Supporting the recent CERT Coordination Center (CERT/CC) advisory which identified vulnerabilities in Simple Network Management Protocol (SNMP)implementations, Peregrine Systems, Inc. , the San Diego-based enterprise software maker, today announced that Xanadu, its IT Infrastructure Management appliance, will allow firms to immediately assess their exposure to SNMP’s security flaws.
Peregrine says that Xanadu provides IT administrators with data to help minimize this threats that the CERT/CC says impact commonly used hardware — such as routers, hubs, switches, printers and other managed network devices — as well as operating systems and enterprise software applications.
Xanadu works by helping IT departments identify what hardware and software they have, enabling them to contact the vendors quickly and obtain the corrective patches.
“With Xanadu, our customers have immediate visibility to their entire IT infrastructure in real-time, which allows them to minimize their exposure to the SNMP vulnerabilities immediately — not in days or months, and apply the appropriate patches,” saysFred Luddy, Peregrine’s chief technology officer.
“By managing their IT infrastructure proactively, businesses can respond quickly to potential threats with minimal impact. This proactive approach is another compelling example of how infrastructure management solves real world problems. Organizations that have been slow to adopt infrastructure management solutions can use this opportunity as a catalyst to get started,” he explains.
Say Chip Epps, product marketing executive at Peregrine: “Peregine’s position is that firm’s really need to be cognizant of SNMP’s standards relative to their network IT Infrastructure, and that the best way to do this is to have a very robust, generalized infrastructure management methodology in place.”
The CERT CC’s advisory refers to SNMP version 1, for which security deficiencies
are well known and have largely gone ignored by enterprises, says Glenn O’Donnell Meta Group’s Program Director for Service Management Strategies.
“This sets the stage for a disaster. Most service providers have taken measures to ‘hide’ SNMP from view and therefore, prevent security incidents,” he says.
He argues that the recent CERT advisory is a wake-up call to enterprises and service providers but comments: “It’s like finding a new hole in swiss cheese as SNMP has long been a vulnerability and we are long overdue to take measures to secure our infrastructures.
The first step in this process is to accurately identify network assets and configurations of these assets. Avoidance of this step, or its improper execution, leaves an invisible enemy lurking within the network. Management tools that can discover and examine networked devices will prove crucial to this process.”
Though O’Donnell believes SNMP version 3 is much better for security, its acceptance has been lackluster: “But CERTS’s latest news should accelerate adoption of SNMPv3,” he says.