Published: 07 July 2010
Centralized management was one of the three key things that IT Security Administrators highlighted in a recent survey carried out by Osirium which ‘could make their life easier in managing security devices’.
This, on the face of it puzzled me, because I was under the belief that the majority of security vendors provided software to manage their devices. A quick search on the Internet seemed to confirm this, with many security vendors highlighting their centralized management capability.
So why would a bunch of administrators say that centralized management would make their life easier when all these security vendors are already offering this capability? I rationalized two possible reasons.
Firstly, there might be a disconnect between what vendors say they deliver and the functionality expected by administrators. Although vendors state they provide centralized management, the administrators, who use their tools on a daily basis, don’t accept that what they have is actually centralized management.
Secondly, in reality there is no true centralized management capability. With multiple vendor technologies in place there is no single platform that administrators can use to manage all these different products. Administrators use the specific vendor tools to access and manage those vendor’s devices, so with a deployment of over 10 vendors, they could have that number of management tools which isn’t what I would call centralized management – actually having to use 10 separate tools would probably drive me round the twist.
So what is true centralized management? Well, everyone will have their own differing views. For me, centralized management is having a single software interface through which administrators can connect to any device in their network, regardless of vendor, and manage that device.
By managing, I mean anything from provisioning a new device, installing patches, gathering or directing data (tech.outs, syslog traffic, compliance reports), scheduling backups...the list goes on. The software should also have the flexibility to interface with other systems to enable other functions like the ability to provision, revoke or change the roles and responsibilities of users across multiple devices. I will talk more about this in our next blog around Identity and Access Management, which was the third area highlighted by Administrators which could make their life easier when managing devices.
Whether administrators will get a true centralized management solution for security devices is an interesting question. Security vendors are likely to be resistant because it makes it easier for organisations to change vendors, which they are more likely to regard as a threat rather than an opportunity. That leaves other parties to develop these solutions, but these companies will face numerous challenges, ranging from non-co-operative security vendors through to finding ways to allow their solutions to handle multi-vendor deployments, typically seen in today’s organisations.Add your text here.