A moving target, enterprise security is in constant need of assessment. For years, many organizations turned to outside IT security firms to assess their networks. However, with the introduction of a number of new security and vulnerability assessment tools, vendors are now giving companies the option of taking assessment into their own hands.
With the widespread use of the Internet and the introduction of new vulnerabilities into the network, security assessment is coming into the spotlight with many organizations beginning to think about adding this next layer of security protection. Why? Because these products are designed to detect weaknesses in an enterprise network before problems occur, providing security managers with proactive tools. International Data Corp. (IDC), Framingham, Mass., expects the security and vulnerability assessment product market to reach $700 million by 2004, that’s up from $170 million in 1999.
Organizations can’t afford to sit around and wait for a network attack. “Security managers need these tools because networks have become so complex and companies can’t expect to be able to button up every network vulnerability,” says Charles Kolodgy, research manager at IDC.
To the rescue are vendors such as Bindview Corp, Houston, Texas; eEye Digital Security, a division of eCompany Inc., Aliso Viego, CA; PGP Security, a Network Associates Inc. company, Santa Clara, CA; Qualys Inc., Sunnyvale, CA; Sanctum Inc., Santa Clara, CA; SPI Dynamics Inc., Atlanta, GA; and WebTrends Corp., Portland, OR; to name a handful.
Vendors are offering more than cookie cutter solutions. For example, some products are, reportedly, able to detect known vulnerabilities while others detect unknown vulnerabilities, as well. Another area of product differentiation is in the ability of the tools to fix the problems it finds. For example, Retina 3.0 from eEye, has a FixIT feature that provides network administrators with a description of any found vulnerabilities, info on how to fix it, or access to a FixIT button which can repair the vulnerability locally or remotely. Finally, some vendor’s products work at the network level while others, like Sanctum’s AppScan 2.0 works at the application level, according to the company.
Additionally, there are two areas where security and vulnerability assessment products can be used. For example, there are host-based products where software agents are placed on large numbers of systems from large servers all the way down to PCs. These agents then report into a centralized management system to give the owner a view of the environment. Network-based vulnerability assessment describes products where a dedicated server or appliance sits on the network to assess vulnerabilities.
Taking another spin on security and vulnerability assessment is Qualys, a provider of online network security services. The company’s flagship service, QualysGuard, continuously audits a customers network via the Internet to detect and assess vulnerability, reportedly taking a hacker’s view of the network.
According to IDC, the cost of vulnerability assessment software can range from $695 per server all the way up to $15,000 for 1,000 nodes. On average, however, Kolodgy estimates costs in the vicinity of $1,000 per server.
Lynn Haber writes on business and information technology from Norwell, MA.