New vulnerability products are old hat

Network Associates, for example, introduced ThreatScan, a software package that's designed to proactively search every device on your network and look for holes through which worms could slip. And the recently released FoundScan Vulnerability Management System looks for and tracks vulnerabilities until they're fixed.

These new products provide incremental improvements to the vulnerability assessment product category; but they're not exactly revolutionary. Don't be suckered into thinking they are.

For example, ThreatScan appears to perform a useful function--but that's all it does. In fact, you still can't really depend on the application to fight worms and other malicious code. (That would be worth writing home about.) Yes, ThreatScan is a vast improvement over using nothing at all. But you'll never know for sure that it's found all the holes unless a worm manages to find its way into your network. And FoundScan has the same problem. It'll help ease your vulnerability problems, but there's no way to know if the application has found every possible vulnerability.

Another major drawback to these products is their high price. FoundScan starts at $50,000 and goes up from there. You have to ultimately balance those implementation costs with the likelihood that the products may not find all your vulnerabilities.

These new products still don't address the problems that vulnerability assessment and intrusion detection software have had for years--comprehensively detecting network worms. The newer products offer some important benefits, but only to those managers and companies that realize their limitations and are prepared to take the steps necessary to close any holes they find. In the end, these products reduce vulnerability risk, but none eliminate it. Don't be taken in by vendor claims, or you'll be victim to a false sense of security.

What antivirus program are you using for your enterprise? Tell me what you think in TalkBack.