Sarbanes-Oxley, HIPAA, 21 CFR Part 11, HSPD-12 - if you've never heard of any one of these, then you're excused from the rest of this newsletter. Use the time wisely.

For the rest of you, these are U.S. regulations that you and your organization might have to comply with:

* The Sarbanes-Oxley Act - rules for corporate governance, financial disclosure and the practice of public accounting.
* The Health Insurance Portability and Accountability Act (HIPAA).
* Part 11 of Title 21 of the Code of Federal Regulations covering electronic records and signatures for Food and Drug Administration clients.
* The Homeland Security Presidential Directive #12 - a policy for a common identification standard for federal employees and contractors.

Much of what these regulations specify is logging and auditing procedures for tracking access to your network resources (a very simplified explanation, but that's the general idea).

For many enterprises that are based on Windows networks, tracking everything required by one regulation or another has meant a lot of manual processes to audit the various Microsoft services you might be using. Security vendor Network Intelligence wants to ease your pain.

The company has released the latest version of its enVision (Version 2.1.3) utilities. The upgrade is free for current customers of The Network Intelligence Engine, and should be seriously considered by others. Beside the usual improvements that accompany a new version of a product (improved management screen, new choices of automated actions, etc.), the product's breadth has significantly increased.

The enVision product is a part of what's called "security event management software." It monitors activity and reports to the Network Intelligence Engine (a security appliance), which can raise alerts when inappropriate (as defined by the administrator) activity occurs or can even take immediate action to remediate a problem. What's neat about enVision is that it's agent-less. Nothing needs to be installed on the platforms it monitors.

You'd think that might limit its coverage, but that's the big news about the new release. Added to the coverage are Microsoft Exchange Server 2003, Microsoft SQL Server 7, and Microsoft SQL 2000. That's in addition to the standard Windows server and client operating systems that were previously covered.