Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Elemental Security improves security through compliance

New automated tool enforces policies, security
Technology Executive Alert By Linda Musthaler and Brian Musthaler , Network World , 10/24/2005
Musthaler
Sign up for this newsletter now!

Linda Musthaler's CIO-level look at the latest networking technologies and their benefits and pitfalls.

  • Share/Email
  • Comment
  • Print

Is our company’s data secure? Are we in compliance with general information access control policies? These are two security questions on every CIO’s mind these days. For many of them, as well as the other C-level executives, regulatory compliance is another major concern. This past April, Elemental Security began shipping a product to address both security and compliance needs for the large enterprise environment. Even if you don’t need to comply with major regulations such as Sarbanes-Oxley and HIPAA, you can’t go wrong in enforcing your own internal policies to increase security with an automated tool like the Elemental Compliance System (ECS).

ECS fits into the sweet spot where host configuration management, network access control and policy management intersect. This product has one of the strongest, most detailed policy management modules that we’ve seen. For more information about the security and network management aspects of ECS, check out recent articles here and here (PDF).

Compliance requirements and system security have always been linked. Until now, however, they were difficult to implement in a non-invasive, integrated manner that was easy to deploy, maintain and monitor. The ultimate goal is to control gaps in system access while staying in concert with overall general business control requirements (for example, segregation of duties) that are designed to ensure reliability of financial data.

An enterprise-level tool, ECS is an integrated product that provides security practitioners with the near-real time ability to effectively and efficiently:

* Inventory all network assets.

* Create, modify, test and monitor security policy and compliance.

* Control and monitor network access.

* Control and monitor configuration management for users' machines.

* Establish baselines and metrics.

* Identify threats, access risk and automatically contain vulnerabilities.

* Prevent non-compliant resources from access to the network.

ECS uses an agent-server approach. New devices put on the network that do not have the agent are discovered and monitored and can be isolated until it is proven that they meet the conditions set forth by the enterprise policies. Approved devices and users on the network can be dynamically grouped according to specific attributes or policies, increasing your flexibility to control access to resources.

Linda Musthaler is a principal analyst with Essential Solutions Corporation.

  • Share/Email
  • Comment
  • Print
Partner Content
CA logo

CA Network & Voice Resource Center

Comprehensive Network & Voice Management Visit CA Network & Voice Management Resource Center and get insights into industry best practices, information that helps you to address your challenges.

CA Network & Voice Management Resource Center

whitepaper

Managing Voice Over IP for Successful Convergence

Voice over IP (VoIP) has much to offer in cost savings but some customers have concerns about VoIP call quality compared to the quality of traditional voice services. This white paper will help you learn how to take the right steps so that voice quality is assured.

Managing VoIP for Successful Convergence

whitepaper

The Changing Face of Network Management

Managing your network is serious business. This paper discusses the benefits of integrating configuration change-awareness into your network fault management solution

Download Whitepaper

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Network World,to go. Wherever you are. Breaking news delivered to your mobile device. Select the hottest topics in networking and start receiving Network World on your mobile device today.