- Worst of the lot: PCConnection and PCMall
- 10 ways the Chinese Internet is different
- Hacker writes rootkit for Cisco's routers
- Cisco loses $2 million order to Nortel
- Enterasys, Extreme hooking up?
Discover how Wait-Time Analysis, a new approach to application and database performance optimization, allows IT professionals to fine-tune applications based on service levels. With this management tool you will find all root causes of problems impacting customers and identify the resources that will resolve that problem. Learn more today.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
IT professionals like the idea of consolidating hundreds of servers into only a few, but it takes a lot more to cost effectively consolidate and virtualize servers. Watch this six-chapter webcast, "Reduce Complexity and Cost - Windows Server Consolidation with Virtualization" to learn how to effectively consolidate your Windows environment. One of the themes explored includes the characteristics of an orchestrated data center, which includes: Resource management, dynamic provisioning, job management, policy management, accounting and auditing and real-time availability. Learn more about orchestration and much more today. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
You have installed firewalls at the perimeter of your network, rely on intrusion-detection systems to keep the bad guys at bay and have anti-virus software running on your desktop machines. And it's still not enough.
Experts say that as hackers step up their efforts to attack your network you should consider more advanced technologies and policies to defend your territory.
That's where more advanced technology will come into play. Security-information management (SIM ) systems that centralize correlation, reporting and management for multi-vendor products likely will become standard options from many vendors.
SIM products use data-aggregation and event-correlation features similar to those of network-management software and apply those features to event logs generated from security devices such as firewalls, proxy servers, IDSs and anti-virus software. Also, SIM products can translate Cisco and Check Point alerts into a common format so the data can be correlated.
NetForensics is working on software that gathers information generated by all the different point-products - such as firewalls, IDSs and anti-virus tools - to decipher what unauthorized activity might occur on a network and automatically take steps to protect it.
"This overarching system will give a bird's-eye view of what's happening on the network, not the current worm's-eye view" presented by point products, says Anton Chuvakin, security specialist at NetForensics.
The system will draw from a knowledgebase to detect whether an attack has worm- or virus-like characteristics and take relevant measures to protect the network.
Chuvakin says security professionals might not be happy letting the system decide on and apply the necessary security procedures, and says the first generation of the software will offer suggestions instead. After a year of using the product, users should feel comfortable letting the system make decisions by itself, Chuvakin says.
He says that this system would also incorporate network forensic tools, which gather information after attacks have occurred
to help network executives investigate how they happened and the nature of the attacks. SIM would proactively help stop attacks,
and if the attacks were successful the network forensics tools would mine the information about the hacks to beef up the system's
knowledgebase and theoretically help stop the next attack.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
