Novell Integrates Security Event Management

The software maker releases its maiden update for the security information and event management tools it acquired via its $72 million buyout of e-Security.

Novell has introduced its first update to the security event management products gained via its recent acquisition of e-Security, touting new compliance monitoring and reporting capabilities in the package.

In addition to expanding security event tracking functions, Novell said it has also integrated the technology with all of its software platforms, including its SUSE Linux Enterprise Server and identity management tools. The Waltham, Mass.-based server operating system provider purchased e-Security in mid-April for $72 million as part of an effort to augment its authentication and compliance automation portfolio.

Security event management technology is used by enterprises to help aggregate and analyze information drawn from intrusion detection systems. Recent growth of the applications sector has been driven by federal regulations such as the Sarbanes-Oxley Act and HIPAA (Health Insurance Portability and Accountability Act), which demand that companies in specific industries collect and retain large volumes of security-event data.

e-Securitys applications scan events across a companys network infrastructure, gathering data from identity and access management products and other technologies, including firewalls, routers, anti-virus tools and intrusion detection systems. Data pulled into the system can then be audited from a single console.

Company officials say the software maker has significantly advanced eSecuritys flagship event monitoring package, now dubbed Sentinel from Novell, integrating a number of data access and selection capabilities from its other products, in addition to tying the software to SUSE Enterprise Server.

By linking its identity management software to eSecuritys monitoring technology, customers will be able to get a "more normalized" view of user activity across their entire IT infrastructure, said Dave Capuano, director of product management at Novell. The event-scanning tools add to the value of asset management technologies, and will help companies better understand what is going on in their network infrastructure via the integration with authentication systems, he said.

According to Novell, roughly 50 percent of its security event monitoring customers are focused on threat detection, with the other 50 percent intent on upping regulatory compliance. However, Capuano said that it is compliance that is currently driving spending and growth of the space, as that is where the technology is finding an expanding audience.

"Compliance monitoring is definitely driving spending, but companies are finding that they can also use it for external monitoring, and [they] start doing more with the information they receive back from service providers," said Capuano. "We saw the trend start to shift as far back as three years ago as some early adopters started to understand how to use the technology internally, beyond looking at intrusion data in a more traditional manner."

Capuano said that Novell feels there are now only a handful of companies that can offer similar capabilities to users, including management software behemoth CA, but he believes that more enterprise players will soon look to add security event monitoring to their operations. In July 2005, business assurance software provider Micromuse acquired GuardedNet, another leader in the event management space, and was then purchased by IBM six months later.

Moving forward, Novell next hopes to build out Sentinels capabilities for automating security event reporting, adding more functions for directly notifying systems administrators when security policies are violated. In addition to helping to manage workers data access needs, such a system will also help identify attacks as they happen.

In addition to adding to the products monitoring tools, Novell also introduced a number of foreign language versions of the software to increase its international reach.


Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.