Symantec's Protection Center Enhances Data Collection, Security Response Capabilities

The next release of the Symantec Protection Center (SPC) management platform focuses heavily on facilitating enterprise responses to security threats through tighter integration of its portfolio of products, automated workflows and role-based prioritization of alerts.

SPC 2.0, announced at Symantec's Vision 2011 conference, adds security intelligence capabilities to the current platform, which emphasizes centralized management with features such as single sign-on. The new release collects data from all supported Symantec security products to provide local reporting, in combination with feeds from Symantec's Global Intelligence Network (GIN).

"The way people buy security products is to buy tactically," says Jon Oltsik, principal analyst at Enterprise Strategy Group. "They are all under different amortization schedules, so when the next one comes up, this is a way for Symantec to start pitching an integrated story."

The more comprehensive data collection enables cross-product product reporting on trends and threats in email security, malware and asset status based on information collected by client and server agents. SPC 2.0 introduces what Symantec calls basic event correlation to produce actionable information from the integrated product and GIN feeds.

SPC 2.0 provides role-based prioritization of reporting, so admins and managers can view action items based on urgency and relevance to their area of responsibility (for example,  desktops, compliance or email). It includes built-in workflow templates to make it easier for reports and alerts to kick off real-time response activities from the central console.Symantec integrated VeriSign authentication products into Protection Center in January, enabling enterprises to manage VeriSign Managed PKI, VeriSign Managed PKI for SSL and VeriSign Identity Protection (VIP) Authentication Service from a single console. Other integrated products include Symantec Endpoint Protection, Data Loss Prevention, Critical System Protection, Brightmail Gateway, Web gateway and Network Access Control.

"What they're suggesting is tighter integration, so they can start to collect event data and exercise centralized command and control," says Oltsik. "The industry is moving in that direction, and it makes sense to look at Symantec as a potential anchor security company, not just a tactical tools company."

SPC 2.0 will be free for Symantec customers. Symantec also announced the public beta for Endpoint Protection 12.0. Both products will be released later this year.

See more on this topic by subscribing to Network Computing Pro Reports 2011 Salary Survey: Networking and Data Center (subscription required).