Managed security hunger grows

Enterprises are turning to security event management technologies to deal with unmanageable security event data.

Enterprises are turning to security event management technologies to deal with unmanageable security event data.

Security companies Symantec, Computer Associates International and IBM/Tivoli, and smaller niche players such as NetForensics, ArcSight, PentaSafe Security Technologies and security, have unveiled products to centralise event management where some VPN and firewall systems leave off.

Cisco Systems has unveiled services upgrades and new routers for integrated VPN and firewall. Yet VPN and firewall providers - of which Cisco and Check Point Software Technologies are leaders - are failing to produce software that centrally manages their security repertoires, and users have taken notice, noted Jeff Wilson, executive director at Infonetics Research.

"[Cisco] is getting a lot of customer demand for pulling management functionality into a single location or at least all of their security products," Wilson said. "VPN bleeds between connectivity and security. People need a common interface for provisioning and policies."

Even Cisco recommended that at least one customer tap NetForensics for security event management. Customers such as Jim Patterson, an information systems analyst at Legislative Information System are looking to bring order to disparate firewall, host-based, and network-based intrusion detection systems.

Patterson said the need to centrally correlate data from Cisco security devices bearing a proprietary reporting method became paramount.

Third-party security players are attempting to meet such needs. NetForensics' next product, due in January, plans to go inside and manage information from non-perimeter devices, such as applications, authentication and OS, without creating additional false positives, chief operating officer Niten Ved said.

Next year, ArcSight will build upon the embedded algorithmic correlation in ArcSight 2.0 to implement self-learning and auto-healing capabilities.

Companies want a clearer picture of their security infrastructure as a whole. "It's tough to show value in point solutions if you don't tie it all together," said Bob Justus, vice-president of corporate information security at Union Bank of California.

Read more on IT risk management