IBM's Tivoli extends its Risk Manager

AUSTIN, TEXAS - Tivoli Systems, the network management software arm of IBM, Monday made available the latest version of its threat management software that the company says now collects data from security devices from the likes of Network Associates, NFR Security and Secure Computing.

Tivoli Risk Manager lets users pull security information from security products across a network to monitor the data from one location. Risk Manager now supports Network Associates' McAfee Active Virus Defense (AVD) product suite, NFR Network Intrusion Detection systems and Secure Computing's Sidewinder firewall and VPN gateway.

"Risk Manager addresses the customer pain of really understanding all the security events happening across all environments," says Leo Cole, director of security market management at Tivoli. Cole says Risk Manager gives users three ways to better manage and protect their networks.

Risk Manager, with its server-and-agent software design, monitors security devices in real-time and saves the data so users can study the collected data for historical patterns or trends. Risk Manager also provides "proactive" vulnerability tests, scanning a network for potential security holes, Cole says.

The product gives users a single view of all security events and alerts coming from disparate sources on a network, including servers, firewalls, VPNs and routers. The software correlates the alerts and can determine if numerous events are being generated from one source of attack, the company says. Tivoli Risk Manager protects against internal and external attacks, letting users track patterns over time to determine if a hacker is slowly trying to penetrate the network.

The software already supports security and e-business products from: Apache Software Foundation, Argus Systems Group, Check Point Software Technologies, Cisco, ClickNet Security Technologies, Gilian Technologies, iPlanet International, Internet Security Systems, Lockstep Systems, Microsoft, Red Hat, Sun, Symantec and Zone Labs, among others.

Tivoli Risk Manager competes with products from start-up eSecurity and offerings from NetForensics. James Galvin, product manager for Tivoli Risk Manager, says the advantage Tivoli offers is its network and systems management history with products such as Tivoli Distributed Monitoring and Tivoli Enterprise Console, designed to collect network events via software agents and correlate the data.

"It's a hybrid approach in which security management products can communicate with network management to see how security events affect the network, and vice versa," Galvin says.

For current Risk Manager users, Tivoli has made the updated software available by download via its Web site.