Security management

Anti-spy software, anti-virus management software, endpoint security tools, patch management wares, policy auditing and compliance software, security event management products, Secure Shell management servers, vulnerability assessment and management products

By Christine Burns and Keith Shaw, Network World, 02/28/05

 Start a discussion    Print article

 Comments (1)    Print article

Winner: Preventsys' Network Audit and Policy Assurance System

You can't do much better than this.

This Preventsys product has the distinction of being one of the highest scorers - posting a 4.9 out of a possible five points - ever in a Network World test.

The Network Audit and Policy Assurance System (renamed Preventsys Policy and Regulatory Compliance module in a September upgrade) slides into the overall Preventsys Enterprise Security System. The module looks for systems that are out of compliance by comparing the results of vulnerability-assessment scans, collected from a variety of sources, against defined security policy.

Network World Lab Alliance member Mandy Andress gave Preventsys high points across the board for its elastic configurability, its ability to tap into existing policy standards and to create new standards, its plethora of reporting options and its expanding remediation measures.

Update THE PRODUCT: Along with its newly named product, Preventsys now ships updated NIST and NSA configuration standards, and new SOX, HIPAA, FISMA and GLBA, FFIEC and NERC controls and rules. It also has spiffed up re­porting, now offering additional compliance reports, comparative reporting and an updated policy recommendation engine. Additionally, the system now ships with new connectors to network scanners including Internet Security Systems SiteProtector, Qualys Qualys­Guard and Preventsys Net­work Architecture Assessor and the application scanner AppDetective from Application Security, Prevent­sys’ own Wi-Fi and Windows registry scanners, Cisco Security Agent software and any IDS based on open source Snort code.Finally, Preventsys has built a new Preemptive Threat Defense module that plugs into its overall system. It takes data from the scans, correlates the information, prioritizes mitigation tasks and automates security remediation activities to eliminate the root cause of exposure. THE COMPANY: In February 2004, Preventsys closed $3 million in Series B funding and hired Tom Rowley, former cofounder and CEO of Counter­pane Internet Security, as CEO. In May, Alex Lazar, formerly program director for security at IBM, joined as vice president of sales. In July, Pre­ventsys announced a formal partnership with SAIC to better service government customers, and in Sep­tember it launched a new partner program. Customer wins include Electronic Arts and St. John Health System.

Andress contends this security management tool could be just what the doctor ordered to help corporations deal with the Health Insuarance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX) compliance regulations.

The module has a pretty hefty price tag - starting at $65,000 for the first 1,000 nodes and ranging to $375,000 for 20,000 nodes. But Preventsys has included a feature that could help turn cost justification into a non-issue. This integrated feature calculates the financial risk should any of the systems it finds vulnerable be compromised.

PRODUCT MASTERMIND

The man: Patrick Ravenel, senior vice president, engineering

Job duties: Manages the technical direction of Preventsys products and services and drives technology initiatives.

Favorite Feature: "Our programmable correlation and analysis engine - the SMART Engine - is at the heart of both our threat exposure and policy compliance analysis functions. It correlates the results of tens of thousands of disparate network and vulnerability tests together dynamically, without relying on hard-coded mapping like security event management products."

Finalists Configuresoft's Enterprise Configuration Manager Version 4.5.2 won Clear Choice honors as one of the best Windows-centric programs we've tested for helping to configure desktop and server systems securely. Specifically, the product earned accolades for its intuitive interface, great flexibility and automatic compliance functionality. EEye Digital Security's Blink 1.0, a brand-new product, swept the competition in our first-ever test of endpoint security products. It earned top honors based on its solid reporting and its hybrid approach to client defense.