Search /
Advanced search  |  Help  |  Site map
Click for Layer 8! No, really, click NOW!
Networking for Small Business
Report: US FCC to allow payments for speedier traffic
China working on Linux replacement for Windows XP
FCC adds $9 billion to broadband subsidy fund
Raspberry Pi alternatives emerge to fill need for speed
It's now possible to wirelessly charge 40 smartphones from 16 feet away
Ex-FCC commissioner to head CTIA in latest Washington shuffle
Go time traveling with Google Maps
While Heartbleed distracts, hackers hit US universities
Survey respondents shun much-hyped mobile shopping technologies
Survey respondents shun much-hyped mobile shopping technologies
7 Ways to Advance Your Project Management Career
How Apple's billion dollar sapphire bet will pay off
US to vote on sharp increase in broadband subsidies
iPhone 6 rumor rollup for the week ending April 18
NSA spying revelations have tired out China's Huawei
Arista co-founder may have switch maker by its jewels
Apple kicks off public OS X beta testing
Open source pitfalls – and how to avoid them
AT&T's expanded 1 Gbps fiber rollout could go head to head with Google
BlackBerry Releases BES 10 Security Update to Address 'Heartbleed' Flaw
Verizon: Web apps are the security punching bag of the Internet
Cisco announces security service linked with new operations centers
Dell launches virtual storage accelerator, aims to boost SAN performance
Free OS X Mavericks now powers half of all Macs

Tivoli coordinates efforts of security devices/tools

Today's breaking news
Send to a friendFeedback

AUSTIN, TEXAS - Worried about a hacker crashing your Web site, despite the arsenal of security tools you have in place? Tivoli this week will attempt to address such concerns with software it claims can unite disparate security products to fight off denial-of-service attacks and other types of net assaults.

Called SecureWay Risk Manager, the product can field alerts from separate security products, such as firewalls and virus detection programs. It can then present information based on the alerts in a single management console that gives a more complete picture of a company's network security status.

Tivoli's new software, based on technology created in IBM research labs, can also be used to test networks for potential security weak spots and to distribute security patches.

Tivoli is targeting organizations with high-profile Web sites as well as universities and other sites whose computers might be used without the knowledge of their owners to launch attacks like those that stymied Web sites such as Yahoo and eBay earlier this month.

Risk Manager, which initially will run on Windows NT, includes a translation engine that can accept data from assorted security products via SNMP or other means. The engine translates the data into a common format that can be understood by Risk Manager's correlation engine. This technology has been in development for the past year at the IBM Zurich research lab.

The correlation engine can be programmed with rules from the IT staff and acts as the communications and command center for all of a network's security needs. So for example, a company can use the correlation engine to set up and enforce a scheme to block a SYN Flood, a type of distributed denial-of-service attack. Web servers can be instructed to identify and delete incoming IP packets that include erroneous header data that can bog down a system. Risk Manager also includes a Vulnerability Scanner that sends software agents across a network to check Web servers for potential security problems. For instance, the agents can be programmed to recognize Unix-based Trin00 denial-of-service attack code and alert the correlation engine so that appropriate follow-up action can be taken.

Risk Manager can also make sure security applications are distributed consistently through-out the network. Say a network executive wants to distribute a software patch that prevents routers from being used to flood another company's Web server with pings. Risk Manager can create a list of the routers that need the patch, distribute it and then confirm that every router got the patch.

Tivoli's new software works with existing security and management products from Tivoli and parent company IBM. It also works with software from partner vendors such as Internet Security Systems.

Integrated security products such as Risk Manager are becoming more common, says Chris King, an analyst at Meta Group, a consultancy in Stamford, Conn. Tivoli could have an edge in this market because of its experience with enterprisewide network and systems management, but the company will need to make sure customers can make Risk Manager work with tools from leading management software vendors such as Computer Associates and BMC Software.

Risk Manager is currently in beta testing. The product will be released in the next few weeks, followed by a more automated edition later this year. IBM also plans to roll out versions of the software for AIX, Solaris and Windows 2000 down the road. Pricing information was not available.


Related links

Tivoli security products
From Tivoli.

Research: Denial of Service
Articles, downloads and other resources on denial-of-service attacks.

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.