Slammer's aftermath: Product pitches

Solutions range from help to hype

By Paul Roberts

BOSTON -- Still patching your SQL Server databases? Well, be sure not to miss the post-Slammer sale!

The new W32.Slammer worm, a nuisance for network administrators worldwide, has turned into a marketing boon for companies that sell a wide range of technology products and services.

The first Slammer-inspired product announcements appeared as early as Saturday afternoon, before many companies had even rid their network of the worm.

That trickle turned into a flood in the days that followed, as companies tried to capitalize on the media attention generated by the worm to highlight their own products.

While it is common for antivirus and vulnerability scanning companies such as Symantec, Network Associates, and Internet Security Systems to rush out statements and alerts when new worms and viruses surface, the advent of Slammer brought news about a veritable bazaar of different technology products.

Among the Slammer-themed promotions in recent days:

- Mazu Networks on Saturday announced that several of its enterprise customers were able to repel the Slammer worm thanks to the protection delivered by Mazu's PowerSecure product.

- Shavlik Technologies on Saturday offered free tools to detect missing SQL Server security patches on computers and servers and guard against the SQL Slammer worm.

- NetContinuum, which makes enterprise Web security appliances, on Monday announced that it will offer all companies affected by the Slammer worm an immediate 25 percent discount on its NC-1000 line of web security gateway appliances.

- Radware, a provider of intelligent Application Switching devices, on Monday announced the immediate availability of its SynApps Application Security module which can recognize and terminate sessions such as those caused by Slammer.

- TippingPoint Technologies on Monday announced that it developed an inoculation to block attacks caused by a vulnerability in Microsoft's SQL Server 2000. The inoculation was available for the company's UnityOne customers.

- NetScreen Technologies on Monday announced that its NetScreen Intrusion Detection & Prevention can accurately detect and prevent Slammer from penetrating corporate networks.

- BigFix, a supplier of vulnerability and automated patch management software, announced on Tuesday that its Enterprise Suite software customers were able to repel the Slammer worm.

According to executives at some of those companies, the notoriety of Slammer is already helping drum up interest in their products.

"We've seen a real spike in interest in our technology," said John Riley, director of marketing at Mazu Networks in Cambridge, Massachusetts .

"On Sunday, we had twice the normal hits on our Web site. (Tuesday) it was triple the normal level."

The Slammer outbreak has also stimulated activity amongst Mazu's channel partners and brought large corporate customers to the startup's door, looking to purchase their anomaly-based detection technology as well.

Still, Riley acknowledges that the company is treading a thin line.

"Its a tough balance, because you feel like you're taking advantage of an opportunity when someone's vulnerable."

But when your company sells security technology, capitalizing on the misfortune of others is unavoidable, Riley said.

"It's unfortunate and you hate to crow when something bad happens, but when you're a solutions provider like us it goes with the territory."

Others make no apologies for using Slammer to boost their company profile.

"That's like saying the people who make smoke detectors are benefitting from houses burning down," said Tom Byrnes, director of technology at Radware, a company with headquarters in Tel Aviv, Israel .

"Most products related to safety and protection take advantage of bad news to say 'Look if you had this you'd be better off.' I don't think its cynical to say that our product works and if you had it installed it would have protected you," Byrnes said.

With a flood of companies making the same claim, Byrnes admits that it's often difficult to known which company or technology really works.

"It's unfortunate that in this industry it's so difficult to distinguish hype from truth," Byrnes said.

Security industry analysts say that the rush by companies to get their message out is a symptom of a security market in which technology buyers are more often motivated by high-profile outbreaks than thoughtful planning.

"Security right now is reactive in nature and people are only as secure or insecure as the last attack, so security companies are prone to try to capitalize on that," said Pete Lindstrom, research director at The Spire Group.

"You'd hope people would take a more proactive approach to enterprise security architecture, but time and again that hope proven to be inaccurate," Lindstrom said.


Copyright © 2003 IDG Communications, Inc.

How to choose a low-code development platform