PentaSafe Unveils Integrated Security Manager
PentaSafe Security Technologies announces a new integrated security management product intended to collect and correlate data from existing PentaSafe and third-party security offerings.
PentaSafe has grouped three existing security products along with the new VigilEnt Intrusion Manager product into a group it calls VigilEnt Enterprise Security Applications (VESAs).
The idea is to enable a number of security point products to function in unison, giving users a more complete enterprise security picture, says Chris Pick, vice president of product marketing and strategy for PentaSafe, based in Houston.
Previously, users had to get reports separately from each VigilEnt product. They include: the Policy Center, for managing security policy creation, distribution and awareness; User Manager, a password management and account provisioning utility that allows end users to reset their own passwords, among other functions; and Security Manager, which helps users find and correct security vulnerabilities.
In addition to those three PentaSafe products, the Intrusion Manager will be able to collect security data from Check Point and Cisco firewalls, intrusion detection systems (IDS) from Internet Security Systems and Cisco, and Snort open-source IDSs.
The Intrusion Manager supports the Intrusion Detection Message Exchange Format (IDMEF), which is an IETF standard for reporting security data in an XML format.
That, Pick says, differentiates the PentaSafe product from security consoles from vendors such as e-Security, Inc., which uses an SNMP format. "The benefit is, IDMEF normalizes the data at the event source," he says. "So you're not bringing apples and oranges in a central place and doing data mining."
The integration features across the PentaSafe products allow them to work in a proactive fashion, Pick notes. For example, with the Policy Manager users can set rules for how machines must be configured throughout the enterprise with respect to applying known patches. The Security Manager can then identify those machines that are out of sync with that policy and alert the user.
Pick also notes that PentaSafe requires only a single agent for each system supported by its security products. Different functions are enabled on the agent depending on which products the user licenses.
The Intrusion Manager, due out in September, will be priced at $200 to $700 per event source, which could range from a log file or host based agent to an IDS. There is no charge for the integration component that ties the products together.