Change control helps IT deal with changing threats |
 |
By Dennis Fisher, Executive Editor
21 Sep 2006 | SearchSecurity.com |
|
|
In many enterprises, security and network uptime are important, but not necessarily the top priorities. But for WebEx Communications Inc., network security and availability is the whole thing. Without unquestionably reliable servers, the online meeting company has no business.
So when WebEx CSO Randy Barr and his team began looking for a way to protect the servers in the company's data center from curious or malicious employees, he was unimpressed by most of what he saw in the market. Many of the solutions could prevent unauthorized changes to the precious servers, but their effect on the performance of the company's applications was unacceptable. Finally, after recommendations from a couple of colleagues, Barr went a little bit outside the traditional host security box and began looking at S3 Control, a solution from Solidcore Systems, a small Palo Alto, Calif., startup.
"I had heard from a few guys that their stuff was really impressive, but I was worried about its impact on our resources," Barr said. "We can't have that. But I started looking at it and really liked the security end of it, so we brought it back and started evaluating it."
S3 Control is an agent-based solution that is meant to prevent any unauthorized changes to a protected machine, whether it's a server, desktop, mobile device or point-of-sale device. Based on the organization's security policies, S3 Control can prevent users from making any change to a device. The policies can be set based on time, job function or other variables.
Unlike similar products, S3 Control doesn't simply take snapshots of a protected machine's state and compare it against a template. Instead, it documents each machine's state continuously and prevents any unauthorized action on the device. This includes stopping malicious executables from running and preventing authorized users from making unauthorized modifications. The solution also has a search engine that enables administrators to find specific change events, said Rosen Sharma, CEO of Solidcore.
"We almost came at this backward. It wasn't until folks like WebEx and GM told us what they were doing with the product that we realized how powerful it is," Sharma said. "It's like Tivoli for change. People buy it for security, compliance and availability, but we're selling change control."
WebEx's Barr didn't much care what category it fit into, he just wanted it to work. Once he was satisfied with the security attributes of the product during his initial evaluation of S3 Control, he had his team test the performance of a server running WebEx and S3 against one running only WebEx. To Barr's surprise, the WebEx application actually ran faster on the server with Solidcore's product on it.
"That was pretty surprising. I had them check it again. I had them try to kill the agent, mount another file system on there, everything," said Barr. "It stopped all of that and it runs our application faster."
Other vendors, including IBM's Rational Software, Configuresoft Inc. and Mercury Interactive Corp., have somewhat similar offerings, but Sharma believes that Solidcore is well-positioned to hold its own against its larger competitors.
"Anyone who builds a box based on Windows or Linux has these same problems, and we're the only ones who can really solve them," Sharma said. "It is mind-boggling to me that nobody does this."
|
|
|
|
