Growing demands to get their networks in line with compliance regulations and maintain consistent policies are forcing many companies to reassess how they secure and manage their networks.
Network management technologies such as traffic monitoring, packet analysis and policy-based management are finding their way into new and existing security tools. Systems management vendors are adding security capabilities to perform vulnerability scans, distribute patches and help customers maintain compliance.
For example, Lancope and other vendors are developing products to baseline typical network traffic and perform ongoing monitoring to detect problems that might indicate a security breach. Others, such as Elemental Security, provide technology to help IT managers establish policies and monitor network events against the policies to ensure that networks remain compliant. Current security event management (SEM) vendors are adding more automation, remediation and policy-based management features to evolve their tools from simple log-collection products into security-compliance tracking tools.
"I wanted a centralized area where I could see all the security events for the company, but I saw more than just security issues," says Matthew Keogler, senior security and network engineer at AutoTrader.com in Atlanta. Keogler installed an SEM product from GuardedNet about two years ago and said it not only provided a dashboard of security events but also helped him discover unknown network security threats. "The product immediately showed me misconfigured servers and some network issues that are related to security. I still use it from time to time to patrol and clean up the network."
The trend toward securing networks with network management technologies has attracted not only a slew of newcomers but also Cisco - with its Network Admission Control (NAC) initiative - and IBM. Industry watchers predict that it's only the beginning.
According to The Yankee Group, the overall security industry in 2004 generated about $12.9 billion in revenue, and of that SEM accounts for a modest $250 million. Yet the research firm projects by year-end, the SEM market will grow by more than 30% to about $330 million. In fact, by 2008 Yankee Group says security management will be an $800 million market.
"This is an area that is going to attract big systems management vendors, like BMC, Computer Associates, HP and IBM," says George Hamilton, a senior analyst with The Yankee Group.
For instance, systems management vendor Altiris last week announced its Altiris Security Suite, which couples vulnerability scans with remediation tools. NetIQ earlier this month unveiled its Security Compliance Suite, which lets users perform vulnerability scans, security log management and compliance-report generation by using a combination of centralized console software and distributed agents on managed machines. At its annual users' conference in two weeks, HP also is expected to introduce compliance management wares.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment