NAI hopes to boost host-based protection
- By Rutrell Yasin
- Feb 08, 2004
Network Associates Inc.'s host-based intrusion-prevention system could get some additional muscle to prevent distributed denial-of-service attacks. The company's Entercept tool protects applications, databases and servers.
Network Associates researchers have passed on the Guaranteed Internet Stack Utilization (GINSU) technology to the Entercept product development team. GINSU is designed to ensure that systems can access network resources during an attempted denial-of-service attack. All traffic entering a system is assigned to a "slice" based on information such as IP address, TCP or UDP port, process name or user ID. GINSU allocates network traffic resources on a per-slice basis, discarding traffic received in excess of resource limits as early as possible.
Additional host-based protection includes the System Health and Intrusion Monitoring technology, which can continuously assess the health of a system so that attacks and operational errors can be detected and handled appropriately.