Newsletters Welcome, Guest Log In | Register
Blogs:

Sue Marquette Poremba

Data Security

Securing your data and network, inside and outside the perimeter

About this Blogger RSS

< Previous | Next >

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

  • Daily Edge
  • CTO Edge Update
  • Business Tools & Templates
  • Aligning IT & Business Goals
  • Maximizing IT Investments

0

Network Configuration Managers Can Soothe Audit Jitters

Posted by Sue Marquette Poremba Nov 24, 2009 3:30:44 PM

Cooperation from network engineers is critical to the success of security audit and compliance initiatives, as these folks are relied upon to collect the data required for analysis.

 

The network engineer is taking change requests and is responsible for the implementation, explained Anjali Gurnani with Athena Security. Changes made outside of a change review process could result in changes that leave the network exposed to attackers searching for holes in firewalls, routers and switches. The security group often sponsors adoption of a Network Configuration Manager (NCM) system so that they can monitor the impact of changes made by the network engineer.

 

The NCM role in security management, Gurnani added, is essentially the change process control and change monitoring. Security managers are looking for audit trails on what changes were made and when.

 

However, as Tim Bower wrote in a blog at SearchSecurity.com, misconfiguration-based attacks, malicious network penetrations caused by improper network configurations, are second only to software bugs as an attack vector. And many companies offer NCM solutions that fail to achieve the support of network engineers, and are thus not successfully deployed inside many organizations.

 

So, the trick is finding someone who provides NCM solutions that best fit in with your company, one that the network engineers are willing and able to support. At Athena Security, for example, SolarWinds was the choice because of the number of engineer-friendly and affordable tools available.

 

The bottom line, says Gurnani, is that no company, especially in this economy, wants to purchase a system that will sit on the shelf unused. Winning network engineers over is hard, but not doing so may be why so many companies still struggle with this issue, despite so many choices in the marketplace.

Add a comment Leave a comment on this blog post.

There are no comments on this post

Related Content

Browse

Topic: Change Management

Keeping tabs on costs and benefits of change while minimizing disruption to the company

Blog: Network Configuration Managers Can Soothe Audit Jitters

Article: IT Transformation at Motorola, Staying Above the Waves in a Perfect Storm, Part 3

White Paper: Automating IT Configuration Controls with Oracle Enterprise Manager Configuration Change Console

Related Topics

External and Internal Audits, Security Policy, Security Vendors

Featured White Papers

Browse

Pulse2010: The Premier Service Management Event

Attend Pulse 2010, a four-day, on-location event, and discover how a dynamic infrastructure and service management platform can drive your enterprise's success in the new global economy — plus much, much more!

Tape Fallacies Exposed — The Future of Tape Is Still Bright

Tape isn't going away anytime soon. This Mesabi Group white paper sheds light on the most common misperceptions about tape-based storage.

Resource Centers

Browse

Virtual Workforce

The virtual, remote, and mobile technologies that allow your company's workforce to work anywhere and at any time.

Featured Whitepapers

Virtual Workforce: The Key to Expanding the Business While Cutting Costs

Service Oriented Architecture (SOA)

Service-Oriented Architecture is the catalyst that allows today’s companies to respond to business demands faster and more effectively than ever.

Featured Whitepapers

SOA Strategy: A Comprehensive Yet Flexible Suite for a Pervasive Architecture

Mobile Management

Answers to the ongoing challenges of the mobile office: to work anywhere, securely and efficiently.

Featured Whitepapers

So, You're Responsible for Managing Laptops: Now What?

Database Management

Data management tips and techniques that insure ease of access, comprehensive security and absolute privacy for your invaluable company information.

Featured Whitepapers

Lowering Your IT Costs with Oracle Database 11g Release 2

Premium Tools

Browse

Six Sigma Framework for IT

This collection of tutorials, calculators, and templates will show you how to apply Six Sigma thinking to IT service management.

Learn more >

Budget & Finance Toolkit for IT - 2010 Edition

Download a comprehensive collection of templates, forms, instruction and advice that will help you to plan and submit your 2010 IT Budget.

Learn more >