News

Managed security hunger grows

Enterprises are turning to security event management technologies to deal with unmanageable security event data.

Security companies Symantec, Computer Associates International and IBM/Tivoli, and smaller niche players such as NetForensics, ArcSight, PentaSafe Security Technologies and security, have unveiled products to centralise event management where some VPN and firewall systems leave off.

Cisco Systems has unveiled services upgrades and new routers for integrated VPN and firewall. Yet VPN and firewall providers - of which Cisco and Check Point Software Technologies are leaders - are failing to produce software that centrally manages their security repertoires, and users have taken notice, noted Jeff Wilson, executive director at Infonetics Research.

"[Cisco] is getting a lot of customer demand for pulling management functionality into a single location or at least all of their security products," Wilson said. "VPN bleeds between connectivity and security. People need a common interface for provisioning and policies."

Even Cisco recommended that at least one customer tap NetForensics for security event management. Customers such as Jim Patterson, an information systems analyst at Legislative Information System are looking to bring order to disparate firewall, host-based, and network-based intrusion detection systems.

Patterson said the need to centrally correlate data from Cisco security devices bearing a proprietary reporting method became paramount.

Third-party security players are attempting to meet such needs. NetForensics' next product, due in January, plans to go inside and manage information from non-perimeter devices, such as applications, authentication and OS, without creating additional false positives, chief operating officer Niten Ved said.

Next year, ArcSight will build upon the embedded algorithmic correlation in ArcSight 2.0 to implement self-learning and auto-healing capabilities.

Companies want a clearer picture of their security infrastructure as a whole. "It's tough to show value in point solutions if you don't tie it all together," said Bob Justus, vice-president of corporate information security at Union Bank of California.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy