Network Computingwww.networkcomputing.com

	Issue TOC Print full article Print this page Download as PDF E-Mail this URL Flame the author     In this article Introduction A Kernel of Our Esteem What's It Gonna Do for Me? Executive Summary Epoll Results

The West Nile virus has been much in the news lately. Say an expensive vaccine was developed that might protect you from the bug and its mutations--the key word being might. Would you pay up? Or are you willing to bet that insect repellent and long sleeves will be enough to protect you on the off chance an infected mosquito decides you smell like a tasty treat? After all, even if you get West Nile you may pull through with no lasting damage ... or you may not.

If you've tried to sell your CFO on security technologies beyond basic firewalls and virus scanners, you see where we're going with this. We know from your feedback that despite new ROSI (return on security investment; see "Make Your Case") numbers, the sell can be rough. Luckily, the HIP (host intrusion prevention) products we tested won't make too big a dent in your budget, even factoring in the sometimes considerable learning curve and time spent on customization. The premise behind HIP is that proactive is good, given the sorry state of security with most mainstream OSs. HIP products scrutinize system calls following your policy and restrict a program's or a user's access to system resources, shielding you from attacks that exploit shoddy coding.

We loaded up Argus' PitBull LX and Protector, CA's eTrust Access Control, Entercept's Web Server Edition, Harris' STAT Neutralizer, Okena's StormWatch and StormFront, and WatchGuard's ServerLock and AppLock/Web, and after months of poking and prodding, we picked Okena StormWatch as our Editor's Choice. However, rivals are on track to steal Okena's thunder. We'll be watching, so stay tuned.