Micromuse Gets Into Security Management

As a part of the initiative, Micromuse is creating a bundle of its existing NetCool tools that are customized for security management

Network management provider Micromuse Inc. on Monday will launch a new security management initiative that will leverage the scaleability of its NetCool event handler to centralize security management.

As a part of the initiative, Micromuse is creating a bundle of its existing NetCool tools that are customized for security management. It is also creating alliance partnerships with security vendors such as CheckPoint Software Technologies Inc. and Network Associates Inc. as well as with integrators that have security practices such as Verisign Inc. and Greenwich Technology Partners.

Micromuse hopes to extend the reach of its NetCool manager-of-managers software, used to consolidate a large number of network events, into the security management arena.

At the same time, a wide variety of different vendors tools populate the security space, and none of those tools communicate. "No one vendor provides all the pieces and there is no way to tie information together across those sources," said Frey.

Although Micromuse will have to prove itself in the security management arena, the timing of its initiative is good, said Jeff Oliveto, vice president of operations at managed security services firm Clean Communications in Fairfax, VA.

The new Netcool for Security Management bundle will include Netcool/OMNIbus and Netcool/Webtop applications; Netcool/Impact configured with off-the-shelf security policies; Netcool/Reporter with pre-configured security reports; Netcool FW-1, Cisco PIX and Cisco IDS Probes; and all Netcool probes will be configured to watch for security events. The bundle, which will be pre-configured to manage security events and run in a secure mode, will also support integration with Niksun NetDetector, Network Associates Sniffer, Johnson Controls Metasys and Asita Technologies security devices.

Micromuse will use Netcool/OMNIbus and Webtop for a single point of control.

"Were using Impact to do threat isolation -- a form of correlation--to ID, locate and recognize the source and scope of a potential attack. Well look to see what is under attack, what resources affected and who is affected," said Frey.

Netcool Reporter provides the ability to do reporting for historical analysis and automated actions based on the severity of the threat. The bundle can also automate a response such as shut down a port or eliminate access to an account thats been breached or initiate failover to backup systems.

The bundle will ship March 1, and a starter package with all of the necessary components will be priced less than $100,000.