CA makes security a 'management issue'

Computer Associates today launched two products aimed at making companies' IT security far more robust and manageable.

eTrust Vulnerability Manager and eTrust Security Command Center were both unveiled by Russel Artzt, executive vice president of eTrust security solutions at CA, who was speaking at the company's annual conference in Las Vegas.

Vulnerability Manager is a product which was being test-driven by attendees at the conference. It will scan a computer, or in most case here this week, a laptop and will detect any existing vulnerabilities and enable the user to take remedial steps. Given the nature of security, the product is being dynamically updated constantly to include all new and known vulnerabilities.

Artzt said: "Vulnerability is a very dynamic area. That's why we need a research team of 20 people researching these on a daily basis.

"We maintain a vulnerability database of over 6,000 vulnerabilities which is probably the most robust database in the industry."

The Vulnerability Manager is also fully integrated with the second product to be unveiled, the Security Command Center, which pulls together all security products running on a desktop or network in one easily managed package.

Artzt said: "We developed the Security Command Center because of the demands of our customers."

Artzt claimed that the diverse and many products used by companies now means security has been thrown into "chaos", with information overload crippling IT managers best efforts to stay on top of security and monitoring.

"Our goals was to take third party solutions and manage them in an integrated way," he said.

The Security Command Center works with offerings from companies such as Check Point, IBM, Microsoft, Network Associates, Symantec and the full range of CA products and produces audit logs of all security events on the system, presenting them in a managed and transparent fashion.

David Rowley, chief technical architect at Fujitsu Services, who took part in the beta trial of Security Command Center, said: "Making sense of the information overload is more than one or two people can cope with within an organisation of our size. It is impossible to respond to logs in real time if you are looking at them with the naked eye. This will enhance our responsive."