With Sentinel 5, the security event manager gains new management and compliance capabilities.
is releasing a major upgrade to its Sentinel security event manager that will combine its already highly integrated security event management software with new abilities to automate and enforce event identification.
In addition, Sentinel 5 will automate the resolution process, providing a new workflow capability similar to that enterprises now use for other types of management processes. According to a spokesperson for the Vienna, Va., company, the new event management software will dramatically speed up operations while also reducing overhead on the servers supporting Sentinel.
In addition to streamlining the event management capabilities, e-Security has added improved reporting of events and metrics to allow enterprises to continually assess their security and compliance situations. Also, the company has introduced a new compliance monitoring capability that will help companies demonstrate compliance with a range of government regulations, including and (Health Insurance Portability and Accountability Act).
According to e-Security Chief Technology Officer Reed Harrison, the new version of Sentinel provides customers with a tool set that will help build the processes needed to get systems into compliance. Two Sentinel components, iTrac and Active Views, support compliance testing, he said.
"One of the key things that e-Security is bringing to the table are tools that have been available to the network management environment," Harrison said. He added that with those new tools, managers can be assured that the management capabilities they need are actually available. "They can almost create service-level agreements for security," Harrison said.
This also means that companies can plan ahead for incidents, having primed their organizations to respond appropriately, he said. "These are disciplines customers never had in place in the past," Harrison said. "They have tools that help desks have. Were going to leverage the tools that managers have already had."
Harrison said that a third component of Sentinel, iScale, allows customers to use the newly expanded product on large systems without a major performance penalty. "Weve built an infrastructure that doesnt rely on a back-end database," Harrison said, noting that for real-time queries, a relational database can be slow. He said that a relational database is still use for historical queries and research.
For insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzers Weblog.
"I think e-Security has done some good things," said Phebe Waterfield, a senior analyst with the Yankee Group. "Theyve rearchitected. Theyve done some performance things. They have optimized for real-time monitoring needs as well as for historical reporting needs."
Waterfield noted that the changes to Sentinels architecture were done to meet customer requirements. "They are on top if it," she said. "e-Security has done a better job [than its competitors]. Their customers are happier than ArcSights customers."
"Were going to leverage the tools that managers have already had," Harrison said, referring to the management capabilities provided by other more general management software. He noted that many of the functions are set up so that they work right out of the box.
Check out eWEEK.coms for the latest security news, reviews and analysis.