Meshing Security Data

NetForensics Inc. is putting the finishing touches on a new security strategy and product that company executives said will help clear up some of the confusion about security information management.

NetForensics was a pioneer of the SIM industry and was among the first vendors to articulate the idea of pulling together data from devices across a network, normalizing it, and identifying patterns and trouble spots.

This correlation and analysis model is now the heart of countless competing products and solutions, and the market has attracted the attention of such security industry leaders as Symantec Corp. and Computer Associates International Inc.

“People have been buying on sizzle,” said Rajeev Khanolkar, CEO of NetForensics, in Edison, N.J. “We took a step back to see what really needs to be done. We decided you have to embed security in the network infrastructure. Its the only way to stop attacks and viruses.”

To that end, NetForensics recently formed a partnership with Cisco Systems Inc. in which the San Jose, Calif., company sells NetForensics software and NetForensics provides a unique reporting and management layer for customers using Ciscos Network Admission Control solutions.

NetForensics also is enhancing its technology platform. The major change will be the addition later this quarter of a security “cockpit” that will serve as a control center for all data entering the system.

Khanolkar terms it “multidimensional correlation” and said it will give customers a view not only of whats happening on their networks in real time but also of where their vulnerabilities are.

The system will also deliver a score card showing customers their risk profile. “We realized its not all about normalization but about fixing the problem in the shortest time possible,” Khanolkar said.