MaXware works on up-to-the-minute policy enforcement

MaXware, a proponent of virtual directory technology for many years, has often graced this newsletter with new products and thoughtful comments. I’ve never identified the actual source of the inspiration, either the fjords in Trondeim, Norway where the company was founded or the Fords in Freeport, N.J., where its U.S. headquarters are located. But I do know that the latter would inspire me to head for the former.

MaXware made two announcements at this week’s Catalyst Conference: Dynamic Identity Store and Virtual Policy Server.

Dynamic Identity Store is a departure from MaXware’s traditional virtual directory in that it can be either virtual or “persistent.” That is, users can consolidate and store information into a central identity store (like a traditional meta-directory) or use the standard MaXware method of storing pointers to the data that read the information only when it’s requested.

A major feature of this new offering is that entries in the identity store can be a combination of persistent and virtual data elements and can be defined (and redefined) according to the best fit for the actual solution. You can also set a general Time-To-Live (TTL) for all types of attributes and action tasks to either force rereading or removal. Of course, historical values for all attributes will be saved for auditing on modify and delete operations.

The Virtual Policy Server does for policies what the original MaXware product – Virtual Directory Server – did for identities: it consolidates them not into a central repository but through pointers to the original policies used to read the up-to-the-minute policy when it is needed.

Policy-based networking and policy-based access are boons to harried security professionals since they can be used to deal with users as well-defined groups. But an out-dated policy can be just as disastrous for your security as having no policy at all. Worse, in fact, since an outdated policy leaves you thinking that the current policy is being enforced when it isn’t. The Virtual Policy Server ensures that the very latest version of a policy is the one being enforced.

Another key benefit, especially in this age of proliferating policies, is that Virtual Policy Server enables you to discover and determine the authoritative policy sources among the many that might reside across your enterprise. Having a coherent, up-to-the-minute policy enforcement mechanism is something all of you should be thinking of implementing. And now MaXware can make it happen.