CA: Security monitoring swamps data centers

CA: Security monitoring swamps data centers

Firewalls, filters and intrusion detection systems have proliferated to the point that data center managers are being inundated by terabytes of uncorrelated security reports, Computer Associates International Inc.'s Ron Moritz said in an interview today.

Events have forced network managers to buy into the concept of multiple lines of defense, said Moritz, CA's senior vice president for security, a certified information systems security professional and a founding member of the IT Information Sharing and Analysis Center formed by presidential order in 2000.

But those same network managers are installing so many sensors to record every network event that they 'reach the point of diminishing returns,' he said. 'There's no way yet to process the signals from the noise. It's not in the market today.'

To correlate reports in real time, dump the false positives and skim off only what's relevant, the industry needs to normalize its reporting formats and help managers visualize the results. CA, Symantec Corp., Internet Security Systems Inc. of Atlanta and a few others are working on 'pathways to each other's proprietary solutions,' Moritz said, but so far they are 'stuck at how to extract and normalize the data.'

He said the vendor-driven Oasis nonprofit international consortium might come up with answers first, using Extensible Markup Language. 'It's a deep data mining problem,' he said. The ultimate answer could be 'an immune system concept' for defense in depth.

To make systems sustainable, Moritz said, the industry needs better-educated software engineers; systems to manage access, identity and threats; plus help desk services for security managers. 'It's a very different kind of business intelligence problem,' he said.

CA's eTrust Security Command Center software for access management is in beta release now, Moritz said.


  • 2020 Government Innovation Awards
    Government Innovation Awards -

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected