Skip Links

Symantec seeking product management umbrella

Plans detailed for company engineers gathered at Cutting Edge conference

By , Network World
October 04, 2007 10:54 AM ET

Network World - Orlando — Symantec is looking to bring its storage, backup, security protection, configuration and patch-management tools under a common management umbrella that will lead to better IT policy and compliance reporting, a company executive said Wednesday.

At Symantec’s annual Cutting Edge conference, which brought together 400 of Symantec’s engineering staff, CTO for product strategy Mark Bregman said the company has begun unifying the slew of products it has built or acquired so they can share policy and knowledge data in a way they can’t today.

“Today, BindView will tell you there’s a problem, and Altiris will fix it, but today Altiris won’t share that information automatically with BindView,” Bregman said about BindView vulnerability-scanning and the Altirus patch-management, configuration and software distribution products.

The inability to share critical management data also impacts Symantec’s storage and backup products with their separate management consoles. “The problem is we have lots of products and they all do this. Wouldn’t it be great if there were one policy engine, one central knowledge base?” he asked.

Bregman said Symantec’s strategy is not to create one management console — competitor McAfee has taken that approach with its ePolicy Orchestrator — but to develop a standards-based framework that relies on adding adaptors to existing products so critical policy and management data can be translated and shared.

“If each of these has a standard way, standards such as such as Web Services WS-MAN and Active Management Technology, we can have a common naming dictionary for talking between consoles,” Bregman said. This will mean not just a better ability to centralize a dashboard view and generate IT reports but also a way to share Symantec products data with third-party systems, such as IBM Tivoli, he noted.

While Bregman acknowledged this product integration will not happen overnight, the work has begun with the Altiris products and Symantec Endpoint Protection 11.0 released a few weeks ago, which share configuration-management information

Bregman said next year will show evidence of further product integration. “But these will still remain point products,” he said, adding there are no plans to boil multiple Symantec software agents down to one.

Symantec sees the future in optimizing its storage and backup products for use in the virtual machine environments proliferating in the enterprise.

Bruce McCorkendale, Symantec distinguished engineer, said the future calls for adapting Symantec Veritas storage products to specifically recognize and track virtual machine images that might be used for patching or software distribution. In addition, software security mechanisms such as a cryptographic hash could be used to ensure images remain untampered. Those added features are expected out in coming months.

McCorkendale said he sees a time coming when virtualization technologies lead to a world where “racks of CPUs, racks of disks, racks of memory and racks of [network interface cards] are dynamically and on the fly created everywhere.”
Altiris and Veritas make use of their own type of virtualization in provisioning and storage, he said, and while the products can work in virtual machine environments today, Symantec's changes will make them will make them more scalable when used with virtualization software from XenSource, VMware and Microsoft.

In a different arena — that of identity and authentication, where Symantec has been largely absent — company engineers anticipate the security firm’s release of Norton Identity Safe as part of the Norton 2008 desktop antimalware could be the start of something much larger.

Identity Safe, which lets users create separate forms for passwords, e-mail and personal information to be automatically entered at different Web sites they visit, is the first step in preparing for a larger role in authentication, said Brian Hernacki, software architect.

“Over time, it may form the basis for automatically generating passwords, or one-time passwords,” Hernacki said. He added that Identity Safe is based on OpenID standard but will also be able to support Microsoft’s CardSpace.

Symantec is considering how it might start an in-the-cloud authentication service, but Hernacki acknowledged that new services will only evolve over time if consumers and corporations in e-commerce, the medical, banking and other industries buy into the idea.

In other areas, Symantec is willing to try out new things. The latest version of Norton 2008 desktop software, which shipped just a few weeks ago, has a way to look at a file about to be saved from the Internet, check if it’s dangerous, and warn the user with a message.

“It’s like a community watch,” said Carey Nachenberg, Symantec fellow in Symantec’s research center. “Spyware has evolved so it will generate a new piece of spyware for each visitor, usually with a downloaded file.”

Because signature-based defense alone is no longer enough for this spyware epidemic, Symantec’s strategy relies on building a list of good applications kept in a white list that can be compared using an automated process using a computer crypto hash.
“We would make an instance hash of the downloading software, and send it to a service in the cloud,” Nachenberg said. “It would be instantaneous.” If the hash comparison shows the file is acceptable, it wouldn’t be blocked. But if the downloaded file is deemed to be a danger, the user would receive a dialog box from Symantec explaining the problem and recommending the download not be completed.

The new malware-detection process entails Symantec watching the user downloading process, something Norton 2008 users can opt out of allowing, Nachenberg said. “We’re not tracking the Web site, we’re tracking applications,” he noted, adding, “The question is, can we leverage the wisdom of the crowds?”

The hope is that research on what users download will validate Symantec’s research and result in a full-fledged service within two years that would be used by both enterprises and consumers.

“This flows into a white-list technology,” Nachenberg said. “There are more good programs than bad software today.” While Symantec built its past keeping track of bad software, the future in software protection may rely equally on tracking the good.
Some future-oriented product strategies Symantec won’t unveil until next Tuesday, when it will clarify how it will enter the data-leakage prevention market.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News