Enterprise data security

The Proventia M50 protection solution from Internet Security Systems automatically blocks viruses, unauthorized access, network attacks, malicious code, hacker exploits, and hybrid threats. Built on Internet Security Systems' intrusion detection and prevention system, Proventia M50 unifies firewall, VPN, antivirus, and intrusion detection and prevention into one engine and one management system to protect at the network and the gateway. It examines network traffic and receives automatic updates from the company's security intelligence team on the latest threats and vulnerabilities.

Symantec Enterprise Security Manager 6.0 is used to define, measure, and report IT systems compliance with corporate and industry-standard security policies, or government regulation, all from a single console. Policy compliance data collected and analyzed by the system can be correlated with security event data from firewalls, intrusion detection systems, and vulnerability assessment products. The system has 2,000+ security checks, as well as LiveUpdate technology that facilitates retrieval and deployment of security updates.

Netegrity says it has acquired Business Layers, an "e-provisioning" company, to help companies mitigate risk, comply with new regulations, and enhance user productivity by automating access management to enterprise resources. Its access management solution controls employee, partner, and customer access to disparate applications, systems, architectures, and processes. Users address their most pressing business needs by starting at any identity access management point, from Web access management to identity administration or provisioning.

LiveVault Corp.'s Online Backup and Recovery Service Version 4 continuously backs up business server data via a secure Internet connection and stores it offsite, where it is available for recovery in the event of a system failure, virus, human error, or other disaster. The service is well suited for small and midsize businesses that have primarily relied on in-house tape backups to keep data safe. Users can automatically detect, create, and maintain the precise policies required to correctly protect Microsoft Exchange.

Guardent's Managed Vulnerability Protection and Alert Service determines whether confidential information is at risk via customer-specific notifications that eliminate irrelevant warnings and allow focusing attention on legitimate security threats. The system detects and categorizes vulnerabilities inside and outside a network's perimeter, signals alerts, and provides detailed remediation recommendations.

Cisco Systems' Intrusion Detection 4.0 protects data and information infrastructures using threat-response technology that eliminates false alarms and automatically determines which threats need immediate attention. Browser-based tools simplify user interaction while providing analytical tools for rapid response. The system monitors all major TCP/IP protocols, and identifies and classifies known and unknown threats targeting networks—including "worms," denial of service, and application attacks. Detection methods include pattern recognition, protocol analysis, traffic anomaly detection, and protocol anomaly detection.

Foundstone's Enterprise security system addresses vulnerabilities through asset discovery, inventory, and prioritization; threat intelligence and correlation; and remediation tracking and reporting. Distributed scanning engines also can be used based on geographic or technical requirements, while maintaining centralized management and reporting. The system includes a map of the network, with wireless access points; analysis of the full spectrum of vulnerabilities, including operating system, network device, database, and custom Web application security issues; and metrics to evaluate cost/benefits and measure improvement.

NCircle's IP360 Vulnerability Management System Version 6.0 allows profiling global enterprise networks to find, and then eliminate, vulnerabilities before they cause loss. VnE Manager, a hardened appliance for centralized configuration and role-based administration of all IP360 appliances, delivers vulnerability analysis, alerting, and enhanced patch-management capabilities. Device Profiler is a diskless appliance that profiles IP-based devices and securely reports its findings to the centralized IP360 VnE Manager. Discriminant Analysis combines information from best-of-breed technologies to verify operating systems, applications, and services—and then identify vulnerabilities.

NetScreen's Intrusion Detection and Prevention system protects network assets by detecting attacks and stopping their impact. It complements firewalls and VPNs to protect against attacks in network traffic. A Multi-Method Detection mechanism automatically selects the most efficient method to detect each type of attack and looks in only relevant portions of traffic where an attack can do damage to reduce the chance of false alarms.

Security Threat Manager from OpenService uses critical intelligence to link security systems and map global threat information to the lines of business being attacked. The system offers real-time threat assessment, operations performance, and insight to vulnerability metrics to identify and prioritize threats by correlating vulnerability data and asset values with real-time events from intrusion detection systems, firewalls, VPNs, antivirus solutions, servers, routers, switches, and applications. It correlates inbound event data from detection systems with scan data from industry-standard vulnerability assessment tools in real time to enhance alert relevance.

Equant's Secure Gateway service protects private networks from intrusion while enabling employees to safely access the Internet. As an outsourced solution, the system is housed at the user's site or at an Equant hosting center. Users can choose either resilient with dual- firewall protection and optional redundancy in other appliances, or non-resilient, which offers single-firewall protection. Equant configures all hardware and software gateway appliances. The gateway service covers the operating system and application software; ISP line status; and disk space, CPU, memory, and swap space. Real-time analysis of the firewall-log files allows detecting suspicious behavior immediately.

RSA Security's access management system, part of the company's overall identity management solution, features single sign-on, and allows users to assign and enforce access rights using a mix of rule- and role-based policies with coarse-, medium-, and fine-grain access control. As a result, users can define group and user permissions based on high-level or complex business criteria. Privileges can be tied to business relationships, user roles, transaction rules, and dynamic user attributes.

Sophos' Anti-Virus protects networks, desktops, and remote laptop computers from the latest viruses. Management tools allow Web-based installation and updating across platforms and even to remote users. A library collects updates from the Sophos databank—a dedicated Sophos Web site—at preset times and on demand. A report function identifies vulnerable network points and produces customized reports on viruses detected on Windows desktops and servers. SavAdmin allows remote real-time monitoring and control, and automatically installs Sophos Anti-Virus on new network desktops.