CA targets security management

Computer Associates is readying what could be among the most comprehensive product suites in the emerging security information management market.

NEW YORK – Computer Associates is readying what could be among the most comprehensive product suites in the emerging security information management market.

The first two parts of that suite, which is dubbed the eTrust Security Command Center, include a package for overseeing multivendor intrusion-detection systems (IDS) and firewalls, and another for managing host-based access-control, antivirus and content-filtering systems. Beta-test versions of the software, which will run on Windows 2000 and XP, are scheduled for release around February, according to Simon Perry, CA’s vice president of security strategy.

Like other SIM offerings, CA’s products would be aimed at providing customers with centralized control and reporting of multivendor security products across a company to achieve event correlation and eliminate the use of a large number of consoles. Where CA’s approach to SIM appears to differ from that of most other vendors is that it is looking to help companies manage a wider variety of product types.

“This is the first time we’re doing integrated security management,” Perry says.

Rather than using an overarching security management platform, CA is building individual but compatible SIM products because of the way large customers tend to delegate security management in their organizations, Perry says.

CA also will rely on its UniCenter network, systems management platform and a security product called eTrust Audit to create the foundation for the eTrust Security Command Center.

Like other vendors that have jumped into SIM, including Symantec, Check Point Software, Internet Security Systems and a handful of start-ups, CA will require customers to deploy special agent software called collectors on desktops or security devices to feed event information to a centralized console for correlation.

The company is writing collectors for antivirus systems, access-control software, IDS and firewalls from vendors that include Check Point, Cisco, IBM, Network Associates and Symantec. CA will build more for other products based on customer interest.

Perry, who declined to specify when the new products would ship or how much they would cost, says CA doesn’t want to ship the SIM products until at least six companies have rigorously stress-tested them.

Although few corporations have deployed SIM, the idea has appeal, especially for large organizations seeking to establish a single security policy.

“We have a desire to centralize on authentications and permissions for the Web, [Lotus] Notes and mainframe, for example,” says Karl Wagner, director of global networking and telecommunications at PricewaterhouseCoopers, which has offices in more than 140 countries.

But even with new tools, he says he expects companies trying to establish centralized security systems to run into many legal and day-to-day business obstacles.