NEC developing network security analysis system
It will automatically monitor and analyze security tools deployed in a network
March 23, 2005 12:00 PM ETIDG News Service -
NEC Corp. announced today that it is developing a network security system that will automatically monitor and analyze the configuration of security tools deployed in a network and suggest changes to fix any vulnerabilities or redundancies that exist between them.
The system is intended for use in networks where a mix of security tools, such as firewalls and intrusion-detection systems, are being used to guard against worms, viruses and other malicious traffic. As servers and client computers are added and removed from networks, and as security tools are installed or taken away, security holes, redundancies and other "mismatches" can appear in the security configuration, said Riyuuichi Ogawa, principal researcher at NEC's Ubiquitous Intelligence Technology Group.
"Security boundaries are constantly changing, and one of the most urgent needs is to be able to perform a security health check to reveal weaknesses," Ogawa said.
NEC's product, which is still being developed and may not go on sale until early next year, will analyze the configuration parameters of the security tools in a network to detect any holes or overlap between them, according to the vendor. For example, it will detect when FTP data is being allowed in through a firewall but is not being monitored by an IDS. In addition to identifying weaknesses, the system will propose revisions to correct any problems, Ogawa said.
The system uses a language called Security Configuration Coordination Markup Language, or SCCML, which is able to describe the filtering and monitoring functions of firewalls and IDSs, Ogawa said.
In Japan, about one-third of the incidents of unauthorized access to enterprise networks result from mismatches in the configuration of security systems, according to a January report by the Information-technology Protection Agency (IPA), an organization affiated with the Japanese government that promotes IT security. Another third are caused by the use of older, vulnerable software, and the remainder by misuse of user identifications and passwords, according to the IPA.
While security tools exist to patch vulnerable software and improve ID and password security, none provide a unified analysis of the protocols used by the firewalls and IDSs, according to NEC.
Because a single firewall might have more than 1,000 filtering rules, finding mismatches among security systems can take network administrators hundreds of hours. NEC's system can perform its analysis in minutes, Ogawa said.
"As far as we know, this is a world's first for this type of technology," said Hiroshi Katayama, general manager of NEC's Internet Systems Research Laboratories.
Analysts said NEC's technology could be significant for businesses, since
Reprinted with permission from
Story copyright 2009 International Data Group. All rights reserved.
Security
Additional Resources



White Papers & Webcasts
The State of PCI DSS Compliance at Organizations Today
Download this resource today!
Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...
Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.
Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.
Why Email Must Operate 24/7 and How to Make This Happen
Learn how to avoid an email outage by implementing a hosted email continuity solution.
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Eradicate Spam & Gain 100% Asurance of Clean Mailboxes
Get this paper now!
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Mastering eDiscovery: The IT Manager's Guide to Preservation, Protection & Production
Get this paper now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
