Consolidating Defenses Strengthens SecurityConsolidating Defenses Strengthens Security

Management tools help companies get a handle on their IT-security systems

Martin Garvey, Contributor

March 18, 2005

3 Min Read
information logo in a gray background | information

Businesses are piling onmore and more tools as they fend off mounting security threats. In the process, they're creating challenges for IT departments that have to manage all these different products and still maintain a bird's-eye view of the status of security of all their systems and networks.

"They have to evaluate each product separately," says Trent Henry, an analyst at research firm Burton Group. Without comprehensive management and analysis of all the intrusion-detection, firewall, and other point products, it can take too long to discover and determine the cause of malicious activity, Henry says.

Vendors ranging from startups to established companies are responding with automated security-management systems designed to help companies monitor and act on security incidents. There are more than a dozen vendors, Henry says. ArcSight, Intellitactics, and netForensics are top players, but he says Symantec Corp. is continually investing in security management and expects it to catch up before long.

OpenService's management software lets Hansen correlate his law firm's security data for analysis.Photo by Jeff Sciortino

OpenService Inc. this week will unveil Security Management Center to help companies track network security in real time and Security Log Manager, which features reporting and analysis tools that consolidate disparate product data. Also this week, BrightTools Inc. will launch Activeworx Security Center version 2.0, a new version of its security-management software unveiled in January. The system can gather information from a variety of security products, then organize and log that info for reporting purposes. The new task-manager feature lets users build reports based on preset rules and policies; previously, administrators had to manually organize the logs into reports.

"We were very much disjointed before," says Adam Hansen, security manager at Sonnenschein Nath & Rosenthal LLP, of his law firm's security infrastructure. Hansen oversees multiple tools, such as antivirus, debugging, and spyware, and he lacked a holistic view of the firm's IT defenses. So he implemented OpenService's Security Threat Manager, which Hansen says lets the firm "manage data across all the point products and correlate the information for analysis."

The new management products also are gaining favor with providers of security services that often employ numerous point products. ProtectPoint Network Security Inc. uses BrightTools' Activeworx to generate 3,000 security-analysis reports each day to help assure its customers that their networks are protected.

Symantec, which offers an Incident Manager to help customers correlate security events throughout the network, says the right IT processes must be in place before security management can help. "Companies need to know if gateways are bringing in bad things," says Sharon Rockman, VP of product management at Symantec. "Without the right controls, a company might never know about a breach."

The new products still have some rough edges. The reports are often too technical, and prices need to come down, Burton Group's Henry says. OpenService's suite averages $50,000, but pricing depends on log volumes. BrightTools software is less, starting at $9,995 for three desktop licenses and 10 event databases.

Read more about:

20052005

About the Author

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights