Network security monitors go enterprisewide, analyze events

Symantec Corp. has developed new event and incident managers for its existing Enterprise Security Manager, a standards-based tool suite for third-party security products.

Pricing has not yet been set by the Cupertino, Calif., company.

One new component is Event Manager, which consolidates information from geographically distributed Symantec and third-party antivirus programs and firewalls.

The initial release works only with Network Associates' antivirus profiles and firewalls from Check Point Software Technologies Ltd. of Redwood City, Calif. Symantec is working on data collectors for other products, representatives said.

A second new component is Incident Manager, which provides a comprehensive view of security data across network tiers and technologies. It analyzes events and gives guidance based on a best-practices framework. Its risk analysis engine identifies the possible impact of an incident based on value ratings assigned to each asset.

Security-violation alerts

The Event Manager and Incident Manager can be integrated to track incidents caused by noncompliance with an organization's security policy.

Also, Network Associates Inc. of Santa Clara, Calif., has completed its first version of the Network Performance Orchestrator, which centralizes management of its Sniffer Technologies appliances.

Network Performance Orchestrator, based on Network Associates' Sniffer Enterprise Management Architecture, monitors the appliances across an enterprise. It centralizes authentication and manages configuration, sessions, profiles and resources.

A Visualizer component can schedule or produce on-demand reports about performance, bandwidth utilization, statistics, alarms and usage trends.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above