City admin sets up view of network

City of Flagstaff

As the sole information systems administrator for Flagstaff, Ariz., Tim

Van Cleave is responsible for ensuring that employees have proper access

to the city's network in addition to detecting and preventing unauthorized

intrusions.

But it's not easy for one person to maintain and administer nine Novell

Inc. NetWare servers, four Microsoft Corp. Windows 2000 servers and 400

or so accounts.

After trying several other products, Van Cleave settled on technology

from Orem, Utah-based NetVision Inc. He has had NetVision in place for six

months, and it enables him to manage accounts over multiple systems in an

efficient and intuitive manner from a centralized viewpoint, he said.

"It saves me a world of hurt," he said. "It saves me a phenomenal amount

of time to begin with. I see and understand much more of what's going on."

Flagstaff is typical of many cities, which have understaffed IT departments

and individuals who wear multiple hats as application and security administrators,

said Jim Allred, vice president of marketing for NetVision, which also has

clients at the state and federal levels.

"That's why we have worked well in these environments," he said. "Rather

than a buyer having to go out and buy multiple products to look at different

things, we go to them with a suite of products that do several critical

things that solve several critical business needs." Such needs range from

user identification management to intrusion management to directory integration.

NetVision's security management technology helps administrators automate,

synchronize and manage multiple operating systems and directories, e-mail

systems and other databases.

Todd Lawson, NetVision's president, said running a network is "definitely

like having kids." When network users intentionally or unintentionally access

files they're not supposed to, they will deny they did it, he explained,

adding that users need better supervision. Most breaches occur internally

— not from outside attacks — security experts have contended.

Lawson said that rather than doing an "autopsy" of a security breach

after the fact, NetVision technology tracks penetrations in real time, kicks

out users from the system if they venture into or download files they're

not supposed to, and alerts administrators via e-mail or pager, he said.

"That's a huge issue with me," Van Cleave said, referring to unauthorized

access to confidential files. The technology is flexible enough to, for

example, limit the number of log-ins a user is permitted and provide more

functionality in regards to password policies. For example, when users change

passwords, the technology synchronizes the changes with all systems that

require a password, so an administrator doesn't have to manually change

every password for every system that requires one.

Installation is relatively easy and the cost is about $29 per user.

Allred said that the technology is scalable for much larger organizations

and governments and the return on investment can be achieved in four to

six months. Despite budget troubles for state and local governments, security

management is vital, Lawson said, adding that the company's sales are 40

percent above where they were last year.

"When we talk about securing our network, we're not talking just about

an insurance policy here," Lawson said. "Because we're able to go in and

automate many of the tasks on a day-to-day basis, we have significant savings."

In a soon-to-be released Version 4.0, NetVision is adding a tool that

enables an administrator to query the system, Allred said. "I do want a

summary of who has rights to what [and] I want you to, in response to the

query dataset, fix everything that doesn't comply," he said as an example.