SAN MATEO (02/18/2000) - WITH IT MANAGERS still sorting through the implications of the recent DoS (denial of service) attacks on high-profile Web sites, network management vendors are bolstering their management platforms to ward off -- and effectively react to -- network hacks. Tivoli Systems will address network vulnerability with the announcement next week of a product line dubbed Tivoli SecureWay Risk Manager, which will automate the steps for businesses to react to network attacks.
Tivoli Systems, Computer Associates, BMC Software, and others are already preparing updates to better address security. Next week, Tivoli will address network vulnerability with the announcement of a product line dubbed Tivoli SecureWay Risk Manager, which will automate the steps for businesses to react to network attacks.
Risk Manager provides a single management console to allow system administrators to monitor an enterprise's security endpoints and ensures back-up systems are in place to protect the server farm and all associated data and transaction information in case of trouble, said Carl Kessler, vice president and general manager of the Tivoli Security Business Unit, in Austin, Texas.
Security analysts said that the recent DoS attacks will force IT managers to divert more resources to beefing up network infrastructure. Specifically, administrators need to improve networks' capabilities of proactively securing and managing themselves during unforeseen problems without human intervention.
"There is a fundamental need to be able to look at an IT [network management] infrastructure of every organization, to assure good response and active security, and to establish confidence in being able to deal with these problems," said Jeff Havrilla, a member of the CERT Coordination Center Vulnerability Handling Team, in Pittsburgh.
Network management vendors, which have long argued that security is most effective in conjunction with active performance monitoring, are drawing functions like intrusion detection tighter into the network management platform fold.
Computer Associates (CA) is actively pursuing ways to use the artificial intelligence in its Neugent technology to predict attack patterns and incorporate that capability into its intrusion detection products for use on a much larger enterprise, said Narender Mangalam, director of security products at CA, in Islandia, N.Y.
After BMC Software customer Amazon.com fell victim to the DoS barrage for over an hour, BMC began investigating what did or didn't operate efficiently during the assault to specify what management areas need the most focus in future products. As a result, the company will "tweak" its Patrol for Internet Services product, due out later this quarter, officials said.
Hewlett-Packard, meanwhile, will continue to bolster the monitoring and performance in HP OpenView Network Node Manager; Node Sentry, which is built on top of it; and Policy Expert modules. For its part, Network Associates will focus more in depth on application management features in its Sniffer product line, company officials said.
On top of evolving their management platforms, a number of Internet vendors -- including CA, Cisco, Digex, eToys, Verio, Travelocity, PSInet, CMGI, and SabreTech -- formed a task force last week to discuss security guidelines for safe and secure e-business conduct.
Analysts noted that procedural guidelines and technology application are still lacking. Many companies have rushed onto the Internet and cut corners on a network management infrastructure and contingency plans, which could prove disastrous, said Caryn Gillooly, an analyst at the Hurwitz Group, a consultancy in Framingham, Mass.
"If your e-business is critical to you, then it's critical to manage it. You need to determine what's most important to you as a customer -- Web site, transactions, QoS [quality of service] -- and address that," said Gillooly.
"It's literally like not having insurance."