Symantec Unveils Security Management System


Symantec Tuesday launched its much-anticipated Security Management System at its Vision360 Enterprise Security Summit here.

The system is a set of applications designed to provide a comprehensive view and centralized management of an enterprise security environment. It is comprised of Symantec Event Managers, Symantec Incident Manager and Symantec Enterprise Security Manager (ESM).

Event Managers consolidate security event data generated by antivirus and firewall products from Symantec and those of other vendors. Currently, they can collect data from Network Associates antivirus software and Check Point Software Technologies firewalls, according to Symantec. Additional event collectors from Tipping Point and Entercept are slated for availability in December.

Symantec Incident Manager correlates and analyzes security events from multiple products and tracks resolution of the events. Symantec ESM, security policy compliance and vulnerability management software, can be integrated with Incident Manager for a more comprehensive solution, the vendor said.

All components of the Symantec Security Management System are based on the Symantec Enterprise Security Architecture, an interoperable, open-standards framework.

"Customers have told us that the network perimeter is disappearing, their security risks are rising, internal staff resources are slim and regulatory pressures are high," Symantec CEO and Chairman John Thompson said in a prepared statement.

"Symantec is offering a new approach to enterprise security, balancing early warning, integrated protection, expert response and comprehensive management to enable enterprises to conduct business over the Internet more confidently and economically," he said.

Symantec is not alone in developing a centralized security management solution that gathers data from a variety of security technologies.

Computer Associates International recently said it is developing a solution that will allow for monitoring and management of its security products as well as those of other vendors. Check Point also plans Tuesday to detail a road map for its Security Management Architecture for integrated management of technologies from multiple vendors.

"I haven't seen anybody do a good job at it yet," Rich Forsen, president of Herndon, Va.-based solution provider ForSense Solutions,said of the integrated management approach. "It sounds nice, but I'll believe it when I see it."

Typically, integration in such systems tends to be with the previous version of another vendor's product, he said.

Symantec Event Manager for Antivirus is scheduled to be available in late October, and Event Manager for Firewall is slated for December. Incident Manager will be available later this month through select VARs and integrators, with broader distribution at a later date. Symantec ESM is already available.