Treating management, security as one

Network management software and security devices lead separate lives today, but in the new data center, the two disciplines will come together to form a not-so-odd couple. Together they will speed problem diagnosis, detect potential threats, automate change management and enforce security and compliance policies.

Such is the vision of Scott Raymond, network manager at OMD, a New York media buying agency that is constructing a new data center architecture. Raymond recently pooled network connectivity across 10 locations into a centralized data center in New York. The move enables him to track more than 95% of the company's traffic from one location. Yet Raymond says automated change management software would put his mind more at ease.

"We saw the need to put our resources in a resilient data center, but one of the issues many companies have is tracking changes that have been made to network equipment," Raymond says. An automated tool that would log changes and check those against how things are supposed to be configured would prevent him from leaving his data center vulnerable to attack while tracking down the source of a problem. "It makes sense to bring [management and security] together. To be able to say that an outage in Atlanta correlates to this security breach on this router would decrease troubleshooting time," Raymond says.

Ultimately, as new data center technology evolves, Raymond should realize this vision. He should be able to deploy the automation and predefined rules of management software in combination with security event and compliance data to ensure servers, switches, routers and other network devices are properly patched and configured. Technologies such as event correlation, policy-based management, and configuration and change management will comprise equal parts security and management. This will let IT managers support a data center that lets outsiders in - without putting the business at risk.

"The last thing you want to do when securing your data center is shut out revenue-generating partners or customers," says Rich Baich, CIO at Choicepoint, an Atlanta provider of identification and credential verification services for the insurance industry. "Right now, isolated security events occur. What has to happen is the centralization of that security information on a management console that makes intelligent decisions and takes action."

Self-provisioning, self-protecting and self-managing capabilities begin with data sharing, says Glenn O'Donnell, a research director at Meta Group. "The processes for handling security events and more generalized event management should and can be similar if not identical," he says.

Today software from BMC Software, Computer Associates, IBM and HP monitor network events. Niche players such as ArcSight, e-Security, netForensics and Network Intelligence deliver products to help filter and make more sense of security events generated from firewalls, intrusion-detection systems (IDS) and other security devices. In the new data center, one management system will collect network and security events, and correlate the events for quick identification of the source of network performance problems or security breaches.