Hackers are trying to burrow into your network through any tiny hole you might have left in your perimeter defence; Trojans masquerading as banner ads on popular Web sites are attempting to install themselves on your users’ machines; IT vendors are releasing a flood of patches and updates in an attempt to stay ahead of ever-changing attack methods — how is an overworked and understaffed network security team supposed to keep up?
While you could cut off all Internet access, ban the use of wireless devices and lock any security policy breakers in the wiring closet to contemplate the error of their ways, you wouldn’t be contributing much to corporate productivity or morale. Network security professionals are finding a better way to do more with less is to invest in security products that automate tasks, such as responses to particular types of attacks.
Calgary-based airline WestJet is one company that’s recently installed a product designed to streamline security management. In WestJet’s case the security team turned to Intellitactics Security Manager to automate the monitoring and analysis of events from security devices. Until the airline rolled out Security Manager this fall, the security team had been tracking event logs generated by devices such as firewalls, intrusion detection systems and anti-spam appliances manually, says Bruce Elliott, WestJet’s senior manager of IT security.
“I’ve got a team of people who do their best to read through them, but of course it’s hard to do correlation and it’s even harder to detect a slow attack of any kind, because it’s dispersed through the logs so much.”
Getting a good handle on security was especially important for WestJet because the airline generates most of its revenue through online ticket sales.
Security Manager works by collecting log data from a variety of devices