home
NEWS       BLOGS       FORUMS       NEWSLETTERS       RESEARCH       EVENTS       DIGITAL LIBRARY       CAREERS  
Network Computing Network Computing Powered by InformationWeek Business Technology Network

IMMERSE YOURSELF:

SOA

  |

Data Center

  |

802.11n

  |

Data Privacy

  |		 APO  |

Virtualization

  |

NAC

  |

Security

  |

Network Mgmt

  |

Enterprise Apps

  |

Storage & Servers





Finally! A Light at the End of the Tunnel

By David Willis
our customizable newsletter, sends you security alerts, product updates and software patches on the products you use. Sign up now at www.networkcomputing.com /express/
 Managing security policy for a large organization with a variety of computing platforms is a tough job that gets tougher all the time. Organizations change so quickly that simply keeping systems current is an accomplishment. New systems are added, operating systems and applications are upgraded, network entry points proliferate and new security flaws crop up every day. Staff turns over, contractors come and go, and support departments endure downsizing, leaving fewer people to manage more systems. Typically, those who remain focus on delivering service for end users rather than on network protection.


To view the Report card on
Multiplatform Security Management Frameworks
Multiplatform Security Policy Assessment Tools
The daily task of protecting information falls to the security policy administrator, who has his or her hands full simply managing what's already in place--ensuring that system accounts and permissions are set up properly and that information is always available to those who need it (and no one else). Most often the policies are implemented by others--security managers rarely manage boxes on a daily basis--and they must take care not to make it hard for people to get their jobs done. Policies must be understandable, auditable, enforceable and nonintrusive. It's a tall order.

By comparison, life in a homogeneous environment is easy. IBM mainframe shops have IBM RACF or Computer Associates International's CA-ACF2 for granular security management. Well-established products extend mainframe security management into distributed environments. Tools for administering a single-platform network operating system do an adequate job, with a few well-documented exceptions: In large, interconnected Windows NT installations, for example, the sheer volume of accounts and trust relationships is known to swallow an inordinate amount of administrative time. Unix systems have similar architectural flaws, including limited capacity for management delegation and clumsy access-control-list mechanisms.

Still, while many tools can secure and manage Windows NT, Unix and NetWare within themselves, rarely do they span multiple platforms. Without a mainframe to centralize it all, there is only a handful of security-policy management tools that can control users and resources served by diverse operating systems. Computer Associates, PLATINUM technology and Tivoli Systems have tools that manage user accounts, control file-level access and enforce a policy hierarchy.

Security Gains Each vendor takes a slightly different approach to policy management, but our hands-on experience in Network Computing's Real-World Labs® at Syracuse University and in Dallas showed that whatever the method, these powerful product suites represent a substantial leap forward for large, security-conscious organizations. Given enough time and effort, these suites will save policy administrators work and will align systems more rapidly within the organization.
For an Adobe Acrobat format version of the following charts

Security Management Frameworks: Resource Management

Security Policy Assessment Tool Features

Security Management Frameworks: User Management

For the Side Bar on

NDS Delivers Single-Point User Administration

Framework Too Much Work?

Related Links

Secure E-Mail Clients: Not Quite Ready For S/MIME Prime Time. Stay Tuned.
February 1, 1998

PGP Grows Up
April 15, 1998

IPSec-Compliant VPN Solutions: Virtualizing Your Network
August 1, 1998

Basking in Glory-SNMPv3
August 15, 1998

ADI-4500 VPN Switch Is a Mixed Bag
October 1, 1998

IS Perspective


Security Survey: Is It Safe?
The fifth annual InformationWeek /Ernst & Young information security survey finds IT managers hiring more full-time security pros, centralizing protection, and drawing up recovery plans.
September 8, 1997

Security At The Center
IT security is being integrated into enterprise management, offering single-console control
July 27, 1998

Company Directory
to browse our data, starting with a particular company.

Network Computing Links
allows you to request additional product information from our advertisers.
Print This Page


e-mail E-mail this URL






Ready to take that job and shove it?

Function:

Keyword(s):

State:
SPONSOR
RECENT JOB POSTINGS
CAREER NEWS
10 Search Engines You Don't Know About
Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Yahoo Profits Fall 23%, Cuts 1,000 Jobs
Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

More articles from our career center










InformationWeek U.S. IT Salary Survey 2008
Salaries for business technology professionals are falling. Here's what you need to know in order to make good hiring decisions and personal career choices. Download Today
 
ROLLING RIGHT ALONG
Follow key Network Computing Reviews from conception to completion. This Week: Holistic APM.



Network Computing Reports Emerging Enterprise Podcast Series: Secrets to Success








TechSearch
Microsite of the Week


Powerful Information at Your Fingertips



InformationWeek Business Technology Network
InformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek CIO
InformationWeek EventsInformationWeek ReportsInformationWeek MagazinebMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingNo JitterPlug Into The Cloud
space
Techweb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0 ConferenceMobile Business ExpoSoftware ConferenceCSI - Computer Security Institute
Black HatGTECEnergy CampMashup CampStartup Camp
space
Light Reading Communications Network
Light ReadingLight Reading EuropeUnstrungLight Reading's Cable Digital NewsConstantinopleInternet EvolutionPyramid Research
Heavy ReadingLight Reading Live!Light Reading InsiderEthernet ExpoOptical ExpoTeleco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & TechnologyAccelerating Wall StreetBank Systems & Technology Executive SummitBuyside Trading SummitInsurance & Technology Executive Summit
space
Microsoft Technology Network
MSDN MagazineTechNetThe Architecture Journal
space


App Infrastructure   |   Messaging & Collaboration   |   Network & Systems Mgmt   |   Network Infrastructure   |   Security  |   Storage & Servers   |   Wireless   |   Enterprise Apps
About Us  |  Contact Us  |  Site Map  |  Technology Marketing Solutions  |  Advertising Contacts  |   Briefing Centers
Copyright © 2008  United Business Media LLC  |  Privacy Statement  |  Terms of Service  |  Your California Privacy Rights