Tech Success: EDS secures NMCI with Securify

Find opportunities — and win them.

Electronic Data Systems Corp. in August awarded Securify Inc. a two-year, $5.8 million contract to help resolve a challenge the integrator had grappled with for almost three years: how to secure a huge network rife with legacy applications.

Electronic Data Systems Corp. in August awarded Securify Inc. a two-year, $5.8 million contract to help resolve a challenge the integrator had grappled with for almost three years: how to secure a huge network rife with legacy applications.In October 2000, when EDS of Plano, Texas, won the eight-year, $6.9 billion contract to create the Navy-Marine Corps Intranet for more than 400,000 sailors and Marines, it faced the problem of integrating, at last count, more than 70,000 applications, according to Steve Vetter, a director of strategic planning for EDS.For a network to run smoothly, the security team must know which ports and protocols the network applications use to communicate, so when viruses or unwanted visitors hit the network, they will be easily identified as errant. But with so many out-of-date and home-built applications running, many with unusual settings, making a list of what traffic was supposed to be on the network would be challenging. "We've been wrestling with this problem. There are no silver bullets, but [Securify] was the closest thing we found," Vetter said.Securify's SecurVantage security monitoring software can be used by integrators as well to help manage large networks, said Carl Wright, a former procurement officer for the Marines, and vice president of federal operations for Securify of Mountain View, Calif.The field of network security monitoring tools is competitive, with contenders such as CyberGuard Corp., Internet Security Systems Inc. and Symantec Corp. Securify's competitive advantage is the wide breadth of network attributes that it monitors, Wright said. The software keeps tabs on everything from the host ports to whether someone is using an up-to-date public key infrastructure certificate.Installed at the boundaries between NMCI and other military networks, SecurVantage will help EDS and the Navy in two ways. First, the Navy and EDS can automate discovering the types of traffic that usually run over network. On complex systems, this discovery process can be time-consuming. In many cases, the documentation for the Navy's legacy programs -- for those programs with documentation -- is not accurate. "Many systems engineers made changes to applications, such as changing the ports used," and such changes were not updated in the documentation, Vetter said. Therefore, the only way EDS could determine how an application used a network would be to watch the behavior of that application in action.SecurVantage can automatically characterize the traffic "flowing through" a network and give EDS officials a summary. EDS has begun to deploy it in this discovery process in selected Navy networks. Once traffic is characterized and modified to conform to Navy standards, the software can monitor the network to watch for unusual activity. The software watches activity on firewalls, virus protection software, virtual private networks, routers and authentication and authorization solutions. If the traffic characteristics do not match what is authorized to go over that network, SecurVantage will alert EDS network administrators of the rogue communications. EDS, in turn, submits reports to the Navy's electronic warfare command.With 50 employees, Securify was founded in 1998 as a consulting company, by ex-Netscape Corp. chief scientist Taher Elgamal. The company's product suite grew out of the tools the company developed internally to help financial institutions get a handle on the traffic flowing through their networks. Today, government makes up about 80 percent of the private company's sales, with financial services accounting for most of the rest. The company does not divulge sales figures; however, research company Hoover's Inc., Austin, Texas, estimates Securify's 2002 sales at about $10 million. Other government clients include the Defense Information Systems Agency, which uses Securify's products to secure command and control networks. In addition to the EDS deal, the Navy also uses Securify products for its own responsibilities in maintaining NMCI. Government-focused integrator partners include Artel Inc., Reston, Va., and Washington-based professional services company Centerprise Advisors Inc.Integrators can use Securify to estimate more accurately how much work a potential contract could cost to implement, Wright said. The software can quickly build a characteristic of the traffic on that network, giving the integrator a clear picture of how much work will be needed to meet specifications. This information can help integrators estimate how much to bid for the work. It also helps integrators merge networks. The NMCI project, for instance, involves combining many smaller office and base networks. "What we do is help mitigate the complexity of large enterprise transitions by providing information based on real operational data," Wright said.If you have an innovative solution that you recently installed in a government agency, contact Staff Writer Joab Jackson at jjackson@postnewsweektech.com.

Navy-Marine Corps Intranet

Agency: Navy, Marine Corps

Partners: Electronic Data Systems Corp., Plano, Texas, and Securify Inc., Mountain View, Calif.

Goal: To secure the 400,000-seat, worldwide intranet, EDS security administrators must assure that network applications follow precise Navy policies on which ports, protocols and other procedures those applications should deploy.

Obstacle: With more than 70,000 legacy applications running over the networks that would become part of NMCI, EDS engineers spend considerable time discovering how these applications operate, a process that involves watching the network and documenting application behavior.

Solution: Securify's network monitoring software automates the discovery process, logging what protocols the applications use when on the network. With Navy policies on network usage in place, the software also monitors for unusual traffic.

Payoff: With Securify, EDS now can quickly characterize the behaviors of applications, and therefore correct the unusual programs so they operate under NMCI policy. It also can offer a greater level of security to the services, as EDS has a more precise definition of what traffic is supposed to travel across NMCI, and so can pinpoint errant behavior faster.

Carl Wright is vice president of federal operations for Securify.

David S. Spence

Network monitoring tool helps identify many legacy applications






































NEXT STORY: Brief: Faxing goes mobile