CA: Above the FrayBy Baselinemag | Posted 2005-12-13 Email Print
The company styles itself as a provider of security management tools to help organizations wrap their heads around the task of defending their data.
Computer Associates International doesn't trade in heavy-duty security infrastructure—its arsenal, for instance, lacks firewalls or network-based intrusion detection software. Instead, the company styles itself as a provider of security management tools, to help customers wrap their arms around the task of defending their data.
CA is "not a security company per se," says Stan Gatewood, chief information security officer at the University of Georgia in Athens, Ga. "They cut their teeth on managing large data centers."
But it was precisely the company's heritage in information-technology operations management that caught Gatewood's attention. "It seems to be a logical move from managing network devices to managing information security," he says. The university, which operates 12,000 servers throughout its environment, now uses CA's eTrust Security Command Center to automatically collect information from firewalls and other security devices. It also uses the company's eTrust Vulnerability Manager to analyze which systems are at risk of being attacked or compromised, and to prioritize which ones to fix first.
Another key area for CA is identity and access management software, which tracks who's allowed to access specific systems or information. One advantage of such a centralized authentication system is that it cuts down the number of passwords employees need to remember in the course of doing their jobs. "Password resets arestill the No. 1 issuefor corporate help desks," says Toby Weiss, senior vice president of the eTrust security management unit.
CA actually does get its hands dirty in some security infrastructure areas. Last year it acquired PestPatrol, an antispyware software startup, and it has sold antivirus software since 1996, when it bought Cheyenne Software, a network management tools vendor.
At the National Center for Missing & Exploited Children in Alexandria, Va., PestPatrol cleared up spyware that was debilitating its child-pornography task force. Computers used by the 35-person division, which identifies sites that host child pornography and works with law enforcement to track down the offenders, were being infected at the rate of 200 instances per day, according to Steven Gelfound, the organization's director of information technology.
"We were rebuilding machines constantly," he says. "It was just a nightmare." Another major concern: Spyware able to relay what someone was typing on an infected machine could potentially
swipe passwords for sensitive law enforcement networks.
The organization rolled out PestPatrol in April, primarily because of all the antispyware packages Gelfound considered, it was the only one that works like most antivirus systems. PestPatrol resides in memory and constantly scans activity on a machine. Once he installed the software, "It was like a light switch," Gelfound says. "Now if I find five [spyware infections] per week, that's alarming."
CA's desktop-based agents, however, aren't rolled into a single package—which means that separate programs must be installed on computers to deploy both antivirus and antispyware. "CA says they have all these products, but they aren't integrated," says Mike Howell, an information-technology security consultant at Humana, a health maintenance organization based in Louisville, Ky.
A CA spokeswoman says the antivirus and antispyware agents will be merged in a product called Integrated Threat Management, slated to be available by the start of the new year.