MOUNTAIN VIEW, CALIF.- Unable to make a go of it as a provider of security monitoring services, privately held Securify is looking to sell security hardware and software for customers to use on their own.
The company, founded four years ago by encryption expert Taher Elgamal, calls its appliance SecurVantage. The device records application and network use, and includes a management console to provide reporting and analysis based on a customer's security policy for authorized application use.
SecurVantage, which is based on a Dell server with a hardened Linux kernel, connects to a LAN switch at up to 1G bit/sec.
Chicago law firm Sonnenschein, Nath & Rosenthal, an early adopter, is finding SecurVantage to be a useful tool for refining its security policy. The device lets the company know how business activities are affected as new security policies are introduced and enforced.
"There's authorized traffic and unauthorized traffic, and SecurVantage can categorize it by scoring it high or low, or red, green and yellow," says Adam Hansen, lead information security engineer at Sonnenschein, a 1,500-employee firm with offices around the country. "You can develop a policy for what each SecurVantage sensor sees. It sorts application use by protocol. I even can look at commands passed to a Web server."
Sonnenschein has been running three SecurVantage sensors for about a month on its office LAN, with the main benefit being its ability to obtain a view of the law firm's typical intranet and Internet use. Hansen says he anticipates more widespread use of SecurVantage at the firm.
Few products seek to do exactly what SecurVantage tries to do, although start-up nCircle is also looking to provide a comprehensive security view. Most intrusion-detection systems seek to detect outright attacks. Another category of products, network discovery tools, can be useful for watching traffic flows, but they don't usually work in real time the way SecurVantage does, Hansen says.
Pricing for SecurVantage starts at $50,000.
RELATED LINKS
Contact Senior Editor Ellen Messmer
Other recent articles by Messmer
Error 404--Not Found |
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:10.4.5 404 Not FoundThe server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. |
