Symantec Introduces Centralised, Open Information Security Management
The Symantec Security Management System Provides a Comprehensive View of Security, Enabling Proactive Defence and
Real-Time Enterprise-Wide Response
Symantec, the world leader in Internet security, today announced local availability of the Symantec Security Management
System, a comprehensive set of management applications that improves the effectiveness of the information security
environment by delivering proactive control of the security infrastructure and correlated information for better
decision-making.
Today’s CIOs and other senior management are under intense pressure when it comes to security. In addition to higher
expectations from customers, investors and the general public with regard to regulatory requirements, legal liability
and fiduciary responsibility, the increased complexity and number of attacks are causing greater damage. These pressures
drive the need for a comprehensive approach to security management.
“Managing the growing complexity and volume of security events on today’s corporate networks is a huge challenge for
our customers. Enterprises need a way to simplify the management of this wealth of data created by all the security
devices they have deployed,” said Richard Batchelar, Country Manager, Symantec New Zealand. “The Symantec Security
Management System provides a comprehensive view of the entire security layout in real time, in one console, which allows
the organisation to make more informed decisions so they can react faster to the most critical security alerts.
“The open policy and incident management capabilities enable users to proactively secure their network against known
threats and to respond in real time to new attacks.”
Managing enterprise security today is a difficult process, delivered through a combination of disparate commercial
products from different vendors lacking integration and interoperability. The result is a high degree of complexity and
increased operational costs, and reliance on isolated security data to make critical security decisions.
Making it more difficult, protection products throughout the enterprise scan systems and network traffic and send
messages on every suspicious activity. Nearly 10 million of these security events occur each month in organisations of
even moderate size. Taken individually, it is difficult to determine if a given event indicates trouble or not. An
incident is an event or condition that requires a response and closure. Active attacks or virus outbreaks are incidents
that are usually comprised of one or more events. Known system vulnerabilities or discovered policy violations should
also be treated as incidents that require a response. However, the challenge is sorting through the millions of events
to find the critical incidents in time to take action. Source Integrated Networks, a wholly-owned subsidiary of SingTel
Optus, has been Beta-testing Symantec Security Management System in Australia. “As a provider of network management
services, with a large number of client locations and a wide range of devices under management, the Symantec Security
Management System will allow us to amalgamate reporting and administration of disparate security systems,” said John
Caelli, General Manager. “We currently operate multiple consoles and management screens. This management system will
provide event correlation and a single view of the security of all our clients’ networks, and that’s crucial to us.”
Source Networks also likes the granularity of that view. “We will be able to monitor Symantec and third-party devices
such as firewalls, VPN gateways, routers, IDS and antivirus systems, right down to the security status of a single
desktop. Which means we’ll be able to offer a very high level of service to our clients indeed,” said Mr Caelli.
The Symantec Security Management System comprises multiple components for customers to select and deploy the right set
of security management applications, to meet their individual business objectives. The three key components are:
Symantec Event Managers – provide a complete view of security events for a specific area of protection such as virus and
firewall security events, including Symantec’s and other vendor’s protection solutions. Symantec Incident Manager –
provides open, real-time incident management that helps enterprises maximise the value of their security technologies,
and identify and respond rapidly to security breaches. Symantec Incident Manager identifies, consolidates and correlates
security events from multiple point products and security technologies from a variety of vendors. Symantec ESM – is a
security policy compliance and vulnerability management solution that can be integrated with Symantec Incident Manager
to track the resolution of identified policy non-compliance incidents. The Symantec Security Management System
components are built in compliance with Symantec Enterprise Security Architecture, which provides a standards-based
interoperability framework for Symantec and third-party solutions to work together to provide secure, manageable, and
scalable enterprise security. Customer environments are heterogeneous and often contain security products from many
vendors. Therefore, an interoperable architecture is a critical enabler for enterprises that need strong security and
centralised management. Availability Symantec Event Manager for Anti-Virus is scheduled to be available in early
December and Symantec Event Manager for Firewall is scheduled to be available in December. Both will be available
through Symantec’s worldwide network of value-added authorised resellers, distributors and systems integrators. Symantec
Incident Manager is scheduled to be available in late November from Symantec and will initially be sold through select
Symantec value-added systems integrators and authorised resellers. Broader availability is expected at a later date.
Symantec ESM is currently available through Symantec’s worldwide network of value-added authorised resellers,
distributors and systems integrators. Local Symantec partners can be located at
http://www.symantec.com/region/au_nz/partners/ About Symantec Symantec, the world leader in Internet security
technology, provides a broad range of content and network security software and appliance solutions to individuals,
enterprises and service providers. The company is a leading provider of client, gateway and server security solutions
for virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet
content and e-mail filtering, remote management technologies and security services to enterprises and service providers
around the world. Symantec’s Norton brand of consumer security products is a leader in worldwide retail sales and
industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 38 countries. For more
information, please visit www.symantec.co.nz