NetIQ Debuts Integrated Security Management Suite

NetIQ on Tuesday introduced its first integrated enterprise security management suite, a departure for the San Jose, Calif.-based company better known for its single-purpose products such as WebMarshal and AppAnalyzer.

Security Management Suite, which will start shipping in the next 30 days, is a combination of already-released and upcoming security solutions, said Jim McGrath, NetIQ's senior director of product management.

Composed of NetIQ Security Manager 5.0, NetIQ Vulnerability Manager 5.0, and NetIQ Vulnerability Manager, the suite takes an integrated, top-to-bottom approach that should be especially attractive to SMBs, said McGrath.

"When you have dedicated security personnel, a point-product approach makes sense, but for the small- and medium-level customers, with a single administrator who doesn't have that same kind of specialization, the suite addresses the problem by putting a wrapper around the components," he said.

NetIQ is touting the suite as a "closed loop" solution, meaning that all aspects of security are under one roof."It starts with real-time vulnerability information delivered daily or on-demand," he said, "then does a vulnerability scan across the entire infrastructure, notes if servers or machines have been exploited by that vulnerability, takes action to isolate that machine, and from there rolls out a patch and verifies it through an additional scan."

NetIQ Security Manager 5.0, the one piece available now, sells separately at prices of $2,500 for the management console and $1,000 per server. It centralizes events from multiple point products and correlates the information to identify threats, particularly blended threats that use multiple attack vectors, then integrates real-time incident response with reporting on long-term security trends that the network has faced.

New features in the latest edition include support for both host- and network-based intrusion detection systems, out-of-the-box threat rules and signatures, and the ability to detect and stop security breaches, said McGrath.

NetIQ Vulnerability Manager 5.0 provides customers with vulnerability assessments -- garnered from NetIQ's new partner, TruSecure -- scans connected systems for vulnerabilities and those systems which have already been exploited by hackers, and can be automated to take steps to stop incoming threats or correct infected systems. It will ship in June at a price of $3,655.

The third component of the suite, NetIQ Patch Manager, is actually a rebranded version of Shavlik Technologies' HFNetChkPro patch management product. Priced starting at $2,000 and like Vulnerability Manager scheduled to ship in June, Patch Manager currently scans only Windows systems and applications to detect and deploy necessary patches. But as the Roseville, Mn.-based Shavlik extends its reach into non-Windows operating systems, the option will be made available to NetIQ customers, said McGrath.Among the other features of the new NetIQ suite are compliance scanning for regulations such as Sarbanes-Oxley and HIPPA (Health Insurance Portability and Accountability Act of 1996), coordinated reporting and logging, and correlated alerts that can be designed to warn IT staff of specific security events or combinations of events.

The suite's components support all major operating systems -- including Windows, Linux, Unix, NetWare, and others -- said McGrath, as well as major anti-virus software, routers, Web servers, and databases.

A price for the bundle suite has not yet been set, said McGrath.

Unlike other security firms that have seen an uptick in sales as vulnerabilities and threats overwhelm businesses, NetIQ's most recent quarterly statement showed a 16.5 percent drop in revenues over the same quarter in 2003.

McGrath thinks that products from his group can help turn that around. "We've seen a lot of traction in the security product group," claimed McGrath.As expected, he's especially bullish on the suite.

"Customers want a sophisticated solution from a single vendor," he said.