Symantec has released a security product to help network managers identify bugs and manage vulnerabilities in operating systems and applications.
The Symantec Vulnerability Assessment 1.0 is web-based software which is installed on a server and scans the network for weaknesses and, because it is web-based, it can be managed remotely.
The product is compatible with Sun Microsystems' Solaris platform, Hewlett Packard’s-UX, IBM’s AIX, Red Hat’s Linux and Microsoft’s Windows 2000, NT, and XP. Symantec said it would also support Windows Server 2003.
Using information from Symantec’s Vulnerability Database - a repository of information about known viruses, worms and vulnerabilities - the offering discovers them, stymies attacks on the network and avoids unnecessary downtime as a result.
The database indexes information from two sources - Bugtraq and Common Vulnerabilities and Exposure (CVE). Both are lists that detail known software vulnerabilities.
Bugtraq was acquired by Symantec in August 2002. The Manchester Institute of Telematics and Employment Research (MITER) compiles the CVE at Manchester Metropolitan University.
The Vulnerability Assessment tool is built upon Symantec’s Enterprise Security Architecture (SESA), an open-standards-based architecture used to manage security devices across the network.
Once the vulnerability information is discovered it is stored on a Microsoft SQL database that is part of SESA. Security information from other Symantec security products is also stored on SESA’s SQL.
If any vulnerabilities are detected they are placed in a priority sequence which is pre-determined by the user such as by urgency or by affected platform. This way, users can remove or reinforce the weak link by, for example, installing a patch, or employing new management techniques to minimise risk.
Symantec’s LiveUpdate technology is also incorporated into the Vulnerability Assessment - it deploys new security updates and modules into the vulnerability database so networks can be easily repaired and secured.
The Vulnerability Assessment Tool is tightly integrated with Symantec’s Incident Manager v2.0, which was also released on Monday.
Incident Manager is an engine that correlates and prioritises security incidents, and provides network administrators with a course of action. It correlates security events from disparate security systems and helps network managers determine the impact of security incidents.
Symantec Vulnerability Assessment Tool costs $795 per server, and includes a year's maintenance, upgrade insurance and support, and workstation licences cost $150.
Prices for Incident Manager start at $75,000, depending upon the number of systems to be monitored and customer needs.