Two network security consoles that promise to simplify and streamline administrative visibility and management have been launched.
Enterprise Password Vault 4.0 by Cyber-Ark was particularly timely, given the findings of new research claiming passwords are largely ineffective at protecting corporate data due to common human error.
A study published by Nucleus Research and KnowledgeStorm said companies should consider alternate authentication practices since strategies to improve password security have no impact.
Cyber-Ark claims it has the only product that provides an enterprise-wide view of privileged password activity that will run on any operating system. It provides graphical analysis, and alerts on password usage activity are highlighted to allow IT users and sysadmins the ability to locate problems and highlight password policy violations.
Also on the market, Protegrity released its latest suite of console management software, Defiance 4.2 for use with IBM mainframe, DB2 and AS400 systems. Claiming another "industry-first", it is designed to integrate database, file and web application security into a single platform for end-to-end protection.
Both the Cyber-Ark and Protegrity releases enter an already expanding market of toolsets, dashboards and consoles, dominated by point vendors like LANDesk, eEye and Cyclades that analyst firm Quocirca’s senior director, Clive Longbottom told Techworld would help in certain enterprise infrastructures and circumstances. But their need to interface with enterprise-wide network security management suites should not be underestimated.
"The key question should be: 'Can my business can cope without this console or not'," he said. "Most of these point solutions have the ability to redirect data as a portlet to one of the main enterprise platforms like IBM’s Tivoli, CA’s Unicentre and HP’s OpenView, even though they say they might be the only console to do something specific like packet shaping or password administration, for example.
"But you have to make sure, if you do use one of these, that the interdependencies between it and other systems are clear. What you don’t want in the event of a security breach is for the context and systems dependency a network-wide management suite can give you to be lost, which is also where business service or business impact management systems come in."