NetIQ Goes 'Holistic' with New Security Management Suite

by Alex Woodie

NetIQ this quarter will begin shipping a new collection of security software it intends to be the focal point of its users' security strategy. The Silicon Valley company's new Security Management Suite, which is a collection of updates of security products it developed or acquired from PentaSafe a year and a half ago, as well as new capabilities it gleaned from new partners, will work with other security "point" solutions, while addressing compliance issues, such as HIPAA and Sarbanes-Oxley.

NetIQ makes the argument that companies are spending so much time administering point solutions, such as firewalls and antivirus software, that they are losing sight of the big picture, which results in a less secure computing environment. With the new Security Management Suite, the company is focusing on a "holistic" approach that watches for internal and external threats to a range of supported operating systems, databases, Web servers, and third-party point products while ensuring compliance with internal policies as well as government mandates.

NetIQ's new Security Management Suite has three components: NetIQ Security Manager, NetIQ Vulnerability Manager (formerly VigilEnt Security Manager), and NetIQ Patch Manager. Of these components, Patch Manager is the only new product, while NetIQ delivered new releases of Security Manager and Vulnerability Manager with this introduction of the Security Management Suite.

Key new security capabilities will be delivered with the new Version 5.0 release of NetIQ Security Manager, NetIQ's Windows-based intrusion detection software, which supports a variety of other platforms, including Linux, Unix, and Netware (and OS/400, through an agent, although NetIQ doesn't say this on its Web site). With Security Manager 5.0, NetIQ has made several improvements, such as integrating its log archival, analysis, and forensics functions and enhancing its threat correlation engine, which, the company says, makes this product the first of its kind to "close the loop" on all kinds of threats. The central Security Manager console costs $2,500, and each monitored server costs $1,100.

NetIQ has also shipped a new release of Vulnerability Manager, Version 5.0, which connects security policies and content with regulation and enforcement and provides a centralized console for the company's OS/400-only products, PS-Audit, PS-Secure, PS-Detect, and PS-PasswordManager. With this release, NetIQ has partnered with TruSecure to provide vulnerability content service as an embedded feature within the product. Pricing for NetIQ Vulnerability Manager 5.0 starts at $3,655.

NetIQ Patch Manager 4.2 is a rebranded version of new partner Shavlik's HFNetChkPro patch distribution and validation product for Microsoft Windows. Shavlik is reportedly considering extending this product's support beyond Windows. Pricing today starts at $2,000.

The new capabilities delivered with NetIQ's Security Management Suite gives the company a "first mover" advantage over its competitors in terms of unifying security and systems management products, it says. "Enabling an agile, closed-loop approach to managing security is a key pillar of our go-forward strategy," says Matt Dircks, vice president of security management products for NetIQ. "We have a unique opportunity to provide customers with the right solution for addressing their total security needs, while establishing a first-mover advantage for the next step toward security and systems management convergence."