Search /
Advanced search  |  Help  |  Site map
Click for Layer 8! No, really, click NOW!
Networking for Small Business
Where's my gigabit Internet, anyway?
Americans cool with lab-grown organs, but not designer babies
IE6: Retired but not dead yet
Enterprise who? Google says little about Apps, business cloud services in Q1 report
DDoS Attackers Change Techniques To Wallop Sites
Can we talk? Internet of Things vendors face a communications 'mess'
AMD's profitability streak ends at two quarters
Michaels says breach at its stores affected nearly 3M payment cards
Exclusive: Google's Project Loon tests move to LTE band in Nevada
H-1B loophole may help California utility offshore IT jobs
How a cyber cop patrols the underworld of e-commerce
For Red Hat, it's RHEL and then…?
Will the Internet of Things Become the Internet of Broken Things?
Kill switches coming to iPhone, Android, Windows devices in 2015
Israeli start-up, working with GE, out to detect Stuxnet-like attacks
Galaxy S5 deep-dive review: Long on hype, short on delivery
Google revenue jumps 19 percent but still disappoints
Windows XP's retirement turns into major security project for Chinese firm
Teen arrested in Heartbleed attack against Canadian tax site
Still deploying 11n Wi-Fi?  You might want to think again
Collaboration 2.0: Old meets new
9 Things You Need to Know Before You Store Data in the Cloud
Can Heartbleed be used in DDoS attacks?
Secure browsers offer alternatives to Chrome, IE and Firefox
Linksys WRT1900AC Wi-Fi router: Faster than anything we've tested

Tivoli coordinates efforts of security devices/tools

Today's breaking news
Send to a friendFeedback

AUSTIN, TEXAS - Worried about a hacker crashing your Web site, despite the arsenal of security tools you have in place? Tivoli this week will attempt to address such concerns with software it claims can unite disparate security products to fight off denial-of-service attacks and other types of net assaults.

Called SecureWay Risk Manager, the product can field alerts from separate security products, such as firewalls and virus detection programs. It can then present information based on the alerts in a single management console that gives a more complete picture of a company's network security status.

Tivoli's new software, based on technology created in IBM research labs, can also be used to test networks for potential security weak spots and to distribute security patches.

Tivoli is targeting organizations with high-profile Web sites as well as universities and other sites whose computers might be used without the knowledge of their owners to launch attacks like those that stymied Web sites such as Yahoo and eBay earlier this month.

Risk Manager, which initially will run on Windows NT, includes a translation engine that can accept data from assorted security products via SNMP or other means. The engine translates the data into a common format that can be understood by Risk Manager's correlation engine. This technology has been in development for the past year at the IBM Zurich research lab.

The correlation engine can be programmed with rules from the IT staff and acts as the communications and command center for all of a network's security needs. So for example, a company can use the correlation engine to set up and enforce a scheme to block a SYN Flood, a type of distributed denial-of-service attack. Web servers can be instructed to identify and delete incoming IP packets that include erroneous header data that can bog down a system. Risk Manager also includes a Vulnerability Scanner that sends software agents across a network to check Web servers for potential security problems. For instance, the agents can be programmed to recognize Unix-based Trin00 denial-of-service attack code and alert the correlation engine so that appropriate follow-up action can be taken.

Risk Manager can also make sure security applications are distributed consistently through-out the network. Say a network executive wants to distribute a software patch that prevents routers from being used to flood another company's Web server with pings. Risk Manager can create a list of the routers that need the patch, distribute it and then confirm that every router got the patch.

Tivoli's new software works with existing security and management products from Tivoli and parent company IBM. It also works with software from partner vendors such as Internet Security Systems.

Integrated security products such as Risk Manager are becoming more common, says Chris King, an analyst at Meta Group, a consultancy in Stamford, Conn. Tivoli could have an edge in this market because of its experience with enterprisewide network and systems management, but the company will need to make sure customers can make Risk Manager work with tools from leading management software vendors such as Computer Associates and BMC Software.

Risk Manager is currently in beta testing. The product will be released in the next few weeks, followed by a more automated edition later this year. IBM also plans to roll out versions of the software for AIX, Solaris and Windows 2000 down the road. Pricing information was not available.


Related links

Tivoli security products
From Tivoli.

Research: Denial of Service
Articles, downloads and other resources on denial-of-service attacks.

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.