At its Vision360 security conference held at the beginning of October in New York City – which is now the world’s most auspicious locale for anything to do with security – Symantec Corp. unveiled its strategy to provide the corporate enterprise with a comprehensive, proactive approach to create and
manage effective security environments.
Quite a claim by anybody’s standards and so easily stated but difficult to achieve. And there’s more.
Symantec says this strategy will lower costs, reduce vulnerabilities and simplify the complexities associated with traditional approaches to security. The company intends that this next wave of enterprise security solutions will provide central security management, integrated protection functionality and global early warning of possible attacks. Sounds a bit like Ronnie Reagan’s Star Wars Initiative and we all know where that got to.
But grandiose statements not withstanding, the company remains committed to delivering its solutions through the channel.
Central to the Symantec enterprise security strategy is its Enterprise Security Architecture, a framework based on open-standards. Symantec says it will continue to depend on third-party solutions providers to give customers what is advertised as secure, manageable and scalable enterprise security.
Symantec says its system integration partners are “”an essential element”” of the enterprise security strategy to provide early warning, integrated protection and expert response tied together with comprehensive management.
By leveraging the open-standards based architecture, integration partners are empowered to deliver the comprehensive benefits of the Symantec Security Management System to their customers.
Managing enterprise security has never been easy and the fact is that over the years most enterprises have accumulated a combination of disparate products from different vendors lacking integration and interoperability.
The result is a mish-mash of devices, increased operational costs, and reliance on isolated security data. All these bells and whistles are being set off by the slightest glitch and each of those messages is termed a security event, and, according to Symantec, millions occur each month in organizations of even moderate size. An event may be anything from a malformed or over-lengthy network packet, potentially indicating a buffer-overflow attack, to a failed login on a computer that may be critical or relatively insignificant. Taken individually, it is difficult to determine if a given event indicates trouble or not. The plan is get a grip on all these devices and be able to quickly sort out the minor from the potentially catastrophic.
“”We’ve always been 100 per cent channel focused,”” says Michael Murphy, general manager of Symantec’s Canadian operations. “”And most VARs now, they want to deal with fewer vendors and suppliers.””
At the same time Symantec announced its Security Management System, a set of applications to deliver control of the security infrastructure and correlated information to corporate decision-makers. Symantec is working with third party vendors to create collectors through a partner program, to be formally announced in the first quarter of 2003. Early adopters to this program currently include TippingPoint, which develops active network-defense systems, and Entercept, which develops intrusion prevention software. TippingPoint and Entercept are scheduled to make event collectors for their products available in December 2002.
Big name channel partners such as Deloitte & Touche, Ernst & Young and PricewaterhouseCoopers were also at the Vision360 event, showcasing their security services.
To top it all off, Symantec also announced it has developed a comprehensive integration program comprised of software development kits, developer services and streamlined joint go-to-market processes, allowing independent software vendors, hardware manufacturers and system integrators to integrate with the Symantec Security Management System.