McAfee, Inc. has announced the upcoming availability of its Entercept intrusion prevention system (IPS) for Linux.
On Thursday the security company will make available the Entercept IPS server agent for Red Hat Enterprise Linux 3. The company said that offering Linux support for the product, which already includes support for Windows and Solaris, is part of a broader strategy to widen its security offerings for Linux.
The Entercept server agent provides several kinds of protection for systems, including buffer overflow prevention in installed applications. Its buffer overflow prevention is driven by system call interception, which modifies the entries in a given operating system kernel’s system call table, allowing Entercept to analyze potentially harmful software calls and prevent buffer overflows (define), a particularly common source of security compromises.
In addition, Entercept server agent provides protective software for Web and database servers to prevent such SQL injection and directory traversal exploits. Entercept server agent also provides behavioral rules to intercept potential attack traffic before exploits are commonly known, and it consults a fingerprint database to assess known attacks.
Entercept server agent can operate independently, or in conjunction with McAfee’s Entercept management server, or the company’s ePolicy Orchestrator.