A mix of new and established companies this week will use NetWorld+Interop Las Vegas 2004 to launch a slew of management products, many aimed at helping businesses safeguard networks and applications against worms or other attacks.
Fresh off a week in which the Sasser worm congested networks around the world, the timing of the product introductions couldn't be better.
"We're looking for easier, less manual and less tedious ways to distribute patches to workstations and servers," says Larry Sikon, CIO at Thomas Weisel Partners LLC, a banking and brokerage firm in San Francisco. "(Patch management) tools in the past have had a degree of complexity I am not comfortable with at my organization."
"Management vendors are getting into security by spotting traffic patterns and packet characteristics that could be indicative of an internal or external attack," says Glenn O'Donnell, program director at Meta Group Inc.
Among companies looking to impress N+I attendees is newcomer Autonomic Software Inc. The company plans to introduce its Autonomic Network System and Administration (ANSA) software, which is designed to automate distribution of patches across servers and desktops. Company executives say Autonomic will compete with Symantec Corp., which recently announced its plans to add systems and patch management to its security products.
Sikon is evaluating the Autonomic product and says it could eliminate the manual server and desktop visits his staff of 40 perform when patching systems.
The software combines asset inventory and discovery tools with up-to-date vulnerability and virus data to ensure systems are patched before a breach in security. ANSA performs an initial automated discovery of IT assets and then begins scanning networks for potential vulnerabilities. When open router ports or unpatched servers are found, the software uses pre-defined policies to deliver patches, lock down ports and quarantine servers. The software also tracks application versions, licenses and usage on server and desktops.
Autonomic hosts a data repository, which is kept up to date with vulnerability and patch data. Customers install centralized software on a dedicated Windows server and are connected to the repository, which sends updates over the Internet via XML interfaces and Web services.
Pricing for ANSA starts at US$35 per agent for up to 100 agents and $13.50 per agent for more than 2,500.
NetQoS Inc. also will use N+I to strut its security stuff. The company is expected to preview additions to Version 6.0 of its flagship ReporterAnalyzer software that enable vulnerability scans across a network. The company's performance management software, which comes packaged on a Dell Inc. or Hewlett-Packard Co. box, now can perform vulnerability scans across network traffic. The new Virus Scan Wizard can isolate infected devices based on traffic thresholds for a specific port and capture real-time traps of the events leading up to the problem so that the data can be analyzed.
NetQoS uses a data collector that sits near core network routers, a data interpreter that is connected to a hub router and server reporting software. The collectors passively monitor Cisco NetFlow traffic, compress the data and send it to the interpreter, which sorts it out for network administrators using a Web browser-based console. The upgraded software costs $50,000.
Also at the show, Solsoft Inc. will demonstrate Version 6.0 of its Policy Server software for tracking events across firewalls, routers, switches and VPN gear. The upgraded edition features a new reporting tool that can be used to extract audit and change history information from a centralized repository of security policies. For example, if a worm that uses a certain port strikes a company, a network manager can use Policy Server to quickly determine which servers allow traffic on that port and lock them down, the company says. Another new feature enables network managers to automatically provision multiple fully meshed and hub-and-spoke IPSec VPN tunnels. Version 6.0 is scheduled to ship in the third quarter priced starting at $15,000.
Separately, NetIQ Corp. next week plans to unveil two upgraded products: Security Manager 5.0 and Vulnerability Manager 5.0. The vendor is adding integration between its security and application management products, and has partnered with TruSecure and Shavlik Technologies to provide vulnerability intelligence and patch management capabilities to its products.
Security Manager 5.0 collects security events from multiple points on customer networks, then filters, correlates and normalizes the events to alert IT staffs about the source of any threats. Vulnerability Manager 5.0 scans networks for known problems and now works with technology from Shavlik Technologies LLC to distribute patches.
Pricing for each product ranges from $1,500 to $2,000 per server.
In addition to helping firms safeguard their networks against attacks, vendors at N+I will focus on application performance.
Start-up Optimum uses distributed appliances and technology-specific software modules that collect and deliver performance metrics to a centralized server to optimize the performance of voice, audio and video applications over IP, public switched telephone network and wireless networks. The system monitors applications for packet loss, jitter and overall quality.
Enterprise pricing for the company's Concerto offering starts at $48,000 and varies depending on network configuration and software modules purchased.
Separately, Entuity Inc. will unveil Eye of the Storm 3.5, which now includes a reporting engine that taps into the product's historical database and lets network managers query data and then create reports based on multiple metrics.
Eye of the Storm resides on a centralized server and uses a combination of automated discovery, event traps and polling algorithms to extract data from network, system and application sources.
Also new in Version 3.5 is configuration support for Service Assurance Agent probes built into Cisco Systems Inc. devices. Version 3.5, starts at $50,000.