You might think Napster is a good-for-nothing application that sucks up bandwidth and pulls down productivity. But for all the stir it has caused, the technology's underlying premise is useful.
In fact, the technology's so powerful it could redefine security management.
Next week, Network Associates subsidiary MyCIO.com will formally roll out Rumor, a Napster-like peer-to-peer file sharing technology and service for managing anti-virus updates that the site has already put in the hands of 100,000 users who subscribe to MyCIO security services.
The idea is as simple as the Napster music-sharing software currently redefining the recording industry. But instead of clients becoming servers to share MP3 music files, as with Napster, Rumor allows users to serve one another virus signature files.
"Most companies are pretty much behind on applying any kind of updates, and when it comes to security, it's hard to get all the latest files out to all the clients," said Frank Bernhard, an analyst at Omni Consulting Group, in Davis, "So the Napster model, where everyone becomes a client and server, is a really good story."
Today, to get updated anti-virus files, administrators rely on a pull approach, wherein each client or server must jump onto the Internet to retrieve the updated file. Some administrators schedule clients to do this automatically when they log on, which can result in a bandwidth crunch. Still others simply let anti-virus signature files get out of date because there are too many clients to manage effectively.
With Rumor, the first five users in a network who log on retrieve anti-virus updates from MyCIO. Then, those users turn into servers for everyone else on the network. Every time a system gets the latest file, it has the capability to serve that file to someone else who needs it.
Rumor, named for the way the technology allows files to spread around a network, is not just a Napster clone, though. The concept predates Napster, but enterprise security and functionality needs meant a longer development cycle.
That long cycle enabled MyCIO engineers to add such features as token-based authentication so that the only files that can be shared by Rumor are legitimate anti-virus update files. Other wise, rogue files meant to corrupt a network could spread like a rumor, too.
Another shortcoming of Napster that Rumor rectifies is broken connections. On Napster, if a user gets through half a download then gets cut off, that incomplete file becomes available to all the peers on the network. Rumor recognises broken connections and allows for resumable downloads.
Most exciting to some users, however, is that Rumor is application-independent. When MyCIO launches the service next week, it will also announce the availability of firewall file updates to Rumor users. Eventually, the Santa Clara, company will extend the peer-to-peer file sharing to all security software, including access control and intrusion detection applications, officials said.
When the Love Bug hit earlier this year, Lee Rocklage shut down his network and had an emergency meeting, at which time he found out only 300 of his 1,500 clients had updated anti-virus files. "We've moved to the peer-to-peer model, and everyone is always updated. And I have full faith they're updated," said Rocklage, an administrator at DPR Construction, in Redwood City, and a MyCIO.com subscriber. "We used to have a full-time person just dedicated to scripting anti-virus file updates. I think with peer-to-peer, combined with a service, we're taking the burden and overhead of maintaining this off our shoulders."
The lead developer of Rumor, MyCIO Chief Technology Officer Victor Kouznetsov, said he believes peer-to-peer is the future. The reaction to Rumor, he said, is similar to the reaction to Napster.
"At first, users are a bit scared," he said. "But they try it and realise they're getting better management without broadcasting data. Then they love it."
So powerful is the peer-to-peer file sharing model that Kouznetsov and others said they feel it will move beyond security into all realms of enterprise software management and services.
Said Omni's Bernhard: "Beyond its elegance, it's kind of saying we've figured out a way to purpose the peer-to-peer technology in such a fashion that it's more than just stealing music."
