others redirect worm traffic to a quarantined area to buy time to isolate the worm and keep systems available, Lindstrom said. Full Story