- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
Security technology isn't new for CA, but this year at its 12th CA World user conference in Las Vegas the company identified security as one of three focal areas (the others are governance and management). Senior Editor Denise Dubie sat down with Bilhar Mann, senior vice president and general manager of CA security management, to learn more.
If you look at the way we are talking about our Enterprise IT Management (EITM) strategy at the moment, we talk about this thing called the Unified Service Model, which includes all the relationships. I use the analogy with a house and a blueprint that everybody looks at, the electrician and plumbers and so on. Everybody looks at that blueprint to understand all the relationships between all the entities. Security now needs to leverage that same blueprint. It's not that security has not leveraged the blueprint before, but if you want to be able to connect security to the business and everything else connected to the business, then security needs to leverage the blueprint.
Let's take identity and access management, which is all about making sure you are secure in access on the Web with a product like SiteMinder and a product called Access Control for hosts and operating systems. If you look at an audit report, it tells you that this system administrator has access to a particular Unix box. That is a certain amount of information on which you can make only a certain amount of intelligent decisions. It doesn't really tell you the importance of that Unix system. If you take it up one more level and take that audit information and correlate it to the information that is held in the service model, now you will learn that that particular machine is part of your trading application.
Now the level of information you have got about this particular event has been elevated from the infrastructure level, or the server, to a level that you actually understand within your business -- which is somebody is doing something they should not be doing within my mortgage application. These products will be leveraging that service model going forward to provide the business context. We will go into that dictionary and see how a security event relates to other things. There is a lot of information sharing that you are going to see -- specifically, with our security products -- that allows us to deliver on our EITM strategy. Where we are headed with this service model will give us the ability for an organization to become much more agile.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment