Automation Through Identity-Based Networking

IT executives today must contend with a broad array of security, privacy and audit related mandates. Whether it is internal policies or external industry regulations such as BASEL II, EU Data Privacy, Gramm-Leach-Bliley, HIPAA, PCI and SOX for financial transparency and information privacy, there is a significant increase in compliance related mandates. CobIT (Control Objectives for Information and Related Technology) is a widely adopted framework for assisting IT organisations with maximising technology while complying with governances. Some companies tout ISO 17799 as validation of their information confidentiality, integrity and availability. An organisation’s network infrastructure must play a key role in enforcing and monitoring compliance.

Through identity-based networking, IT can take what previously may have been an eight-week manual exercise to produce reports for the auditors, and dramatically reduce that to compliance reports produced in real time. Identity-based networks can ensure that only the right people have access to the right information, from the right place, at the right time. Who you are and where you are determines the particular priority or security privileges you have to the information as access controls are built-in everywhere rather than bolted-on somewhere. Role-based policies align the network with business requirements while optimising operations through network management software.  

Why use the network? In today’s service-oriented application architectures, the network is what ties together the virtualised and distributed computing and storage components. The most recent high-profile privacy breaches have compromised data in motion (on a network) whereas in the past, risk was most often associated with data at rest (on a disk or tape).

Learn more about Enterasys Secure Networks’ ability to leverage distributed intrusion prevention, network access control, network behavioural analysis and security information management technologies to help automate your compliance activities online at www.enterasys.com/company/literature/sn-compliance-wp.pdf.