This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mimeat_private for more info. --------------4AC5F17C84A19C7ED82450DD Content-Type: TEXT/PLAIN; CHARSET=us-ascii Content-ID: <Pine.SUN.3.96.990223073311.22244Oat_private> Forwarded From: darek milewski <darekmat_private> http://www.zdnet.com/pcweek/stories/printme/0,4235,391104,00.html Security consortiums fall short By Jim Kerstetter More is turning out to be less for many corporate security administrators. The half-dozen security consortiums that formed last year in the name of easier integration between products have fallen short of expectations, leaving users looking for new answers. Although two vendor groups, the Open Platform for Secure Enterprise Connectivity Alliance and the Adaptive Network Security Alliance, are preparing to deliver new SDKs (software development kits) for integrating security products into enterprise networks, the results of consortiums in general have been mixed. For example, alliances sponsored by other vendors, such as Network Associates Inc., Security Dynamics Technologies Inc. and Finjan Software Ltd., have produced little. "Call me shortsighted, but all I'm worried about is integrating my new intrusion detection stuff with my old network management stuff," said Irv Newman, a network analyst at a Michigan manufacturing company. "And I need to do it soon." Key problems involve gathering consensus within the various groups, which tend to gravitate toward a single vendor's product plans. For example, the 200-member OPSEC Alliance was founded by Check Point Software Technologies Ltd., of Redwood City, Calif.; ANSA, with 60 members, is headed by Atlanta-based Internet Security Systems Inc. Nevertheless, the leading consortiums are starting to produce some results. Check Point released its OPSEC SDK late last year. It included APIs for Lightweight Directory Access Protocol directories, intrusion detection and network management protocols. This year, according to sources, it will be expanded to support more authentication mechanisms, such as X.509 digital certificates and smart cards. In addition, the group has certified more than a dozen vendors for interoperability. "The OPSEC Alliance was started two years ago, and now we have a viable program," said Bradley Brown, director of business development at Check Point. "If I was starting a program like this now, I would say, 'Yes, there's not much point.' At best, it's going to take them two years before they can start providing value." By the end of this month, ISS plans to deliver the first free SDK from ANSA, which was launched last fall. The Adaptive Network Security Management SDK will allow administrators to manage intrusion detection through their existing network management infrastructures. It will be the basis for integration with network management tools from Tivoli Systems Inc., Hewlett-Packard Co. and Computer Associates Inc. Other groups aren't faring as well. WatchGuard Technologies Inc.'s LiveSecurity Alliance, still longing for acceptance, will announce within two weeks the formation of the LiveSecurity Advisory Council. The council will analyze the latest security news, such as viruses and new hacks, and send alerts to customers. But users waiting for the ultimate recipe for security integration shouldn't count on these consortiums, industry analysts said. Instead, they should focus on smaller, individual partnerships that can more nimbly piece together a security infrastructure. One such group is IBM's SecureWay, launched last month, which brings IBM firewall and virtual private networking software together with Symantec Corp. anti-virus software, ISS intrusion detection and Finjan mobile code scanning technology. Security consortiums: A status report OPSEC Alliance (Open Platform for Secure Enterprise Connectivity): Founded by Check Point Software Technologies two years ago to guarantee integration with its flagship Firewall-1. Started publishing software development kits last year. ANSA (Adaptive Network Security Alliance): Founded by Internet Security Systems last fall to guarantee integration with its intrusion detection software. Will release its first major SDK this month. CCI (Common Content Inspection): Pushed by smaller companies such as Finjan and Aventail, it is focused on integration points for inspecting content entering a network and is embracing some of the work out of OPSEC. WatchGuard LiveSecurity Advisory Council: Still in the negotiation stage, it would create a group of security experts for sending out advisories on security problems such as viruses and hacks. --------------4AC5F17C84A19C7ED82450DD-- -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:19:43 PDT