Going to School on Intruders; The University of Tennessee didn't have enough manpower to see who was trying to attack its systems. The answer: installing a centralized software product to analyze intrusion logs and warn of danger ahead.

Like many research universities, the University of Tennessee is a prime target for hackers and other Internet miscreants. It manages Oak Ridge National Laboratory, which conducts research on national security for the Department of Energy. It runs health-care facilities that collect patient data. It supports an inter-campus computing grid for researchers, who routinely transfer 40-gigabyte data files using unorthodox protocols that may escape detection by ordinary security programs. And it acts as an Internet service provider for students, who occasionally "get crazy" with the high bandwidth and swap multimedia files that can transmit viruses and worms, says senior security analyst A.J. …