Internet Security Systems Inc. is readying technology it says could benefit companies fed up with current patch management techniques.
More precisely, ISS will enable its vulnerability-assessment scanner to gang up with its network- and host-based intrusion-detection systems (IDS) to stop newly discovered attacks or worms that could damage unprotected servers or desktops on enterprise networks. ISS CTO Chris Klaus calls the idea “virtual patching” because it could eliminate the need to immediately apply server or desktop software patches, which are often required to combat new attacks that exploit software holes. Instead of having to rush to patch the application or operating system software to stop a fast-moving worm from taking over vulnerable systems, IDS takes steps to stop specific attacks aimed at the target machine. Next month ISS will add the virtual patching capability to its vulnerability-assessment tool, Internet Scanner 7.0, which runs on Windows 2000.
BAM bolsters data visibility
The lines between data and process integration are blurring as vendors link traditional business intelligence with enterprise application integration. BI and EAI vendors are tying message feeds with analytics to provide real-time visibility through BAM (business activity monitoring), an emerging technology that provides access to critical business performance indicators.
For example, the new version of Business Objects SA’s BI suite, BusinessObjectsEnterprise 6, enables organizations to track, analyze and manage enterprise performance. The suite includes analytics, a BI platform and data-integration software. Other players are teaming up to integrate their platforms to offer BAM, and pure-play vendors are moving to tap this growing market. Informatica Corp. and webMethods Inc. rolled out a new BAM platform in April that integrates webMethods’ Integration Platform with Informatica’sPowerCenter data-integration platform and PowerAnalyzer BI software.
Cisco tightens security
Cisco Systems Inc. is wheeling out a smorgasbord of security upgrades and advanced threat-protection technologies in an effort to help users integrate security management.
The company rolled out 14 security-related packages, including upgrades to its security management software to make it easier to manage security and to support networks consisting of tens of thousands of secure sites. Cisco is adding a feature it calls Cisco IOS AutoSecure, an option to lock down routers quickly via a typed command that disables nonessential functions of the operating system and enforces secure access to the router. The company is also introducing Security Device Manager, a management tool to configure individual firewalls and VPNs on the Cisco 830 and Cisco 3700 access routers. The software also can evaluate router configurations and recommend changes that will boost security.