Trusted Network Updates ID Access Tools

The security vendor touts significant improvement in its flagship product's ability to capture ID-related data and make the information available to administrators.

Trusted Network Technologies introduced a new version of its enterprise identity auditing and access package on July 17, promising new capabilities for companies to garner IT systems management data on the fly.

Available as either software or as an appliance, the Identity 2.5 release boasts the ability to oversee up to 100,000 user accounts and offers increased automation for creating new user and device-specific accounts.

Among the other upgrades is expanded use of the Atlanta-based companys so-called identity drivers, which support the ability for companies to automate user access credentials across multiple IT registries and systems.

Trusted Networks claims the latest version of its drivers allow for account auditing and management authenticated to any Citrix Presentation Server or Microsoft Terminal Services, along with upgraded support for Apples Mac OS X operating systems and its Intel-based hardware.

Other improvements include a retooled directory management application and automated integration with ID access systems that use Distinguished Names identity assignment systems. This includes allowing for use of FQUN (fully-qualified user names).

The identity support features also offer the ability for administrators to import user accounts via LDIF (Lightweight Directory Interchange Format) files.

Identity 2.5, which has a starting price of $15,000, also boasts new audit reporting features offering the ability to search across a wider range of terms and specifications.

The strength of Trusted Networks products lies in the ability for administrators to gain access to more detailed data regarding user accounts, such as in searching for usage information of people who violate company policies, said Rob Ciampa, vice president of business strategy at the security provider.

Auditing firewall traffic, a common way to track individuals behavior on IT networks, wont provide the same level of detail, he said.

"Because of the complexity companies are dealing with and the vast number of sources and routes of identity control, its become harder for enterprises to centralize authentication," said Ciampa.

"The critical information is usually already there, the key is being able to access and search quickly, and we think we can do that by tying a specific person to identity and applications usage more closely."

For example, Trusted Networks technology is being used by the state of Georgia to help track access to its voter registration database, which uses information taken from counties that use their own specific identity management policies.

/zimages/2/28571.gifStudy: Most technology companies have data losses. Click here to read more.

By moving to a unified system of device authentication and suspicious usage parameters, the state was able to create a more organized hierarchy for controlling access to its systems, Ciampa said.

Analysts observed that many companies are still struggling to improve their ability to access and audit data from IT identity management systems.

Federal data management regulations such as the Sarbanes-Oxley Act have encouraged businesses to put stronger authentication technologies into place, but many firms are just beginning to look at the information in a more comprehensive way, said Roberta Witty, analyst with Gartner, based in Stamford, Conn.

"Reporting on access assigned to users will remain a need in information security and compliance/risk management programs; it isnt going away," said Witty.

Witty added: "Identity management project managers in regulated industries should look at implementing a repeatable process to deliver identity management compliance reports and products with strong reporting and attestation capabilities; cost savings can be high."

/zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.