CA seeks guinea pigs to test centralised security admin software

Computer Associates is expected to announce a portal-based console - known as Command Center, which will combine multiple...

Computer Associates is expected to announce a portal-based console - known as Command Center, which will combine multiple security management user interfaces into one screen - this week. However, a general release is not expected until sometime in 2003 - the company is looking for beta sites to start testing the software next month.

Once the application is available, it will take data feeds from different security software products and will either send alerts to IT staffers or respond to problems automatically, said Russell Artzt, executive vice-president of alliances and eTrust solutions at CA.

"We have taken Command Center as a centralised location for dealing with all sorts of security violations," Artzt said. An IT security administrator would be able to view end-user access violations in one window on the console while other windows display things such as firewall activity and potential system vulnerabilities.

To expand the console's usefulness with non-CA security tools, CA is partnering with other security vendors to create connectors for sharing data. CA cited deals with four vendors, including firewall developer Check Point Software Technologies.

James Hurley, an analyst at Aberdeen Group in Boston, said that CA is not the only company pushing centralised security administration software, but that the centralised management provided by the different vendors "is long overdue".

IBM's Tivoli network and systems management unit and smaller companies such as NetIQ and e-Security already offer security console products.

Hurley said: "The biggest problem we run into is most buyers don't have the staff to handle the complexities of the IT infrastructures they have."

Arzt claimed that CA planned to support a variety of automated responses in its console. Pricing has not yet been set.

CA will also start beta-testing software that is designed to help protect a company's facilities from corporate espionage or other physical incursions.

The eTrust 20/20 application will interface with security systems and send alerts through a Web browser to users about abnormal behaviour it detects. The software will take data feeds from access card readers and create profiles detailing the areas that individual workers normally access.

CA's goal is to "converge security in a holistic manner across combined physical and IT systems", said Artzt.

Read more on IT risk management