Georgia improves portal, security
- By Dibya Sarkar
- Jan 28, 2003
State of Georgia portal
As Georgia's state government moves toward connecting all its agencies to a new portal, it also is strengthening network security across the board.
In recent weeks, the state announced two new initiatives:
* It signed a $2.8 million contract with Fairfax, Va.-based webMethods Inc. for integration software for its portal.
* It announced the implementation of a behavior-based intrusion detection system, developed by Atlanta-based Lancope Inc., as part of its layered threat management infrastructure.
Bob Wynn, the state's chief information security officer, said the Georgia Technology Authority — the agency responsible for all statewide information technology planning — has been providing network security for two years for the state's 150 or so agencies. But systems it has deployed, such as firewalls and signature-based multiple intrusion detection systems, can only prevent viruses whose signature is known.
"It works very well, but there's a major flaw. It has to be a known attack, otherwise the signature wouldn't exist," he said. "Real serious hackers can create new attacks."
To complement signature-based systems, Wynn recently installed a behavior-based system from Lancope called StealthWatch. He said the technology first establishes the baseline of what is normal activity on a network. Then it automatically monitors the network for anything anomalous or unknown and notifies the network administrator. It responds to external attacks or internal misuse and stops anything malicious. But if the activity is something legitimate, then the network administrator can let it through, he said.
"I think it's incorrect to try to view security from the perspective of black/white, on/off," he said. "It's more of a model of risk. Are we safer today than we were yesterday? Did we take steps today that secured our infrastructure? You cannot reduce risk to zero. It cannot be done."
But fairly new technologies, such as the behavior-based intrusion detection systems, can help reduce the threat of new viruses and worms, he said.
Such network security is especially important as Georgia continues to develop its portal. Last spring, it signed a multimillion-dollar contract with Sun Microsystems Inc. to develop the portal. Since then, webMethods software was "interweaved" into the portal design as the integration backbone, said Len Pomata, the company's government division president.
"Our technology would be supportive of the portal development that Sun was doing and probably enhance its performance in being a little bit more robust in terms of how they want to view the use of the portal," he said. "Our role as the integration platform is to connect in all the agencies as they come in to the portal."
He said the Georgia contract "sort of launches us into the portal business. Our expectation is to move forward. We should be able to take this particular success and then go forward into a number of other states that are looking for the same technology."