Tivoli Systems, the network management software arm of IBM, Monday made available the latest version of its threat management software that the company says now collects data from security devices from the likes of Network Associates, NFR Security and Secure Computing.
Tivoli Risk Manager lets users pull security information from security products across a network to monitor the data from one location. Risk Manager now supports Network Associates' McAfee Active Virus Defense (AVD) product suite, NFR Network Intrusion Detection systems and Secure Computing's Sidewinder firewall and VPN gateway.
"Risk Manager addresses the customer pain of really understanding all the security events happening across all environments," says Leo Cole, director of security market management at Tivoli. Cole says Risk Manager, with its server-and-agent software design, monitors security devices in real-time and saves the data so users can study the collected data for historical patterns or trends. Risk Manager also provides "proactive" vulnerability tests, scanning a network for potential security holes, Cole says.
The product gives users a single view of all security events and alerts coming from disparate sources on a network, including servers, firewalls, VPNs and routers. The software correlates the alerts and can determine if numerous events are being generated from one source of attack, the company says. Tivoli Risk Manager protects against internal and external attacks, letting users track patterns over time to determine if a hacker is slowly trying to penetrate the network.
The software already supports security and e-business products from: The Apache Software Foundation, Argus Systems Group Inc., Check Point Software Technologies Ltd., Cisco Systems Inc., ClickNet Security Technologies Inc., Gilian Technologies Inc., iPlanet E-Commerce Solutions, Internet Security Systems Inc., Lockstep Systems Inc., Microsoft Corp., Red Hat Inc., Sun Microsystems Inc., Symantec Corp. and Zone Labs Inc., among others.
Tivoli Risk Manager competes with products from start-up eSecurityOnline LLC and offerings from NetForensics. James Galvin, product manager for Tivoli Risk Manager, says the advantage Tivoli offers is its network and systems management history with products such as Tivoli Distributed Monitoring and Tivoli Enterprise Console, designed to collect network events via software agents and correlate the data.
"It's a hybrid approach in which security management products can communicate with network management to see how security events affect the network, and vice versa," Galvin says.
For current Risk Manager users, Tivoli has made the updated software available by download via its Web site.