IBM Extends Risk Managers Reach

Pair of initiatives are the beginning of a new effort to embed more intelligence in its security software.

CHICAGO—IBM next week will announce two new initiatives designed to extend the companys reach in the security market.

On Tuesday the company will announce a new integration of its Tivoli Risk Manager 4.1 software with Check Point Software Technologies Ltd.s FireWall-1 and VPN-1 products, which will enable administrators to manage Check Point devices from the Risk Manager console.

Also next week, IBM will introduce new support for managed security service providers in Risk Manager 4.1. Both announcements are meant to make IBM more of a player in the burgeoning market for security event management software.

The tighter integration with Check Points products gives administrators the ability to perform virtually any management task on the devices directly from Risk Manager. For example, users will have the ability to kill active connections if they see a problem.

IBM executives said these two announcements are the beginning of a new effort to embed more intelligence in Risk Manager.

"We want to bring network and system-level events in so we can correlate them with security events," said James Galvin, security market manager for Tivoli Software, based in Austin, Texas. "Wed like to be able to correlate say a CERT advisory with a scan of a customers software inventory on the network to see which machines are vulnerable to that attack."

The new support for MSSPs includes a new Customer ID correlation element that enables service providers to separate security events by customer. Those events are then presented in a GUI, broken down by customer so administrators can get an overall picture of whats happening.