N+I spotlights security and apps management

A mix of new and established companies this week will use NetWorld+Interop Las Vegas 2004 to launch a slew of management products, many aimed at helping businesses safeguard networks and applications against worms or other attacks.

Fresh off a week in which the Sasser worm congested networks around the world, the timing of the product introductions couldn't be better.

"We're looking for easier, less manual and less tedious ways to distribute patches to workstations and servers," says Larry Sikon, CIO at Thomas Weisel Partners, a banking and brokerage firm in San Francisco. "[Patch management] tools in the past have had a degree of complexity I am not comfortable with at my organization."

"Management vendors are getting into security by spotting traffic patterns and packet characteristics that could be indicative of an internal or external attack," says Glenn O'Donnell, program director at Meta Group.

Among companies looking to impress N+I attendees is newcomer Autonomic Software. The company plans to introduce its Autonomic Network System and Administration (ANSA) software, which is designed to automate distribution of patches across servers and desktops. Company executives say Autonomic will compete with Symantec, which recently announced its plans to add systems and patch management to its security products.

Sikon is evaluating the Autonomic product and says it could eliminate the manual server and desktop visits his staff of 40 perform when patching systems.

The software combines asset inventory and discovery tools with up-to-date vulnerability and virus data to ensure systems are patched before a breach in security. ANSA performs an initial automated discovery of IT assets and then begins scanning networks for potential vulnerabilities. When open router ports or unpatched servers are found, the software uses pre-defined policies to deliver patches, lock down ports and quarantine servers. The software also tracks application versions, licenses and usage on server and desktops.

Autonomic hosts a data repository, which is kept up to date with vulnerability and patch data. Customers install centralized software on a dedicated Windows server and are connected to the repository, which sends updates over the Internet via XML interfaces and Web services.

Pricing for ANSA starts at $35 per agent for up to 100 agents and $13.50 per agent for more than 2,500.

NetQoS also will use N+I to strut its security stuff. The company is expected to preview additions to Version 6.0 of its flagship ReporterAnalyzer software that enable vulnerability scans across a network. The company's performance management software, which comes packaged on a Dell or HP box, now can perform vulnerability scans across network traffic. The new Virus Scan Wizard can isolate infected devices based on traffic thresholds for a specific port and capture real-time traps of the events leading up to the problem so that the data can be analyzed.

NetQoS uses a data collector that sits near core network routers, a data interpreter that is connected to a hub router and server reporting software. The collectors passively monitor Cisco NetFlow traffic, compress the data and send it to the interpreter, which sorts it out for network administrators using a Web browser-based console. The upgraded software costs $50,000.