News
In the News
Software suite checks compliance
By Loring Wirbel
April 4, 2005
Courtesy of EETimes
Orlando, Fla. — A security startup will launch a compliance management system at the InfoSec World Conference here that brings together policy management, security enforcement and compliance monitoring in a software suite based on a proprietary policy language.
Ram Krishnan, vice president of marketing at Elemental Security Inc., said that the impetus for forming the company was the lack of compliance enforcement mechanisms made evident in the aftermath of new laws affecting corporate policy, such as Sarbanes-Oxley and HIPAA. There are many information security tools, Krishnan said, but none that link policies on security directly with hardware discovery, configuration and similar statistics typically collected by network-management packages.
Elemental claims firsts with its proprietary Fuel language; its grouping mechanism, which can assign hardware platforms to multiple groups without a resident software agent; and its distributed packet-filtering mechanism, which can listen to Layer 2 traffic both within and surrounding a particular hardware platform.
Elemental's chief technology officer is Dan Farmer, the author of such policy tools as COPS and Titan; its software director is Guido Van Rossum, author of the Python scripting language. The pair pulled together common concepts with the help of chief executive officer Peter Watkins, formerly the CEO of Network Associates. Early on, the development team decided the approach would need a dedicated policy language that could invoke network behavior from high-level policy declarations.
GUI and API
Elemental has developed a graphical interface that facilitates the mapping of policy to the Fuel language. "For the security policy specialist, no programming knowledge is needed whatsoever," Krishnan said. "Fuel is a high-level scripting language that can be implemented using just the GUI."
But Krishnan added that Fuel will also have an application programming interface that will permit programmers to develop custom extensions of the Fuel policy templates.
The Elemental Compliance System software suite resides on a central server, which runs Fuel and dynamically creates network hardware groups based on the operating system, corporate tasks, physical network attributes or scores of other variables. A single node could be a member of several groups — for example, an engineering development group, a platform running Solaris and a member of a wireless network.
Based on group membership, the server checks configurations, looks for unauthorized access attempts and autodiscovers hosts. When an unknown platform tries to join a wireless-LAN group, for example, the system can block access and then send a report to the network manager about an unknown or "rogue" host.
The policy-based packet filter enhances the discovery tools by keeping a constant watch on the packet traffic within and among dynamic groups.
Updates accommodated
The tools are particularly useful when updates are mandated and universal, for example when new security policies are generated by the National Security Agency or when new laws requiring information segmentation and monitoring are passed.
In theory, Elemental could create vertical slices of its compliance software for specific markets and policy domains, although Krishnan said that the company first wants to see the general-purpose tools adopted.
Elemental has joined the Cisco-led Network Admission Control initiative, which is an effort to enforce security policies in order to halt malicious attacks on networks.
The software from Elemental integrates with the Cisco Trust Agent, and Elemental said that it plans to work with a range of companies on agent integration with its core compliance-management technology.