[Customerconnect] ISS Product Release and Update Summary

From: ISS Customer Relations (bpq@iss.net)
Date: 03/21/03

  • Next message: X-Force: "ISS Security Alert Summary AS03-12"
    To: customerconnect@iss.net
    From: ISS Customer Relations <bpq@iss.net>
    Date: Fri, 21 Mar 2003 14:10:16 -0500
    

    IN THIS RELEASE

    1) Internet Scanner®X-Press Update 6.28 (for WebDAV Vulnerability)
    2) RealSecure®Network for Crossbeam
    3) RealSecure®Guard 3.6 and RealSecure®Desktop Protector 3.6
    4) RealSecure®WorkGroup Manager 6.7
    5) End-of-Life Notice for RealSecure®WorkGroup Manager 6.5 and 6.6
    6) X-Press Updates™ Discontinuation Notice - RealSecure® Network Sensor 6.5
              for Windows
    7) Internet Scanner 7.0 Beta Now Available
    8) System Scanner Service Release 3.14

    ====================================================================
    For additional information on the information listed below,
    please contact the following resources:

    * For sales and professional services information:
          - sales@iss.net - mailto:sales@iss.net
          - 800-776-2362 (U.S. and Canada)
          - +1-404-236-2600 (International)
    * For support information, including ISS’ Technical Support Knowledgebase:
    - Customer Support - http://www.iss.net/support/enterprise/index.php
    - Technical Support Knowledgebase - http://www.iss.net/support/knowledgebase/
    ====================================================================

    1) Internet Scanner®X-Press Update 6.28
    Internet Scanner X-Press Update 6.28 is now available from the ISS Download
    Center: http://www.iss.net/download/.
    Internet Scanner XPU 6.28 is an emergency release that contains two new
    checks related to the Microsoft IIS WebDAV
    Remote Compromise Vulnerability. See the X-Force Alert
    http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029
    for more information regarding this vulnerability.

    New Checks
    The new checks in this XPU are listed below.

    Risk VulnID Check Name Category
    ==== ====== ============ =======
    High 11533 HttpWebdavLongRequest Web Scan
    Medium 11537 IisWebdavRunning Web Scan

    Versions/Platforms
    XPU 6.28 is for use with Internet Scanner version 6.2.1. Internet Scanner
    6.2.1 is available on the ISS Download Center:
    http://www.iss.net/eval/eval.php.

    For more information on this release, please contact the following:
    * For additional product information:
          - Internet Scanner:
    http://www.iss.net/products_services/enterprise_protection/vulnerability_ass
    essment/
          - X-Press Updates: http://www.iss.net/db_data/xpu/IS.php

    * For additional information regarding common issues experienced when
    downloading XPUs, please reference
          Answer ID 1843 in the ISS knowledgebase -
    http://www.iss.net/support/knowledgebase/

    ====================================================================

    2) RealSecure® Network For Crossbeam
    Internet Security Systems’ RealSecure® Network for Crossbeam appliance is
    now available.

    As part of the RealSecure Protection Platform, RealSecure Network for
    Crossbeam protects critical network assets using
    sophisticated intrusion prevention techniques on a single, high
    availability, multi-segment application platform.
    Powered by Internet Security Systems’ best-of-breed RealSecure Network
    Protection, this high performing, multi-functional
    combination achieves both depth and breadth in defense across the network
    offering expansion options for firewalling,
    antivirus, and web content filtering applications.

    RealSecure Network’s proven accuracy and performance combined with
    Crossbeam’s advanced control technology
    comprehensively protects high-speed networks while simplifying the
    infrastructure, resulting in more effective use
    of network resources, across-the-board fault tolerance, and increased
    network integrity.

    This release includes:
    * RealSecure Network Sensor 7.0 for Crossbeam X40S

    Features and benefits include:

    Integrated Security Appliance
          - Multi-segment Monitoring - Ten application processing modules on a
    single platform enable multi-segment
    intrusion detection, and/or load balanced intrusion detection in
    conjunction with firewalling, gateway antivirus,
    and web content filtering to lower IDS hardware costs, lower other network
    infrastructure hardware costs, save rack space,
    reduce network complexity, and lower security staff expenses.

          - High Availability - This integrated security appliance is
    fault-tolerant, with all removable components being hot-swappable
    and fully redundant for uninterrupted IDS so that the failure of one
    component does not result in the failure of the whole system.

          - High Performance - Performance increases linearly as new blades are
    introduced, so when traffic is distributed across
    application processing modules, each running a network agent instance,
    performance increases in an aggregate fashion.
    High-speed network segments are protected up to speeds of 1 Gbps as
    RealSecure running on this platform can accurately
    and reliably detect and respond to threats at this throughput level.

    RealSecure Network Protection
          - Accurate Detection with the RealSecure Protection Engine™ - Using a
    combination of sophisticated detection
    technologies to interpret network activity, RealSecure Network for
    Crossbeam detects known attacks and previously
    unknown attacks with unprecedented accuracy and speed.

          - Sophisticated Responses - By providing a broad range of responses,
    RealSecure Network for Crossbeam protects
    as well as provides critical data required for attack investigation.

          - Ease of Deployment - Comes pre-installed on Crossbeam hardware for
    simplified deployment.

          - Centralized Management - With the RealSecure SiteProtector™ management
    console, customers can control,
    monitor and analyze their security protection systems from one central site
    with a minimum of staff and operational costs.

          - Dynamic Correlation and Analysis - The RealSecure SiteProtector
    security fusion module allows for the aggregation,
    correlation, investigation and response to attack data and elimination of
    false alarms.

          - Backed by X-Force™ Security Intelligence

    For more information on this release of RealSecure Network for Crossbeam,
    please contact the following:
    * For additional product/service information:
    -
    http://www.iss.net/products_services/enterprise_protection/rsnetwork/crossbe
    am.php

    * For Crossbeam’s Technical Support Center (TSC):
    - support@Crossbeamsystems.com mailto:support@Crossbeamsystems.com
    - 1-866-276-7797 press 1 (CROSSYS) (US only)
    - 1-978 318-7500 press 1 (International)

    ====================================================================

    3) RealSecure®Guard 3.6 and RealSecure®Desktop Protector 3.6
    Internet Security Systems’ RealSecure Guard 3.6 and RealSecure Desktop
    Protector 3.6 are now available
    for download from the ISS web site at http://www.iss.net/download.

    The RealSecure Guard 3.6 and RealSecure Desktop Protector 3.6 release
    integrates the technology of
    RealSecure™ intrusion detection with BlackICE™ technology coming from ISS’
    acquisition of Network ICE.
    This technology uses a combination of sophisticated application-level
    protocol analysis and pattern-based
    detection technologies to protect desktops and the network better than ever.

    This release includes:
          - RealSecure™ Guard and Desktop Protector 3.6

    Features and benefits include:
          - RealSecure SiteProtector and ICEcap users can upgrade their existing
            Desktop installations through the remote upgrade process.

    For more information on this release of RealSecure Guard 3.6 and RealSecure
    Desktop Protector 3.6,
    please contact the following:

    * For additional product/service information:
          -
    http://www.iss.net/products_services/enterprise_protection/rsdesktop/index.php
          -
    http://www.iss.net/products_services/enterprise_protection/rsnetwork/guard.php

    ====================================================================

    4) RealSecure®WorkGroup Manager 6.7
    Internet Security Systems’ RealSecure® WorkGroup Manager 6.7 update utility
    is now available for download.

    The RealSecure WorkGroup Manager 6.7 Update Utility includes an upgrade
    package that can be downloaded and installed to bring Workgroup Manager
    versions 6.5 and 6.6 to version 6.7. Version 6.7 is required to manage
    7.0 network and server sensors.

    This release includes:
    * RealSecure WorkGroup Manager 6.7 update utility

    Features and benefits include:
          - Single RealSecure WorkGroup Manger Console: Version 6.7 includes minor
    bug fixes and minor enhancements to enable management of Network Sensor 7.0
    for Solaris and Nokia appliances, as well as management of the upcoming
    Server Sensor 7.0. WorkGroup Manager 6.7 is fully tested with all currently
    supported RS sensors, to include RS Server Sensor 6.5 and 7.0, RS Network
    Sensor 6.5 and 7.0, and OS Sensor 5.x. This means that customers that are
    using two consoles to monitor 5.x OS Sensors and other sensors can now
    upgrade to one console.

          - Full install available at the end of March: The full install for
    WorkGroup Manager 6.7 will be available at the end of March via the
    download center. In the meantime, current WorkGroup Manager users can use
    the upgrade utility to migrate current WorkGroup Manager installations.

    ====================================================================

    5) End-of-Life Notice for RealSecure®WorkGroup Manager 6.5 and 6.6
    Effective 60 days from the release of RealSecure ® WorkGroup Manager 6.7 on
    March 17, 2003, support for RealSecure WorkGroup Manager versions 6.5 and 6.6
    will be discontinued. Details of the EOL for each version are as follows:

    Technical Support
    Technical support, including telephone troubleshooting and workaround
    Assistance, for WorkGroup Manager version 6.5 will last for 60 days
    (until May 17, 2003) past the release of WorkGroup Manager 6.7. Technical
    support, including telephone troubleshooting and workaround assistance, for
    version 6.6 will continue until the next version beyond version 6.7 is
    released or an official end of Technical Support notice is issued.

    Security Content
    Security Content updates for WorkGroup Manager versions 6.5 and 6.6 will
    continue for 60 days (until May 17, 2003) past the release of WorkGroup
    Manager
    6.7. At the end of 60 days, security content updates will be discontinued.

    Performance Improvements
    Software performance improvements and code changes for WorkGroup Manager
    versions 6.5 and 6.6 will continue for 60 days (until May 17, 2003) past the
    release of WorkGroup Manager 6.7. At the end of the 60 days, performance
    improvements and code changes will be discontinued.

    Summary
    Version 6.7 includes minor bug fixes and minor enhancements to enable
    management of Network Sensor 7.0 for Solaris and Nokia
    appliances, as well as management of the upcoming Server Sensor
    7.0.WorkGroup Manager 6.7 is fully tested with all currently
    supported RS sensors, to include RS Server Sensor 6.5 and 7.0, RS Network
    Sensor 6.5 and 7.0, and OS Sensor 5.x. This means that customers that are
    using
    two consoles to monitor 5.x OS Sensors and other sensors can now upgrade to
    one
    console.

    Migration Path
    Customers have the additional option of migrating to RealSecure
    SiteProtector to gain the following additional benefits:
          - Powerful Analysis Capabilities
          - Fast, Flexible Reporting
          - Automated Agent Installation and Deployment
    - Reduced Number of False Alarms
          - Security Fusion Module 1.2: Impact Analysis and Attack Recognition

    For complete details on the powerful new features of RealSecure
    SiteProtector 2.0 contact 888-901-7477 or sales@iss.net

    Technical Support
    Technical Support is available 24 hours a day through the Americas
    location. All other locations are open Monday through Friday,
    9:00 am to 6:00 pm, during their local time, excluding ISS published holidays.
    - Telephone (in the U.S.): 1-888-447-4861
    - Telephone (outside the U.S.): 1-404-236-2700
    - E-mail: support@iss.net mailto:support@iss.net

    =================================================================

    6) X-Press Updates™ Discontinuation Notice - RealSecure® Network Sensor 6.5
    for Windows

    Affected Products
    RealSecure® Network Sensor 6.5 for Windows

    Description
    Internet Security Systems™ will discontinue X-Press Updates™ for
    RealSecure® Network Sensor version 6.5 for Windows on September 1, 2003.
    Upgrading to RealSecure Network Sensor version 7.0 for Windows will enable
    continuous security updates after this date. Additionally, we will not
    provide programmatic corrections to errors for this platform after
    September 1, 2003. This announcement provides six months notice of this
    change to ensure uninterrupted X-Press Updates. Our intention with this
    early notice is to ensure customers have adequate time to deploy the new
    version and are protected during this transition.

    This announcement does not pertain to other RealSecure products or platforms.

    Technical Support
    Customer Support will continue to provide telephone troubleshooting and
    workaround assistance until the next version of RealSecure Network Sensor
    on Windows (subsequent to 7.0) is released. During this time, resolution
    may be that the customer will need to upgrade to the latest Windows
    Operating System or upgrade to the latest RealSecure Network Sensor/Gigabit
    Network Sensor. In addition, Development/Engineering assistance may not be
    available.

    Technical Support is available 24 hours a day through the Americas
    location. All other locations are open Monday through Friday, 9:00 am to
    6:00 pm, during their local time, excluding ISS published holidays.

    Telephone (in the U.S.): 1-888-447-4861
    Telephone (outside the U.S.): 1-404-236-2700
    E-mail: support@iss.net <mailto:support@iss.net>

    Why Is This Happening?
    In our efforts to provide the best price, performance and security to our
    customers, we have found it necessary to focus our resources on the most
    current software releases. This enables us to provide security updates more
    quickly, optimize for performance and provide a stronger overall solution
    to our customers.

    Migration Path
    Our intention with this notice is to allow our customers adequate time to
    plan and implement migration plans for their sensors with as minimal an
    impact as possible.

    ISS recommends that customers upgrade to RealSecure Network Sensor 7.0 for
    Windows. In addition, RealSecure Network Sensor 7.0 for Red Hat Linux may
    be a feasible alternative for some customers.

    Managed Security Services
    Those customers receiving Managed Security Services (MSS) through ISS
    should note that all relevant software versions will be upgraded prior to
    the discontinuation of X-Press Updates for any given release of RealSecure.
    MSS customers will be contacted prior to the start of the upgrade process
    for scheduling and/or notification. Questions surrounding MSS product
    upgrades can be addressed through our customer advocacy group.

    ============================================================================

    7) Announcing Internet Scanner 7.0 Beta Now Available!

    Internet Security Systems is pleased to announce the availability of the
    beta version of Internet Scanner 7.0. This version represents the latest
    advance in Internet Security Systems’ market leading vulnerability
    assessment solution that provides automated vulnerability detection and
    analysis of networked systems, including servers, desktops, and
    infrastructure devices.

    NEW FOR INTERNET SCANNER 7.0:
    · Unlimited Device Discovery
    · Improved accuracy with TCP stack fingerprinting and Dynamic Check
    Assignment (DCA)
    · Enhanced Support for RealSecure® SiteProtector™ and RealSecure
    SiteProtector’s Security Fusion Correlation and Data Analysis Module (this
    feature is not included in the beta version)
    · New ease-of-use features

    To download the beta version, please visit Internet Security Systems’ web
    site, at
    http://www.iss.net/products_services/enterprise_protection/vulnerability_ass
    essment/scanner_internet_beta.php.

    INTERNET SCANNER INCLUDES:
    RealSecure® SiteProtector™ Support - Available with RealSecure
    SiteProtector, is SiteProtector’s Security Fusion Module. This real-time
    security analysis engine uses X-Force™ security intelligence to automate
    incident recognition and management. Employing Attack Impact Analysis for
    automated, real-time correlation of IDS and asset/vulnerability information
    provided by Internet Scanner, security fusion automates security management
    tasks to deliver better security with less work, reducing both the number
    events requiring investigation, and the investigation time for those events.

    X-Force™ Security Intelligence - Internet Security Systems’ X-Force
    research and development team analyzes emerging threats and delivers
    self-installing X-Press Update™ product enhancements to ensure that the
    latest vulnerability information is available and active. Internet Scanner
    includes over 1200 CVE-compliant vulnerability checks as well as a detailed
    knowledgebase and Flexcheck™ capability.

    Flexible, Automated Vulnerability Assessment - From setup and scanning to
    viewing results, Internet Scanner automates and simplifies the tasks of
    vulnerability assessment. Session wizards walk users through scan setup,
    while predefined policies and a policy wizard help them select the level of
    assessment appropriate for their organization. Multi-level reporting puts
    users in control of their vulnerability information, from high-level
    graphical reports to technically detailed vulnerability reports, all
    exportable to a variety of formats for easy presentation and distribution.
    In addition, all scanning and reporting functions are available from a
    robust command line interface, permitting even greater automation and
    scheduling of security management tasks.

    IMPORTANT NOTES:
    * This beta version is only available to existing Internet Scanner customers
    * Support is not available from Internet Security Systems’ Customer Support
    for this beta version of Internet Scanner 7.0. Questions may be directed to
    is7beta@iss.net <mailto:is7beta@iss.net>.

    For more information on the beta release of Internet Scanner 7.0, please
    contact the following:

    * For additional product/service information:
    -
    http://www.iss.net/products_services/enterprise_protection/vulnerability_ass
    essment/scanner_internet.php

    * For sales and professional services information:
    - sales@iss.net <mailto:sales@iss.net>
    - 888-776-2362 (U.S. and Canada)

    ============================================================================

    8) Announcing: System Scanner Service Release 3.14

    Internet Security Systems’ System Scannerâ Service Release (SR) 3.14 is now
    available for download from the ISS web site at http://www.iss.net/download
    or by using the System Scanner X-Press Update Install program.

    This release includes:
    System Scanner Service Release 3.14 includes updated console files and a
    new check to detect the Microsoft IIS WebDAV long request buffer overflow
    vulnerability and updated policies for Microsoft Windows 2000 agents.

    Updated patch database files are provided for HP-UX 10.20 and 11.x and
    Solaris 2.6, 7 and 8.

    For full details view the X-Press Update ‘readme’ files via the System
    Scanner Console.

    Features and benefits include:
    System Scanner Version 4 Agent Summary - March 2003
    Version 4.2 Agents
    * Windows NT 4.0
    * Windows 2000
    * IBM AIX 4.3.2 / 4.3.3 / 5L
    * HP-UX 11.0
    * Compaq Tru64 5.x
    * Red Hat LINUX 7.x (tested and validated on Red Hat LINUX 7.1, 7.2,
    7.3 and 8.0)

    Version 4.1 Agents
    * SUN Solaris 8
    Version 4.0 Agents
    * SUN Solaris 2.6 and 7
    * HP-UX 10.20

    For more information on this release of System Scanner Service Release (SR)
    3.14, please contact the following:

    * For additional product/service information:
    -
    http://www.iss.net/products_services/enterprise_protection/vulnerability_ass
    essment/scanner_system.php

    * For sales and professional services information:
    - mailto:sales@iss.net
           - 800-776-2362 (U.S. and Canada)
    - +1-404-236-2600 (International)

    * For support information, including ISS' Technical Support Knowledgebase:
           - Customer Support
             http://www.iss.net/support/enterprise/index.php
           - Technical Support Knowledgebase
    http://www.iss.net/support/knowledgebase/

    ============================================================================

    _______________________________________________
    CustomerConnect mailing list
    CustomerConnect@iss.net


  • Next message: X-Force: "ISS Security Alert Summary AS03-12"