Open Information Security Management
Symantec Introduces Centralised, Open Information Security Management
The Symantec Security Management System Provides a Comprehensive View of Security, Enabling Proactive Defence and Real-Time Enterprise-Wide Response
Symantec, the world leader in Internet security, today announced local availability of the Symantec Security Management System, a comprehensive set of management applications that improves the effectiveness of the information security environment by delivering proactive control of the security infrastructure and correlated information for better decision-making.
Today’s CIOs and other senior management are under intense pressure when it comes to security. In addition to higher expectations from customers, investors and the general public with regard to regulatory requirements, legal liability and fiduciary responsibility, the increased complexity and number of attacks are causing greater damage. These pressures drive the need for a comprehensive approach to security management.
“Managing the growing complexity and volume of security events on today’s corporate networks is a huge challenge for our customers. Enterprises need a way to simplify the management of this wealth of data created by all the security devices they have deployed,” said Richard Batchelar, Country Manager, Symantec New Zealand. “The Symantec Security Management System provides a comprehensive view of the entire security layout in real time, in one console, which allows the organisation to make more informed decisions so they can react faster to the most critical security alerts.
“The open policy and incident management capabilities enable users to proactively secure their network against known threats and to respond in real time to new attacks.”
Managing enterprise security today is a difficult process, delivered through a combination of disparate commercial products from different vendors lacking integration and interoperability. The result is a high degree of complexity and increased operational costs, and reliance on isolated security data to make critical security decisions.
Making it more difficult, protection products throughout the enterprise scan systems and network traffic and send messages on every suspicious activity. Nearly 10 million of these security events occur each month in organisations of even moderate size. Taken individually, it is difficult to determine if a given event indicates trouble or not. An incident is an event or condition that requires a response and closure. Active attacks or virus outbreaks are incidents that are usually comprised of one or more events. Known system vulnerabilities or discovered policy violations should also be treated as incidents that require a response. However, the challenge is sorting through the millions of events to find the critical incidents in time to take action. Source Integrated Networks, a wholly-owned subsidiary of SingTel Optus, has been Beta-testing Symantec Security Management System in Australia. “As a provider of network management services, with a large number of client locations and a wide range of devices under management, the Symantec Security Management System will allow us to amalgamate reporting and administration of disparate security systems,” said John Caelli, General Manager. “We currently operate multiple consoles and management screens. This management system will provide event correlation and a single view of the security of all our clients’ networks, and that’s crucial to us.”
Source Networks also likes the granularity of that view. “We will be able to monitor Symantec and third-party devices such as firewalls, VPN gateways, routers, IDS and antivirus systems, right down to the security status of a single desktop. Which means we’ll be able to offer a very high level of service to our clients indeed,” said Mr Caelli.
The Symantec Security Management System comprises multiple components for customers to select and deploy the right set of security management applications, to meet their individual business objectives. The three key components are: Symantec Event Managers – provide a complete view of security events for a specific area of protection such as virus and firewall security events, including Symantec’s and other vendor’s protection solutions. Symantec Incident Manager – provides open, real-time incident management that helps enterprises maximise the value of their security technologies, and identify and respond rapidly to security breaches. Symantec Incident Manager identifies, consolidates and correlates security events from multiple point products and security technologies from a variety of vendors. Symantec ESM – is a security policy compliance and vulnerability management solution that can be integrated with Symantec Incident Manager to track the resolution of identified policy non-compliance incidents. The Symantec Security Management System components are built in compliance with Symantec Enterprise Security Architecture, which provides a standards-based interoperability framework for Symantec and third-party solutions to work together to provide secure, manageable, and scalable enterprise security. Customer environments are heterogeneous and often contain security products from many vendors. Therefore, an interoperable architecture is a critical enabler for enterprises that need strong security and centralised management. Availability Symantec Event Manager for Anti-Virus is scheduled to be available in early December and Symantec Event Manager for Firewall is scheduled to be available in December. Both will be available through Symantec’s worldwide network of value-added authorised resellers, distributors and systems integrators. Symantec Incident Manager is scheduled to be available in late November from Symantec and will initially be sold through select Symantec value-added systems integrators and authorised resellers. Broader availability is expected at a later date. Symantec ESM is currently available through Symantec’s worldwide network of value-added authorised resellers, distributors and systems integrators. Local Symantec partners can be located at http://www.symantec.com/region/au_nz/partners/ About Symantec Symantec, the world leader in Internet security technology, provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers. The company is a leading provider of client, gateway and server security solutions for virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies and security services to enterprises and service providers around the world. Symantec’s Norton brand of consumer security products is a leader in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 38 countries. For more information, please visit www.symantec.co.nz