News
In the News
The Security Grab Bag: Elemental Security
Roger A. Grimes
February 10, 2006
Courtesy of InfoWorld
I’ve been ranting lately about things that bug me. This week, I’ll cover a variety of topics that have nothing to do with one another other than my level of excitement.
Elemental Security
Elemental Security's co-founder and CTO, Dan Farmer, is making headlines again. Farmer is famous for his 1995 vulnerability scanner, SATAN (Security Administrator's Tool for Analyzing Networks). Its release ushered a new age of hacking and hacking defense. Dan’s always a good guy for a quote, and during SATAN’s release he told computer security defense vendors something along the lines of, “You’re not mad at me for releasing SATAN. You’re mad at me for releasing it for free.”
His software, Elemental Compliance, is winning kudos and awards for its unique security approach, including a 2006 Technology of the Year award from InfoWorld. With Elemental Compliance, every managed computer acts like a nosy neighbor, looking for arbitrary applications, open ports, running processes, and the content of configuration files and registry database entries. It excels at rules-based access control defined by easy scripting language. As Farmer says, “We can map the way you talk and think about security.”
Here are some examples of types of policies you can define with Elemental Compliance:
- West Coast clients running Kazaa cannot connect to our servers
- Send my Windows policy to my Windows machines in my Sales Active Directory group
- Block VPN users from accessing the corporate mail servers
All of this is done through Elemental Compliance's clickable GUI. The product relies on an Oracle (Profile, Products, Articles) back end, an Apache/Tomcat server center, and a Python-like interpreted scripting language called Fuel. It works with Windows, Red Hat (Profile, Products, Articles) Linux (Overview, Articles, Company), Solaris, AIX 5.2/5.3, HP (Profile, Products, Articles)-UX 11i, and Mac OS X (Panther and Tiger)