Adaptive Security Initiative Debuts at N+I

At the Networld+Interop trade show in Atlanta, Internet Security Systems (Atlanta, announced the formation of a new network security industry group called the Adaptive Network Security Alliance (ANSA.)

Adaptive network security, which ISS defines as automated, integrated, enterprisewide information protection, cannot be implemented without interoperability and information sharing among security products, according to Tom Noonan, ISS president and CEO. "Tomorrow’s e-commerce-enabled enterprise will depend on the ability to integrate every device on the network to manage security risks," Noonan says. "We need to be able to dynamically respond to threats, and that requires integration of every element across the network."

Using software modules and a software developer’s kit developed by ISS, the alliance’s 40 charter members will be able to modify their security products so they can share information about security risks and respond to security threats automatically and in real time.

The first batch of modules from ISS will address firewalls, virtual private networks, anti-virus/malicious code software, public key infrastructure solutions, routers, switches and network and systems management products and services. The modules will enable these products to be automatically reconfigured to break off security attacks; to be correctly configured to prevent attacks based on customized templates; to provide security information to decision support applications; and to integrate adaptive network security management with enterprise system management platforms to simplify the enforcement and implementation of security policies.

Current security systems are unable to react to security breaches in real time in part because they rely on human intervention, Noonan says. "Human beings are dangerous in security situations." A network protected by an adaptive security framework can implement security-related tasks automatically, instead of waiting for human intervention.

Security risks are also increasing because crackers, virus writers and e-mail bombers are using the Internet to communicate and to coordinate attacks, according to Eva Chang, chief technical officer of Trend Micro (Cupertino, Calif.,, an ANSA member who spoke at the launch event. Through ANSA, security vendors will be able to share information about these coordinated attacks, which can affect more than one security product.

Other charter members include 3Com Corp., Brio Technology, Check Point Software Technologies Ltd., Compaq Computer Corp., Hewlett-Packard Co. and Tivoli Systems Inc.