Interview : Keeping networks on right side of law

IT Week: As chief executive of Intelliden, could you explain how policy-based compliance management can benefit network managers?
Black: Our policy-based compliance management tool defines network policies, and then manages and validates network hardware configurations continuously and automatically. It can flag up out-of-compliance network kit and then resolve that non-compliancy.

What companies do you target?
We focus on any network-driven enterprise, be it a service provider, large financial institution, retailers or logistics firms. They tend to be large enterprises with hundreds or thousands of network devices.

How big an issue is compliance?
I’d be surprised if there were many companies in the pharmaceutical and financial industries that haven’t been audited. The day’s going to come when somebody will be made an example of. IT managers have to demonstrate that they have the means to audit their networks and that their information is secure. Managed service providers are also under pressure to demonstrate that their customers’ networks are secure.

How long does it take your technology to check the compliance status of network devices?
Once our systems are installed, it takes about two hours to “import” a network, which means capturing network device configurations and comparing them against whatever policies a firm has implemented to ensure compliance with specific regulations, such as Sarbanes-Oxley.

How would Intelliden’s technology work in virtualised environments?
Imagine a Venn diagram with two sets, one marked “datacentre infrastructure” and the other “network infrastructure”. The overlap will get greater as firms merge server and network infrastructures. IT managers are trying to reduce datacentre cost by consolidation and trimming operating costs. But currently the big p roblem is that nobody has had a system to manage the heterogeneous elements in there ­ routers, switches, Windows and Linux servers. But our software can; we know the precise physical and logical capabilities of these devices in real time and we’ve modelled those unique capabilities. So if a change needs to be made to a device, for example a firmware upgrade, no changes will be made until our software verifies that the change will actually work and also that it won’t break the compliance policy.