New forensics software forecast to make an impression


6 Sep 2006

A new enterprise-level forensic software product for networks is forecast to bring in revenues of up to €1m in the Irish market over the next 12 months, a leading systems integration firm has said.

Lan Communications said that StealthWatch System 5.5 from Lancope can link network traffic directly to user identity, providing a “massive leap forward” in terms of forensics ability. This tool is categorised as a network behaviour analysis (NBA) system and products like it will be used within 25pc of large enterprises by the end of next year, according to the industry analyst firm Gartner.

Lan Communications, which was recently certified as a partner for StealthWatch in Ireland, is similarly confident and predicted revenues of up to €1m for the product in the coming year. Managing director Andy O’Kelly said that NBA systems are one of the “hot button” issues for many Irish companies.

“As a result of activity around regulatory compliance we’re seeing a lot of interest in the security space and we’re seeing at last better products and solutions in that space,” he told siliconrepublic.com. These include intrusion-detection systems and NBA products, he added.

StealthWatch System 5.5 includes technology called IDentity-1000 and is aimed at network planners, security architects and network operations personnel looking to detect anomalies in how the network is performing, plan capacity on the infrastructure and analyse data traffic.

With IDentity-1000, an administrator can link unwanted behaviour with a username, allowing them to determine what other systems the user was in contact with prior to the anomaly. “As a result, administrators can better determine the extent of an outbreak and the exact source of the anomaly,” said O’Kelly.

Lan Communications also claimed that unlike signature-based intrusion-prevention systems used in many Irish companies which require significant management, StealthWatch monitors multiple points and firewalls on the network, reducing the amount of system management needed while maintaining security.

By Gordon Smith