Rendition Networks this week announced new features for its TrueControl configuration management software that adds support for existing authentication methods and ensures network compliance with pressing government regulations.
The Redmond, Wash.-based network configuration vendor's TrueControl software now supports SecurID Authentication, a dual-factor authentication method developed by RSA Security Inc. TrueControl can now use SecurID to authenticate users. And, once a user is authenticated, the network device then use SecurID to authenticate TrueControl, said Eric Vasbinder, Rendition's product manager.
TrueControl also now supports Terminal Access Controller Access Control System (TACACS), an authentication method developed by the Department of Defense and Cisco Systems Inc. that many businesses already use to authenticate operations and engineering staff.
In recognition of how much the Sarbanes-Oxley Act of 2002, which were meant to address accounting issues, has begun to affect networking, TrueControl now includes a compliance feature. Its Compliance Center enables internal and external auditors to verify and enforce policies on network devices and obtain reporting on device configuration.
The compliance features are needed because Sarbanes-Oxley requires executives to sign their names to financial reports, asserting their veracity. If the network is compromised, financial data may also become compromised, Vasbinder said. Therefore, executives need to be able to document that their networks are secure and adhere to best practices in order to ensure that their financials are accurate.
"Because of regulatory compliance, IT organizations have to have a better idea of how their networks are configured and how that changes over time," said Glenn O'Donnell, a program director at Stamford, Conn.-based research firm Meta Group.
The need for such configuration management software is growing, O'Donnell said. While Sarbanes-Oxley is forcing businesses to report on their network configurations, security, voice communications and wireless technologies are adding more complexity to data networks, as companies add devices and software to accommodate them.
"If you have to have people taking care of configuration management, it costs a lot because the number of devices is growing exponentially," said Dan Golding, a senior analyst with Midvale, Utah-based research firm Burton Group. "Throwing people at that problem is not scalable; you have to apply a system to it."
"CiscoWorks is fine for five routers," Golding said, referring to Cisco's network management software, "but it does not scale well. These third-party solutions are designed to scale."
O'Donnell agreed that even businesses with single-vendor networks should consider these third-party offerings.
"Customers are becoming disillusioned with vendor-supplied management systems," O'Donnell said. "Cisco is not in the business of selling CiscoWorks; it is in the business of selling hardware."
But the market for configurations management software remains small, only about $15 million, according to O'Donnell. But there are already a number of vendors testing the market, including Voyence Inc., AlterPoint Inc. and Intelliden Corp. O'Donnell expects the market to grow as businesses realize the value of getting device configuration under control.