Data Deluge

Security systems generate an overload of information. New tools help manage it all more effectively.

InformationWeek Staff, Contributor

August 16, 2002

2 Min Read

For Lehman Brothers, the investment has paid off. Security teams monitored so many points within systems and networks that "something had to bring them all together," Engle says. Late last year, the firm deployed Intellitactics' Network Security Manager to monitor and correlate security-related events that occur across firewalls, intrusion-detection systems, operating systems, and E-commerce apps. If other companies haven't yet evaluated event managers, Engle predicts, "they will."

Improvements in reporting features and scalability should generate interest. Until recently, many products would get bogged down if they had to monitor more than 1,000 devices, Gartner security analyst John Pescatore says. Security-event management vendors have worked on scalability, but he still advises companies to conduct thorough tests first. "You want to run them live on some of your own chatty systems for a period of time and see how they perform," he says.

A need for better incident auditing, trending, and correlation reporting was one of the reasons Online Resources Corp. deployed netForensics in April, IS security officer Hugh McArthur says. The provider of financial services to banks and credit unions wanted to consolidate all of the information and alerts coming from its security logs and extract meaningful information. "This makes it a lot easier," McArthur says. "We've standardized our alerts, and we can drill down to see the types of events happening on our devices from the console."

This week, netForensics is expected to announce it has signed 20 new customers, and e-Security will unveil a new version of e-Sentinel that improves its analysis and reporting capabilities.

Security professionals are watching the developments with caution and enthusiasm. All of corporate America is looking at console products but wants to be sure of their maturity and functionality before reaching any conclusions, says David Zanca, FedEx Corp.'s chief information security officer.

Lehman Brothers' Engle is a believer, though. "Thousands of events down' to a couple hundred? To guys like me, that's exciting." Now, when his pager goes off in the middle of the night, he'll rest assured that he's losing sleep for good reason.

-- with Marianne Kolbasuk McGee

Photo of Chris Leach by Jim Callaway

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights