CA Joins Security Event Fray

Computer Associates' security event management command center, which synthesizes security and other data, will make its debut at this week's CA World conference.

Looking to get a head start on some of its chief rivals in the emerging security event management market, Computer Associates International Inc. this week is expected to release its eTrust Security Command Center product.

At its CA World conference in Las Vegas, the company will also detail its On-Demand Computing strategy, backed by partners and enhanced Unicenter offerings.

20/20 vision

Features of CAs Security Command Center

  • Combines events and data from a variety of sources for analysis
  • Displays data in central portal console
  • Ties IT- and physical-security data together via eTrust 20/20
  • Includes logging and auditing tools
The security announcement is the culmination of a years worth of refinement and work on the major piece of the solution, eTrust 20/20.

CA introduced 20/20 at last years conference, emphasizing its ability to synthesize security data with data related to employees physical locations and job functions. The visual tool provides a detailed picture of physical and network environments and up-to-the-minute insight into activities for employees, applications, buildings or systems.

The software collects real-time feeds from numerous sources, aggregates the data and produces a graphical depiction.

Despite the advancements, analysts remain skeptical of the true value of SEM (security event management).

"Theres a subset who will find this interesting and useful. Its always hard to marry the physical and the virtual," said Pete Lindstrom, an analyst at Spire Security LLC, in Malvern, Pa. "Theres still lots of skepticism about whether these systems can support millions of events."

In addition to eTrust 20/20, CAs Security Command Center pulls together data from its Identity Management, Threat Management and Access Management lines to consolidate security event data in a single repository. The console itself uses the companys CleverPath portal technology.

CA officials declined to discuss the specifics of the announcements.

A number of smaller vendors offer more mature SEM products, including ArcSight Inc. and e-Security Inc. IBM has also pulled together an SEM offering that includes Tivoli Intrusion Manager and Tivoli Risk Manager. But CA is the first of the large security vendors to roll out a purpose-built SEM product.

The Islandia, N.Y., company, however, wont be alone for long. Symantec Corp., as part of its move into the enterprise market, is working on Symantec Security Management System, which will comprise numerous tools, according to officials. Symantec has yet to introduce the piece that will tie all the disparate parts into a cohesive system.

In addition to the security wares, CA will draw on a new partnership with VMware Inc. to provide management of virtualized environments through the new Unicenter-NSM Option for VMware 1.0.

Once VMware abstracts resources, the Unicenter tool tracks how physical infrastructure elements are mapped against the virtualized infrastructure and manages various applications running on virtualized servers or server blades.