- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
5 critical security questions that IT and corporate leaders are asking
Getting the answers to who, what, when, where and why regarding network security
Sign up for this newsletter now!
Linda Musthaler's CIO-level look at the latest networking technologies and their benefits and pitfalls.
Who, what, when, where, and why? When it comes to network security, these are the five critical questions that IT and corporate leaders are asking. As pressure mounts for companies to protect their information assets from unintentional disclosure and to maintain compliance with a growing number of policies and regulations, it’s becoming more important to know exactly who is doing what on the network as it is happening.
While only a human can answer the question of “why?” numerous tools individually help organizations manage and answer parts of the “who,” “what,” “when” and “where” questions. Tools like intrusion detection systems (IDS), security information management (SIM), network access control (NAC), and network behavior analysis (NBA) all provide good details that paint portions of a picture. The complete picture, however, is like one of those connect the dots drawings; the details are all there in different silos (e.g., users, assets, applications), but sometimes additional resources are required to match/reconcile results to reveal the picture in its entirety (Learn more about IDS products from our Intrusion Detection Systems Buyer's Guide; Learn more about SIM products from our Security Information Management Buyer's Guide; and Learn more about NAC products from our Network Access Control Buyer's Guide).
This is the premise behind the user identity-based monitoring and verification of Securify. An appliance called a Securify Monitor tracks all post-connection networked transactions to users to provide a view of "who" is accessing "what" applications and "where" in the network. The user identity and group / role associations are dynamically drawn from existing user directories (Learn more about identity management products from our Identity Management Buyer's Guide).
The Securify tool has two main functions: automated discovery of actual user activity and usage of business systems, and automated verification to validate that the user activity is permitted within the role-based controls and pre-built security best practice templates you’ve set for your systems. The appliance brings all the information together in one place, and you can view prioritized violations with user identities and incident details via an intuitive Web interface – as they are happening.
Linda Musthaler is a principal analyst with Essential Solutions Corporation.
Most Read
Videos
Rss FeedLatest News
Rss Feed
Sponsored Links
- Masters of Virtualization and Cloud Computing- Trend Micro
- Hitachi IT Operations Analyzer—30-day free trial- Hitachi Data Systems
- Are you gambling with your data? It is at risk. Find out and protect it.- Ultrium LTO
- CA ARCserve r12.5 is More Than Backup! Download Trial Version Today- CA
- Take the Netezza TwinFin TestDrive!- Netezza
- Getting to One 10-minute Webcast, Cloud Computing: Beyond the Hype- Novell
- Watch a step-by-step demo of how Chinese hackers compromised brand name US high-tech companies like Google. - Zscaler
- Cisco Webcast: Leveraging 802.11n, Is your WLAN ready for Enterprise Video?- Cisco
- Turn your desk phone and mobile phone into one with Sprint Mobile Integration.- Sprint
- Discover the Four Trends Driving the Future of Data Centers - Emerson Network Power
-
Network World, Inc
The Leader in Network Knowledge
Comments (2)
RE: 5 critical security questions that IT and corporate leaders are askingBy fastrev on January 28, 2008, 1:38 pmWOW just rename the title "The Securify solution" paid for by Securify Many products do the same thing... Mazu, Lancope, Arbor and Q1Labs all are more welknown...
Reply | Read entire comment
No one paidBy Linda Musthaler on January 30, 2008, 9:37 amSorry, fastrev, no one paid us to write this article. Not Securify, and not even Network World. Thanks for the suggestions for the other vendors to follow-up with....
Reply | Read entire comment
View all comments