City admin sets up view of network
- By Dibya Sarkar
- Nov 04, 2002
City of Flagstaff
As the sole information systems administrator for Flagstaff, Ariz., Tim
Van Cleave is responsible for ensuring that employees have proper access
to the city's network in addition to detecting and preventing unauthorized
But it's not easy for one person to maintain and administer nine Novell
Inc. NetWare servers, four Microsoft Corp. Windows 2000 servers and 400
or so accounts.
After trying several other products, Van Cleave settled on technology
from Orem, Utah-based NetVision Inc. He has had NetVision in place for six
months, and it enables him to manage accounts over multiple systems in an
efficient and intuitive manner from a centralized viewpoint, he said.
"It saves me a world of hurt," he said. "It saves me a phenomenal amount
of time to begin with. I see and understand much more of what's going on."
Flagstaff is typical of many cities, which have understaffed IT departments
and individuals who wear multiple hats as application and security administrators,
said Jim Allred, vice president of marketing for NetVision, which also has
clients at the state and federal levels.
"That's why we have worked well in these environments," he said. "Rather
than a buyer having to go out and buy multiple products to look at different
things, we go to them with a suite of products that do several critical
things that solve several critical business needs." Such needs range from
user identification management to intrusion management to directory integration.
NetVision's security management technology helps administrators automate,
synchronize and manage multiple operating systems and directories, e-mail
systems and other databases.
Todd Lawson, NetVision's president, said running a network is "definitely
like having kids." When network users intentionally or unintentionally access
files they're not supposed to, they will deny they did it, he explained,
adding that users need better supervision. Most breaches occur internally
— not from outside attacks — security experts have contended.
Lawson said that rather than doing an "autopsy" of a security breach
after the fact, NetVision technology tracks penetrations in real time, kicks
out users from the system if they venture into or download files they're
not supposed to, and alerts administrators via e-mail or pager, he said.
"That's a huge issue with me," Van Cleave said, referring to unauthorized
access to confidential files. The technology is flexible enough to, for
example, limit the number of log-ins a user is permitted and provide more
functionality in regards to password policies. For example, when users change
passwords, the technology synchronizes the changes with all systems that
require a password, so an administrator doesn't have to manually change
every password for every system that requires one.
Installation is relatively easy and the cost is about $29 per user.
Allred said that the technology is scalable for much larger organizations
and governments and the return on investment can be achieved in four to
six months. Despite budget troubles for state and local governments, security
management is vital, Lawson said, adding that the company's sales are 40
percent above where they were last year.
"When we talk about securing our network, we're not talking just about
an insurance policy here," Lawson said. "Because we're able to go in and
automate many of the tasks on a day-to-day basis, we have significant savings."
In a soon-to-be released Version 4.0, NetVision is adding a tool that
enables an administrator to query the system, Allred said. "I do want a
summary of who has rights to what [and] I want you to, in response to the
query dataset, fix everything that doesn't comply," he said as an example.