Greg Enright: Tripwire plan a solid start

News earlier this month of a burgeoning initiative from a data management firm in Portland, Ore., of all places, should provide network managers with a reason to be hopeful when it comes to the protection of their firm’s prized assets.

Six-year-old Tripwire Inc. has come forth with an idea that would see an Internet-based database be created to which files could essentially be fingerprinted. Future iterations of the file could then be compared to the benchmarked version, allowing any corruptions or alterations to be exposed and, hopefully, rectified.

Dubbed the File Signature Database (FSDB), the initiative is aiming to eventually reduce the vulnerabilities that so commonly afflict management platforms and ultimately hinder efficiency and productivity. Each file that goes into the database is known as a “good file” and is identified by its own unique signature. It’s distinctive moniker consists of a name and a digital “hash” value.

Tripwire says there are already 11 million such signatures in the FSDB. When participating companies release new software, the database will be updated with the latest file fingerprints. The “core reactor”, so to speak, of the entire initiative is a mammoth relational database that controls and authenticates the files.

Hopefully, the end result may be an ability to identify malicious data that today has all too easy a time infiltrating the average corporate network, such as viruses and disruptive codes.

While the idea sounds impressive once one delves into its finer details, what seems to be even more impressive is the lineup of heavyweight vendors that Tripwire appears to have signed up to endorse the initiative. No less than Hewlett-Packard, Sun Microsystems and IBM are identified as “charter members” in Tripwire’s press release announcing the program’s launch.

The release is careful to point out that the initiative is open to all operating system, application and infrastructure vendors, and with the kind of backers that are already in place, it might not be long before other supporters come on board.

The FSDB sounds promising, no doubt, but let’s not forget the many challenges that still face the nascent initiative. Even Tripwire is saying that many delivery models for the content resident on the database are still under development, and that an open-standard Web service that could greatly ease the transfer and communication methods surrounding the data will not be seen until the first half of next year at the earliest.

Other concerns still linger around the issue of security. Although one would presume that the FSDB itself would be guarded in a manner similar to that deployed around Fort Knox, it’s not a particularly happy thought to think what could happen should the database itself somehow be hacked.

No matter how successful the initiative ends up being, one indisputably encouraging point that has emerged from this process is the cooperation that appears to be on display between some of the industry’s leading technology firms. That, after all, is what is needed before anything else if the enterprise is to stay a step ahead of those trying to attack it.