Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Vendor NewsFeed

More Vendor NewsFeed »

Security
F E A T U R E  
Got Discipline?

  May 29, 2003
  By Mike Fratto


>> continued from previous page

Executive Summary

TOC Issue TOC
Printer Print full article
Printer Print this page
Printer Download as PDF
E-Mail E-Mail this URL
Discuss Discuss this article
flame author Flame the author
 
  In this article
arrow
 Introduction
arrow
 What's In It for Me?
arrow
 Executive Summary
arrow
 Complying With the Feds
arrow
 Epoll Results

Security Policy Monitoring

It may start innocently enough, perhaps with a user installing a seemingly innocuous piece of software on a networked enterprise PC. This might annoy the desktop people, but as the security manager, it's not your problem, right? Wrong. Can you be sure that the application did not change vital configurations on the machine, possibly making your entire network vulnerable? Worse, if your security policy is not continually enforced, such a hole might go unnoticed indefinitely. And even if your desktops are locked down tight, HIPAA requires all health-care organizations to have a system in place ensuring the security of all patient information; the Gramm-Leach-Bliley Act makes similar demands on financial institutions. Security policy enforcement, clearly, is taking on new urgency.

The best way to stay in the Feds' good graces is security policy monitoring, whereby you lay down the law across your organization and then constantly audit for compliance. We gathered security policy monitors from BindView, Computer Associates International, Configuresoft, NetIQ, Pedestal Software, Polivec and Symantec in our Syracuse University Real-World Labs® and deployed them on a 100-node network. In the process we nailed some hideously out-of-compliance production systems. Ouch.

After a few months of poking and prodding, we were impressed with all the products we tested. Price was, of course, a factor--this level of control does not come cheap. Still, each allowed for stringent compliance checks and offered strong reporting; some even helped us write policies via templates and could proactively slap around deviant systems. We awarded BindView's bv-Control 7.2 our Editor's Choice for its all-around strong feature set. Shops with tight budgets should take a look at our Best Value Award winner, Pedestal Software's SecurityExpressions 3.0.

start top  What's In It for Me? Complying With the Feds 

Research and Reports

Hypervisor Derby
August 2011
Network Computing: August 2011

Video


WATCH: Box.net CEO Aaron Levie Takes On Microsoft

WATCH: HP Chairman Ray Lane: Focus On Innovation

WATCH: How OpenFlow Changes Networking


View All Videos
Previous Page First Page Second Page Third Page Next Page

Most Popular

Stories Blogs

More Stories »

Featured Whitepapers

Featured Reports

BlogRoll

TechWeb Careers