ICSA Labs has recently announced its new Endpoint Security Consortium, which will develop ways to properly test antimalware, host intrusion prevention and detection and personal firewall technologies to certify integration between the products.
ICSA Labs, a division of Basking Ridge, N.J.-based Verizon Business that tests and certifies security technologies, is attempting to address what it has identified as a change in the endpoint security model. In the past, the individual products have been installed on a desktop and tested or evaluated separately. Instead, the consortium will build a baseline to test integrated components of the technologies.We want to protect the end user and we don't want them to care if it was antivirus or personal firewall; you want to protect them in a broader scheme.
antimalcode program managerICSA Labs
Andrew Hayter, the antimalcode program manager of ICSA Labs, said integrated endpoint security management is growing in popularity. They are easier to manage and are being more frequently offered by security vendors.
"More and more vendors are looking at integrated solutions that combine a suite of products together, and they may individually still function, but in the endpoint security model they coordinate responses with each of the components and report that the machine is protected," Hayter said. "We want to protect the end user and we don't want them to care if it was antivirus or personal firewall; you want to protect them in a broader scheme."
In addition to developing testing standards for integrated components, the consortium will provide education to enterprises evaluating integrated endpoint security products. Since testing the technologies is often a difficult, costly and time-consuming project, many enterprises don't have the resources to conduct lengthy evaluation periods. And that's where ICSA Labs comes in, Hayter said.
"This testing gives the end-user community, in the case of enterprises who are looking at endpoint security products, a baseline set of criteria to evaluate a product against," Hayter said.
The Endpoint Security Consortium gives vendors an efficient, cost-effective method of testing, and also helps vendors keep a strong customer loyalty, Hayter said. Charter members participating in the consortium, which is currently in the development stages, include AVG, McAfee Inc. and Microsoft.
"The vendors will have the advantage of being tested by ICSA Labs to meet the baseline criteria that they help develop," Hayter said. "We're not going to develop criteria in a vacuum that the vendors don't know anything about. Our goal is not to fail vendors, we want them to meet the baseline criteria we establish."
Having a third party validate a product will give vendors the opportunity to market an ICSA Labs certification to customers, Hayter said.
ICSA Labs is looking to "begin some phase of testing in the near future," said Hayter. Endpoint, according to Hayter, is where the future of testing and solutions lies.
"The Endpoint Consortium is taking what has existed for quite a while in individual components and putting them into an integrated solution," Hayter said. "It makes the management of that solution from an enterprise environment easier because you're deploying an endpoint solution not individual endpoint products and it helps the corporate environment manage things a whole lot easier."