CA ETRUST REDUCES RISK BY REDUCING INFORMATION OVERLOAD.Computer Associates International, Inc. (NYSE NYSE See: New York Stock Exchange :CA) has announced eTrust Security Command Center r8, a powerful solution for managing and responding to security events across the enterprise. By dramatically reducing security information overload A symptom of the high-tech age, which is too much information for one human being to absorb in an expanding world of people and technology. It comes from all sources including TV, newspapers, magazines as well as wanted and unwanted regular mail, e-mail and faxes. and intelligently automating security workflows, eTrust Security Command Center significantly reduces business risk and helps ensure regulatory compliance while improving the productivity of IT security teams. eTrust Security Command Center r8 monitors and manages all aspects of enterprise security, from threat discovery through resolution, in real time. It provides a centralized cen·tral·ize v. cen·tral·ized, cen·tral·iz·ing, cen·tral·iz·es v.tr. 1. To draw into or toward a center; consolidate. 2. command-and-control center that presents security data in an intuitive graphical interface See GUI. that enables IT security teams to quickly identify and respond to events and vulnerabilities based on their urgency and potential business impact. Key new features include out-of-the-box correlation tools, Web-based update services, advanced incident management functions and customizable "workspaces" designed for specific tasks such as comparing an organization's security posture and vulnerabilities against the standards set by the SANS institute The SANS Institute (SysAdmin, Audit, Networking, and Security) is a trade name owned by the for-profit Escal Institute of Advanced Technologies. SANS provides computer security training, professional certification, and a research archive. . Advanced bi-directional integration with network and systems management solutions such as Unicenter NSM (Network and System Management) Running and controlling the networks and computer systems in an enterprise. See network management. enables IT security teams to leverage data from those solutions to even more effectively detect and respond to a full range of threats. "As a managed service provider, one of our biggest challenges is sifting through all of the noise so that we can quickly zero in on the real threats to our customers," said Eamus Halpin, chief executive officer of iRevolution Limited. "By providing intelligent, structured event management, CA's eTrust Security Command Center r8 enables us to meet this challenge and diligently dil·i·gent adj. Marked by persevering, painstaking effort. See Synonyms at busy. [Middle English, from Old French, from Latin d protect our customers' businesses without wasted time or effort." "eTrust Security Command Center r8 provides the auditing capabilities we need to effectively monitor our systems and fully document compliance with federal regulations," said Arthur Rosata, director of Information Security at Boston University Boston University, at Boston, Mass.; coeducational; founded 1839, chartered 1869, first baccalaureate granted 1871. It is composed of 16 schools and colleges. . "Its single command-and-control capability will enable us to fully safeguard our infrastructure and data while effectively leveraging our resources." Rules-Based Correlation eTrust Security Command Center r8 uses intelligent, rules-based correlation to zero in on root-cause issues that underlie security events. Its out-of-the-box event correlation Event Correlation is the processes involved with reducing a large number of incident alerts to a much smaller, more manageable number within automated monitoring and incident/problem management in a Support Management System. tools include the following: * A rules library with more than 100 default policies for fast threat analysis * Automatic policy updates via the Web * Rule templates and wizards that facilitate creation of customized rules Advanced Incident Management Functions eTrust Security Command Center r8 provides IT security teams with advanced incident management functions, including the following: * Incident grouping that allows multiple events to be processed based on common attributes -- without modifying events in the event repository * Incident assignment and annotation 1. (programming, compiler) annotation - Extra information associated with a particular point in a document or program. Annotations may be added either by a compiler or by the programmer. for monitoring and enforcing timely and appropriate responses to events * Visualization Using the computer to convert data into picture form. The most basic visualization is that of turning transaction data and summary information into charts and graphs. Visualization is used in computer-aided design (CAD) to render screen images into 3D models that can be viewed from all enhancements that facilitate the investigation and analysis of patterns and anomalies * Integration with help desk solutions, such as CA's Unicenter ServicePlus Service Desk, for seamless workflow resolution Task-Specific Workspaces eTrust Security Command Center r8 further simplifies security management with innovative, task-specific workspaces, including: * SANS Top 20 Workspace correlates high-priority threats based on the SANS Institute's list of the Top 20 vulnerabilities * Role-Based Workspaces that enable specific tasks such as virus control and DoS defense to be distributed to assigned team members Network and Systems Management Integration In keeping with CA's Enterprise Infrastructure Management strategy, eTrust Security Command Center enables IT organizations to manage security in a common manner with other infrastructure, application and data management processes, such as those running under CA's Unicenter Network and Systems Management (Unicenter NSM). This integrated approach reduces technology ownership costs and enables security policies to be extended across functional areas -- for example, in using data about network traffic anomalies A deviation from the normal traffic pattern. An intrusion detection system (IDS) may look for unusual traffic activities, such as a flood of UDP packets or a new service appearing on the network. to better identify the nature of a security event. "IT organizations face significant challenges as they attempt to convert the vast amount of raw security-related data across the enterprise into the actionable Giving sufficient legal grounds for a lawsuit; giving rise to a Cause of Action. An act, event, or occurrence is said to be actionable when there are legal grounds for basing a lawsuit on it. information they need to effectively combat the growing volume and variety of threats they face on a daily basis," said Toby Weiss, senior vice president of eTrust security management at CA. "eTrust Security Command Center delivers this critical intelligence -- enabling customers to filter, prioritize pri·or·i·tize v. pri·or·i·tized, pri·or·i·tiz·ing, pri·or·i·tiz·es Usage Problem v.tr. To arrange or deal with in order of importance. v.intr. and act upon security information in order to protect the business." eTrust Security Command Center r8 adds significant value by providing customers with updates of correlation rule templates, workspaces and agents via the Web. These updates are tested and validated to ensure their effectiveness. "Managing IT security has become extremely complex. Many enterprise systems collect data on security-related events, as well as issue alerts across operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. , applications, security software and hardware, communication systems, and other infrastructure components," said Mark Nicolett, vice president and research director, Gartner, Inc. "Without intelligent correlation of this critical, vast amount of data, organizations lack the management capabilities needed to respond effectively to situations that could compromise security. This, in turn, can compromise critical business processes and assets and can hinder daily business operations Business operations are those activities involved in the running of a business for the purpose of producing value for the stakeholders. Compare business processes. The outcome of business operations is the harvesting of value from assets ." CA Technology Services offers consulting, implementation and training support for eTrust Security Command Center r8. Customized implementation services are also available. About CA Computer Associates International, Inc. (NYSE:CA) , the world's largest management software company, delivers software and services across operations, security, storage, life cycle and service management to optimize the performance, reliability and efficiency of enterprise IT environments. Founded in 1976, CA is headquartered in Islandia, N.Y. and operates in more than 100 countries. For more information, visit http://ca.com or call 631/342-2542. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion