Cooperation from network engineers is critical to the success of security audit and compliance initiatives, as these folks are relied upon to collect the data required for analysis.
The network engineer is taking change requests and is responsible for the implementation, explained Anjali Gurnani with Athena Security. Changes made outside of a change review process could result in changes that leave the network exposed to attackers searching for holes in firewalls, routers and switches. The security group often sponsors adoption of a Network Configuration Manager (NCM) system so that they can monitor the impact of changes made by the network engineer.
The NCM role in security management, Gurnani added, is essentially the change process control and change monitoring. Security managers are looking for audit trails on what changes were made and when.
However, as Tim Bower wrote in a blog at SearchSecurity.com, misconfiguration-based attacks, malicious network penetrations caused by improper network configurations, are second only to software bugs as an attack vector. And many companies offer NCM solutions that fail to achieve the support of network engineers, and are thus not successfully deployed inside many organizations.
So, the trick is finding someone who provides NCM solutions that best fit in with your company, one that the network engineers are willing and able to support. At Athena Security, for example, SolarWinds was the choice because of the number of engineer-friendly and affordable tools available.
The bottom line, says Gurnani, is that no company, especially in this economy, wants to purchase a system that will sit on the shelf unused. Winning network engineers over is hard, but not doing so may be why so many companies still struggle with this issue, despite so many choices in the marketplace.