|
contents | software | |||||||
| OpenService Launches Security Management Center 4.0 OpenService has announced the release of Security Management Center 4.0, which will deliver high reliability and security visibility to the world's largest enterprise networks. SMC 4.0's features include: Advanced Real-Time Threat Correlation, a Multi-Vendor- Multi-Application Vulnerability Signature MetaBase (VSMB), Risk Profiling, and extensive Automated Threat Response capabilities. SMC 4.0 integrates with a wide array of security devices and products where data is brought into a single integrated console, eliminating the need to view each security vendor's product consoles. The information from all security log sources is available in a single integrated, web-based management and reporting console. OpenService's Security Log Manager (SLM) provides access to historical log data for forensics, compliance reporting and policy management. SMC's reporting functionality includes, but is not limited to, simple creation of ad-hoc reports, conversion of ad-hoc reports into scheduled reports (including e-mail distribution), and "real-time" reports that update as new events arrive (i.e. reports covering 90 day spans that are always current). Dynamic user defined dashboards can display a combination of alerts, reports and content from third party web based applications. Dashboards are completely customizable and can be configured to meet the preferences of the NOC analyst or the CISO. SMC 4.0's Finite State Engine tracks the history of an entire event and continuously builds a log of an attack in progress while simultaneously identifying and escalating threat warnings. Rules based products, on the other hand, analyze events over a defined window of time making low and slow attacks nearly impossible to catch. With SMC's risk based assessment, analysts are not required to write complex rules to match new threats that emerge daily. Instead, they must simply define the assets that are most important to their organization and let SMC 4.0 do the work. Much of this is made possible by SMC's Vulnerability Signature MetaBase, which collects and ties together events from CVE, CAN, and/or BugTraq IDs (among others) to make sure organizations are always correlating on the most up to date list of known vulnerabilities. SMC 4.0's advanced correlation models are used to automatically sort, profile, consolidate, and scan security events to automate the analysis of threat patterns and progressions. The analyzed input from firewalls and IDS' (along with a variety of other supported applications) is all stored in one place allowing for immediate identification of a targeted attack against critical assets. Add in vulnerability scanning data, and SMC 4.0 can then correlate against known vulnerabilities on the network. If there's a match, defenses and notification can be automated using techniques such as e-mail alerts, pager notification, script notification, or SNMP traps. On the other hand, if the asset being attacked is already patched or hardened, SMC 4.0 won't "cry wolf" in the middle of the night by issuing a critical alert. Despite a critical alert not being generated, the analyst will still be informed that the asset is being poked and prodded so it can be monitored. SMC 4.0 makes the analyst's job easier by allowing them to focus on the events that need immediate attention versus the events which have a lower priority. SMC 4.0 organizes network assets in user defined, hierarchical trees (by geography, business line, division, department, or any user defined criteria). As events are generated, they are prioritized and visually represented by bubbling the most dangerous threats against the most critical assets to the top. The navigation tree also provides immediate visual notification showing where the event is occurring and how serious it is. The SMC 4.0 Console is built to be comprehensible and useful to advanced security analysts, junior level operators or non-technical users who need to assess the security posture of their organization in real-time. No longer is it necessary for analysts to spend hours and hours scouring data from hundreds of different sources; the work is all done by SMC 4.0. SMC 4.0 also provides information required to prove compliance and make auditing easier. With all the time saved by using SMC 4.0, OpenService customers are able to provide their enterprise with pristine security saving them time, money and quick ROI. write your comments about the article :: © 2006 Networking News :: home page |