Community Bank's recently installed name-brand desktop firewall quickly became the helpdesk's nightmare. Problems with the product-which had taken more than six weeks to roll out to 1,200 users-were generating more than 100 help desk calls per month. After suffering through nine months of user hand-holding, Information Security Officer Aaron Friot and his colleagues decided to go back to the vendor pool to find a solution that offered the same intrusion prevention but didn't need constant babysitting. "It was way too user-interactive," says Friot, declining to name the vendor because the bank uses other products from the company.
Interrupting users, and especially asking them to make decisions about whether to block or allow any kind of IT action, wasn't going to work at the $4 billion bank with 130 branches. And neither was having them call the helpdesk three times a day with questions. About the same time, Friot heard about eEye's endpoint intrusion protection product, Blink. The bank already used eEye's network intrusion protection product, Retina, and also its patch management module. Friot demoed Blink, and was sold almost immediately. "It takes a great, innovative approach because it scans packets for anything malicious prior to hitting the OS level," Friot says.
Blink combines a number of point solutions into a comprehensive desktop intrusion prevention product. Already built in are a systems firewall, an application firewall, and a malware engine that detects spyware.
Analysts agree that eEye's approach is different from most other IPS vendors. "Their's is an approach that couples both the 'only allow good stuff' along with the 'block known bad stuff'; that's a combination that you don't see in all that many other products," says Eric Maiwald, senior analyst with The Burton Group.
