McAfee Orchestrates Security Management -- As Competitors Close In

Spammers, phishers, and malicious hackers may make the life more exciting for security pros in charge of protecting their companies' systems and data, but the greatest risk these companies face is still the complexity of the technology they buy to help defend themselves. All of the information in the world won't help a company if they can't make sense of it. The latest security management tools announced this week indicate that security vendors are starting to address this, but slowly.

McAfee Monday launched the latest version of its ePolicy Orchestra centralized policy enforcement and reporting tool. Version 4.0 promises to improve the product through Web-based controls, configurable reports that can be scheduled and e-mailed, and changes to its network and system security reporting features.

"It's a Web-based console rather than a Windows-based security app on the client," George Kurtz, senior VP for McAfee enterprise business, told InformationWeek. "The Web-based framework lays the plumbing to integrate new technologies that McAfee buys."

Version 4.0 of ePolicy Orchestrator is, as of Monday, available as a beta to the general public. McAfee claims that more than 30,000 customers and nearly 54 million PCs and servers are already under the management of its ePolicy Orchestrator product, which is part of the company's McAfee Total Protection management suite.

With ePolicy Orchestrator, McAfee can manage and report on its own antivirus software as well as antivirus software from competitor Symantec, an important feature as security implementations become more complex and must pull together a diversity of information. Symantec itself is this week taking the wraps off of Project Hamlet, the company's newest AV offering, which includes technologies from acquired companies Sygate Technologies and Whole Security.

These moves by the security market's predominant pure-play security technology providers come as a number of IT industry giants move in on their turf. Microsoft last week introduced a product code-named Stirling to its Forefront brand that promises to provide a single management console to pull together and make sense of all the security data being generated about clients, servers, and networks. Stirling won't be generally available until the first half of 2009, and it won't be able to manage non-Microsoft security products.

IBM and EMC are likewise making big waves in the security market through recent acquisitions. IBM last week said it's planning to buy Watchfire Corp. in a move to help its Rational Software customers write more secure Web applications. This follows acquisitions over the last 18 months include enterprise security information management vendor Micromuse, intrusion detection and prevention provider Internet Security Systems (ISS), and Consul Risk Management, a maker of security and compliance products. EMC last week said it bought user-authentication technology vendor Verid.

The ongoing consolidation in the security market could greatly benefit security pros, especially if the large players snatching up all of this useful security technology use their vast resources to find ways for their products to communicate with those of their competitors.