Q&A on ESUKOM with Jens Lucius, QA Manager and Trainer at NCP engineering, Part 1

by VPNHaus | 09/04/2012

Is it possible for enterprises to establish an interconnected security framework, where all disparate elements of security technology no longer stand alone, but are constantly communicating with each other? That is the goal of the ESUKOM project, for which NCP engineering is a core member. To learn more about this endeavor, we spoke to Jens Lucius, QA manager and trainer at NCP.

Jens Lucius: Well, the project is using the TCG (Trusted Computing Group) IF-MAP Standard to try to achieve real-time security in networks. Till now, many network security components worked as standalones, so a network administrator had no chance of seeing the “whole picture” of network security. The ESUKOM project is trying to change that using IF-MAP.

IF-MAP is essentially a common database for network and security systems on the network, sharing information and acting on that information. All ESUKOM participants are integrating IF-MAP into their products or are adding IF-MAP support for OpenSource products, like snort (intrusion detection). Also the University of Applied Science Hannover is developing an IF-MAP server and the prototype of a correlation engine that dynamically detects “glitches” in the network or network usage, and reports this information back to the IF-MAP.

The next step within the project is the integration of a demonstrator showing a network access scenario in a hospital that is under attack by an intruder trying to get classified information and how the usage of IF-MAP is helping prevent that.

Stay tuned for our continued conversation with Lucius on this potentially transformative  project.