Centralised management was one of the three key things that IT administrators highlighted. In a recent survey it was found that it ‘could make their life easier in managing security devices’.
This, on the face of it puzzled me. Because I was under the belief that the majority of security vendors provided software to manage their devices. A quick search on the Internet seemed to confirm this. What with many security vendors highlighting their centralised management capability.
Why don’t they already have it?
So why would a bunch of administrators say that centralised management would make their life easier? Odd, when all these security vendors are already offering this capability. I rationalized two possible reasons.
First of all, there might be a disconnect between what vendors say and the functionality expected by administrators. Vendors state they do indeed provide it. Yet the administrators, who use their tools on a daily basis, don’t accept that what they have is actually it.
Furthermore, in reality there is no true centralised management capability. With many vendor technologies in place there is no single platform that administrators can use. Administrators use the specific vendor tools to access and manage those vendor’s devices. So, with a deployment of over 10 vendors they could have that number of management tools. Which isn’t what I would call centralised management. Actually having to use 10 separate tools would drive me round the twist.
True centralised management
So, what is true centralised management? Well, everyone will have their own differing views. For me, it is defined by having a single software interface. Which administrators can connect to any device in their network, regardless of vendor, and manage that device.
By managing, I mean anything from provisioning a new device, installing patches, gathering or directing data (techouts, syslog traffic, compliance reports), scheduling backups… The list goes on. The software should also have the flexibility to interface with other systems. This is to enable other functions like the ability to provision, revoke or change the roles. Another key function would be to edit responsibilities of users across many devices. I will talk more about this in our next blog around Identity and Access Management. Which was the third area highlighted by Administrators – which could make their life easier when managing devices.
Whether administrators will get a true centralised management solution is an interesting question. Security vendors are likely to be resistant because it makes it easier for organisations to change vendors. So they are more likely to regard it as a threat rather than an opportunity. That leaves other parties to develop these solutions, yet these companies will face many challenges. Which range from non-cooperative security vendors, to allowing their solutions to handle multi-vendor deployments. These are typically seen in today’s organisations.