HIPSs also aren't a replacement for anti-virus and anti-spy software. They won't catch macro viruses, file infectors, boot sector viruses, and e-mail worms because these classes of malware tend to operate inside known good applications. Also, HIPSs can't prevent malware from being loaded onto a machine; they have to wait until a program executes before they can check for malicious behavior. And while HIPSs can catch keystroke loggers, Trojans, and other malware that gets lumped into the spyware category, they have difficulty identifying user-tracking adware. Lastly, HIPSs don't remove any of the malware they detect. While they can prevent malicious programs from functioning, you'll need other tools to get the malware off your PCs.
INTEGRATED SUITES--SWEET!
One of the problems with PC security solutions is that they multiply the administrators' management burdens. Separate security solutions generate events that need to be collected, aggregated, and analyzed. Every security agent that sits on a machine requires policy, signature, and software updates, not to mention the licenses that need to be tracked. And of course, it goes without saying that deploying multiple solutions can be prohibitively expensive. In short, agent-based cures can almost be as much trouble as the disease.
2005 saw an explosion of new products that combine multiple functions into a single package, including anti-virus, firewall, HIPS, and anti-spyware features.
Andre Gold, director of information security at Continental Airlines, was looking into eEye's Blink 1.6 to run on a limited number of workstations. But after learning that version 2.0 was going to include a new anti-spyware capability, he decided to roll it out across 20,000 devices, including customer-facing kiosks, reservation servers, and corporate desktops and laptops.
