Information security architect Joe Judge faced a security challenge. But he didn't want to have to become an expert in Simple Network Management Protocol (SNMP) to solve it.
Judge monitors security for not only the 150 servers under the roof of his employer, Boston-based Adero Inc., but also for the 200 servers Adero runs at facilities around the world. Those remote servers are critical to Adero's business of speeding the delivery of Web content to users. But since Adero doesn't own most of the remote facilities, it can't guarantee physical security at those sites.
"I wonder if a locked (server) cabinet is open in Hong Kong right now, and is someone touching our machine," says Judge. That's the sort of information typical network management products don't gather, never mind most security tools.
But Judge found a way to track this information relatively painlessly using the Open e-Security Platform from E-Security Inc. The Melbourne, Fla.-based start-up, founded in July last year, claims to offer the only comprehensive, real-time view of all of a company's security monitoring tools.
While that claim is open to question, several customers and analysts agree that the e-Security platform is easier and less expensive than other approaches currently available. Enterprise management products such as Computer Associates International Inc.'s Unicenter, Hewlett-Packard Co.'s OpenView or those from Tivoli Systems Inc. could gather and present security data, but only "with difficulty," says Steve Hunt, an analyst at Stamford, Conn.-based Giga Information Group Inc.
On the other hand, e-Security is a start-up dealing with some of a start-up's classic growing pains. Last month, co-founder, President and CEO Steve Kahan resigned and Chief Financial Officer Joe Marcus was fired in response to pressure from investors for tighter financial controls and a stronger management infrastructure. Says newly named President and CEO Nicola Sanna, "We see the security market exploding in 2001, and we want to be ready to scale up and be able to sustain our growth." Sanna says no other jobs have been cut and no changes are expected in the firm's technology or marketing strategies.
Consider Judge's open-cabinet problem. Rigging up a door switch to the server's parallel port would be easy, says Judge, but "HP and Tivoli don't monitor that. For you to write a program (that would capture such alerts), you would have to have a set of skills most people don't have." But using e-Security's Administrator Workbench, "in less than 15 minutes, I (wrote) a small script to read from the parallel port," he says.
Filling a Niche
Summit Bancorp was able to get the Open e-Security Platform up and running "within about 12 to 15 days," says Wayne Browning, vice president and information security manager at the financial services firm in Ridgefield Park, N.J. That short implementation time is even more impressive, Browning says, considering that it included linking Windows NT event logs, Novell Inc. network auditing tools, remote-access servers, antivirus applications, intrusion-detection systems, host-based policy monitoring, Web servers, external routers and firewalls, among other systems.
That's why Sanna compares using the e-Security platform with having an air traffic controller's view. The console is a Unix application running on a Solaris workstation and can present physical, logical or entity relationship views of security data gathered by software agents or from SNMP data already created by security products such as firewalls. Then there's the workbench for developing scripts and filters needed to monitor a customer's environment.
Giga's Hunt says e-Security "fills a niche" as a complement to large management suites such as Tivoli.
E-Security's Chris Pick, vice president of product management, is more upbeat, saying e-Security is a good match not only for corporate customers but also for the growing ranks of managed service providers that outsource parts of a customer's information technology function.
"We believe there is a huge market there for this stuff," Pick says. Especially if that "stuff" can solve security problems more easily and cheaply than the big boys of enterprise management can.
Scheier is a freelance writer in Boylston, Mass.
Executives at e-Security like to call their product the Switzerland of security - the only neutral platform where security managers can get real-time data from all their security tools.
In contrast, many competing consoles ship as enhancements to existing enterprise management or security tools.
"Hewlett-Packard's OpenView is often used to do much the same thing, but it takes some work," says John Pescatore, an analyst at Stamford, Conn.-based Gartner Group Inc. Computer Associates' Unicenter and the Tivoli framework can also be used to gather and display security information, he adds, "but the choice of security products that work with those tools (is) limited, and it requires enterprises to make big investments in those frameworks."
Another disadvantage of such products is that management tools and the staff who monitor them are looking for data that will help them keep their networks running. Security staff, on the other hand, "look for malicious or anomalous security events" and need tools tailored for that purpose, says Giga Information Group analyst Steve Hunt.
The following are among the players competing in this new area:
Computer Associates International Inc.
CA's eTrust is an integrated security suite that can detect, analyze, warn of, prevent and cure attacks, including malicious mobile code, worms, viruses and intruders.
IBM's SecureWay First Secure is a framework that lets managers integrate security for Web and legacy systems, Tivoli Availability products for uninterrupted network services and Tivoli Administration products that offer centralized management for secure networks.
OpenService's SystemWatch monitoring platform "ships with all of (Nokia Internet Communications Inc.'s) Internet security appliances and can manage Check Point and (Internet Security Systems Inc.) products," says Pescatore.e-Security Inc.
Location: 700 S. Babcock St., Suite 200, Melbourne, Fla. 32901Telephone: (800) 474-9191Web: www.esecurityinc.comNiche: Provides a single, integrated, real-time view of a customer's multivendor security environmentWhy it's worth watching: It's among the first in a key niche. Customers and analysts say its tools are easier to use and less expensive than those of competitors.
Company officers: - Arthur Allen, founder and chairman - Nicola Sanna, president and CEO- Shazia Azami, interim chief financial officer- Chris Pick, vice president, product developmentMilestones:- July 1999: Company founded; product suite released- October 1999: Wins Du Pont Co. as a customer- January 2000: Announces integration with 29 security productsEmployees: 50; expected to double within a yearProfitability date: Expected by the middle of next yearBurn money: US$5.5 million from Allen and other sources; a $20 million round is expected this fall.
Product pricing: $32,995 for the Open e-Security Platform; $7,995 for e-Security Administrator Workbench; $250 to $2,500 for each security device or software tool linked to Open e-Security PlatformCustomers: Du Pont, Summit Bancorp, Adero, EMC Corp. and First USA Bank NAPartners: Andersen Consulting, Computer Sciences Corp., DynCorpRed flag for IT: Larger competitors might acquire this small startup.