FireEye Builds A 'Botwall' To Fend Off Botnet Attacks

The security company is offering an appliance that is backed up by a network that tracks botnet activity ramping up around the world.

Sharon Gaudin, Contributor

September 24, 2007

2 Min Read
InformationWeek logo in a gray background | InformationWeek

Anti-botnet software company FireEye is diving into the fray in the battle against malicious software by releasing a product that combines a global analysis network with an appliance.

The FireEye Botwall Network and the FireEye Botwall appliances are tied together in what FireEye is offering as software-as-a-service focused on major enterprises and ISPs. The software is designed to detect attacks coming from botnets, as well as give users an image of bots positioned around the world.

"The FireEye Botwall system redefines coordinated network security going beyond traditional security mechanisms, such as blocking at the perimeter or inspecting traffic on the internal LAN, to accurately and continuously analyze the network for both bots and botnet activities," said Ashar Aziz, CEO of FireEye. "We've created a solution geared to stop the threat of botnet infiltrations in a coordinated and easy-to-deploy system for our customers."

The FireEye Botwall Network is a globally deployed botnet discovery and analysis service, designed to provide users with constantly updated botnet intelligence. The network is set up to catalog and disseminate botnet information culled by interconnected networks of the company's Botwall appliances which have been deployed at service providers around the world, according to FireEye. The goal is to give security professionals visibility into botnet command and control structures and locations, propagation tactics, and malicious activities.

The other half of FireEye's hardware, the Botwall 4000 Series, is a locally deployed security appliance geared to protect corporate networks from botnets. The appliances, according to the company, are designed to derail different stages of a bot infiltration attack -- from preventing the initial breach to blocking active communications to known servers being used command compromised PCs. When it comes to fighting the growing botnet problem, FireEye may not be the first one out of the gate, but one analyst says the company is a little ahead of the game nonetheless.

"FireEye intercepts malicious attacks targeted at a specific endpoint," said Scott Crawford, research director with Enterprise Management Associates, in an interview. "We're beginning to see this as a new area in security. That's pretty significant."

This past summer, Symantec released Norton AntiBot Symantec released Norton AntiBot, which is designed to provide consumers with bot detection and removal. The client-side software is designed to monitor PC applications and processes, running along with conventional anti-virus products. Symantec released the beta version of the zombie-fighting software in early June.

Crawford noted that one major difference with FireEye is that the company isn't simply making botnets a subset of the overall malware category. "The command and control capability of botnets is different," he said. "It's passed time to recognize the difference. Botnets really ought to be reclassified as distributed denial-of-service platforms."

The Botwall appliances are available now, with a starting price of $21,000 per unit. The Botwall Network service is available to all Botwall appliance customers.

About the Author

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights