The latest version of Symantec's Enterprise Security
Manager comes with prepackaged "best practice" policies and
compliance modules for a variety of regulatory regimes, as well as
support for more operating systems.
Symantec Enterprise Security Manager (ESM) 6.0 is the latest
edition of Symantec's vulnerability assessment and policy
compliance tool and adds features to make it easier for IT
administrators to compare their network's security against industry
security benchmarks such as ISO (International Organisation for
Standardisation) 17799, Symantec said.
ESM customers will receive preconfigured vulnerability checks
that are based on broad industry standards such as ISO and the Sans
Institute's Top 20 list of vulnerabilities, according to Mark
Ungerman, director of product management at Symantec.
For companies concerned about complying with US federal
government regulations such as the Health Insurance Portability and
Accountability Act of 1996 (HIPAA), ESM 6.0 comes with policies
designed to test HIPAA related mandates affecting the protection of
confidential patient information.
For example, HIPAA policies might look at the management of
account privileges or passwords on ESM-managed systems, Ungerman
said.
That would allow health care organisations to assess which of
their ESM-managed servers is in compliance.
For systems that are not in compliance, administrators could use
the ESM interface to drill down and determine which HIPAA-related
controls are not in place.
The packaged policies and regulatory compliance modules do not
change the core ESM assessment technology, but make it easier for
administrators to use ESM to benchmark their network's security,
Ungerman said.
ESM does not include patch- or configuration-management features
to patch security or compliance holes that have been
identified.
However, Version 6.0 is more tightly integrated with Symantec's
Security Management System. That means that non-compliance issues
can now be routed to other Symantec products such as Incident
Manager and used to create tasks for IT security staff, Ungerman
said.
The tighter integration brings regulatory compliance issues in
step with the way other software security vulnerabilities are
handled, he added.
In an effort to give more options for customers with
heterogenous networking environments, the latest version of ESM
also adds security and vulnerability checks for midrange servers
such as Microsoft's Windows Server 2003 and IBM's iSeries server
platforms.
ESM 6.0 is available immediately from Symantec resellers and
distributors.
The ESM Manager software sells for around $2,394 (£1,416). ESM
agent software ranges in price from $114 for an agent running on
Windows or Unix workstations to $1,995 (£1,180) for an agent
running on iSeries servers.
Paul Roberts writes for IDG News Service