HP, IBM, Sun to unveil server security initiative

HP, IBM, Sun to unveil server security initiative

Hewlett-Packard (HP), IBM and Sun Microsystems are allying with three security providers to announce an open standards initiative for safe computing on August 5.

Although the vendors have not divulged the details of the initiative, Gartner analyst John Pescatore said that the announcement centres around the adoption of a technology allowing companies to monitor changes made to software on servers.

Pescatore said he was previously briefed on the subject and that the initiative will bring technology from Tripwire to HP, IBM and Sun's server products.

The announcement is being made with Tripwire, RSA Security, and InstallShield Software.

Tripwire develops technology that uses digital fingerprints and is designed to let companies see if software on their servers has been changed. RSA will make the digital signatures, Pescatore said, and Tripwire will provide the signature database.

InstallShield provides software that enables the distribution and management of software and digital content.

Using the technology, a company would be able to tell if a hacker takes a software module and puts a trojan program version in its place, Pescatore said, because it would not match the fingerprint of Sun, HP or IBM's software.

According to the analyst, 80 per cent of the most common attack paths involve changing the software on the machine.

"This is pretty effective for (fighting) common attacks," Pescatore said.

However, he noted that the "obvious downside is who is missing" - Microsoft and Linux vendors.

"Everyone has Microsoft servers in the mix," Pescatore said, so the security offered by the initiative will not be as strong as it could be if Microsoft were involved.

Sun has invested in Tripwire in the past and it's possible that it could include the auditing technology in its Solaris operating system, Pescatore said. Whether HP and IBM include the technology in their software or just make it available with their products remains to be seen.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.


Show Comments