Zone Labs Inc., maker of the popular freeware firewall ZoneAlarm, unveiled an upgraded version of its enterprise firewall product, Zone Labs Integrity, at Comdex on Monday, with features targeting vulnerabilities posed by applications and remote users.
Integrity 2.0 adds an application component control feature that gives network administrators more granular control over applications, improved management and deployment capabilities, and more options in assigning security policies, according to a statement released by the company.
The new security features extend Integrity's coverage of application-based vulnerabilities. Specifically, Integrity 2.0 addresses concerns about what Zone Labs terms "theoretical exploits" in which specific components of trusted applications can be commandeered by malicious hackers as part of an attack.
Zone Labs Integrity 2.0 allows network administrators to secure individual application components to prevent such attacks. In addition, a tool to compare reference sources for Microsoft Corp. applications and application components, as well as customer-defined references, is included with Integrity 2.0 to help administrators determine whether applications on their network have already been tampered with before deploying application-level controls.
Zone Labs has enhanced the management capabilities of the Integrity product as well, adding features that allow security policies to be applied uniformly to individual applications, or groups of related applications.
Integrity 2.0 has further developed the features of the product that affect policy creation and deployment. Network administrators can now dynamically assign security policies based on a combination of factors such as a specific IP address or block of addresses, network user name or user group, as well as by point of entry for the network, such as a virtual private network (VPN) device.
Zone Labs also announced that Integrity 2.0's policy management is compatible with Cisco Systems Inc.'s 3000 VPN concentrator, enabling network administrators to secure remote access computers as well.
Zone Labs Integrity combines Zone Alarm's firewall technology with application control and centralized management features, and is marketed to enterprises. Integrity includes both client and server software. The Integrity 2.0 server works with Microsoft Windows 2000 and Windows 2000 Advanced Server. The Integrity client runs on Windows 95, 98, 2000, NT and XP systems.
Integrity works with a variety of directory and user authentication systems including NT Domain and RADIUS. Integrity 2.0 adds support for Lightweight Directory Access Protocol user directories such as Microsoft Active Directory to that list, according to Zone Labs.
The company is hoping to build on the success of Zone Alarm, as well as what it sees as the relatively small image size and ease of deployment of Integrity to capture market share in the enterprise firewall market from competitors such as Symantec Corp. and Check Point Software Technologies Ltd.
Integrity 2.0 will be available before the end of 2002. Pricing will vary depending on the number of licenses purchased, but the company said that user licenses start at US$65 for an end user license with a minimum purchase of 25 licenses. That price also includes an Integrity server license, according to Zone Labs.