Camelot Protects The Network Castle

Camelot's Hark! platform takes a passive approach to access control, which has traditionally been done by manually establishing user access privileges.

As Medieval legend has it, Camelot was the castle from which King Arthur reigned over and protected England. Todays Camelot provides a hands-off tool that allows I-managers to reign over and protect network resources from the dangers of real life.

But unlike the storied Knights of the Round Table, who defended Camelot from outside attackers, modern-day Camelot looks for the threats inside the castle walls. Camelots Hark! platform takes a passive approach to access control, which has traditionally been done by manually establishing user access privileges.

"This is the solution to the No. 1 problem in the enterprise, which is unauthorized access by authorized users," said Moti Dolgin, general manager of Camelots Americas operations. "Hackers get the media attention, but most damage comes from inside and most of that is intentional."

In fact, the 2000 Computer Security Institute/FBI IT security survey found that 71 percent of unauthorized network access comes from inside the firewall. And according to Aberdeen Group, 75 percent to 85 percent of all computer crimes are committed by authorized users.

Camelots Hark! uses sophisticated algorithms to monitor network activity, such as which resources users access and when, how long they were in and from where they were accessing it. An I-manager attaches Hark! to the network and lets it record this activity for a couple of months. Once the program has mapped the habits of the entire enterprise, the I-manager flips the switch and Hark! is then ready to shout when something seems amiss.

For example, if a user accesses an application he never usually accesses, an alert would go off to the I-manager to either close off access to the resource and take action against the user, or check with the user to see if his job has changed and decide whether regular access needs to be granted.

Dolgin said that with the ailing economy and increasing layoffs, its more important than ever to keep track of access controls. "Employees accumulate permissions and leave the company, and the accounts stay open for some time," Dolgin said. "In a downsizing time like this, when employees become former employees, the significance of disgruntled employees becomes higher."

Several customers are evaluating Hark!, and Camelot is currently attempting to turn them into paying customers, as well as opening the platform to the rest of the world. A similar solution is available with Computer Associates Internationals Unicenter network management platform, using its Neugents neural network intelligence technology.

Eric Hemmendinger, Aberdeens director of network security research, said that Hark! is best suited for environments that dont have a lot of change in the user population. He also said that traditional methods of manually setting up access controls has frustrated many I-managers.

"Historically, access control is set up on the basis of setting up rules for who can do what and who cant do what," Hemmendinger said. "Theres an awful amount of people who have tried to implement that stuff, and today have no hair left."

According to Hemmendinger, the best way to implement Hark! is to start by letting the system learn on its own, and then tweaking permissions when necessary.