RealTime IT News

Symantec to Fortify its Compliance Software

Security vendor Symantec will unveil new policy and compliance software next month as part of its integration of the BindView assets, internetnews.com has learned.

The move comes after Symantec agreed to acquire BindView in October for $209 million in a bid to offer a more comprehensive security and policy compliance for customers.

The Cupertino, Calif., company has tucked BindView's assets into its portfolio and will unveil them as the Symantec Policy Manager and Symantec Compliance Manager in early February, said a source close to the company.

The source also said Symantec expects the integrated software will help customers apply user policies and assess compliance through one user interface.

Symantec refused to comment for this story.

Security analysts have been arguing that software that helps customers comply with federal regulations is a must. Compliance is usually mentioned as the leading driver in the multi-billion-dollar security software market. Symantec's next move is a logical next step, given its current product line-up.

For the last five years, Symantec has offered software called Enterprise Security Manager (ESM), courtesy of its purchase of Accent.

ESM's architecture was host-based, meaning it deployed agents, or software code that monitors, manages and reports on each machine's status on a network. The software then checks the system information against assessment templates for government regulations like Sarbanes-Oxley and Health Insurance Portability and Accountability (HIPAA).

Although these agents ensure that a computer has the latest patches and current user permissions, they also must be installed on every computer in the enterprise.

That can make agent-based software a bugbear for enterprises that are increasingly looking for infrastructure software that automates tasks on a network and saves IT managers time.

That's where BindView fits in.

The company makes agent-less security management products based on credentialed access, considered ideal for automating security and policy compliance management on computers throughout an enterprise, regardless of where the machines operate.

Symantec has said it will sell the BindView assets alongside ESM to give customers the choice of agent-based or agent-less security software, but analysts think the clock is ticking for architectures like ESM.

Gartner analyst John Pescatore said the move represents an architecture shift at a time when IT staffs are asking for software that manages itself so they can focus on other critical tasks.

Customers can either put an agent on the end-machine, monitor activity over the network, or procure software that gives users credentialed access.

Many customers are clamoring for the credentialed access, he said, noting that agent-based solutions like ESM are both expensive and time-consuming because the agent has to be installed on every single thing on the network.

"Servers that have the host-based security agent on them are usually the most cooperative servers," Pescatore said. "They're the least the likely to go wrong. Where the security problems come from are rogue servers that pop up on the network that are not in the right configuration."

"So, if you're only an agent-based solution, you'll never see them. You're only looking at what you're controlling. That definitely fills a hole and they had to have it. ESM had hit that wall."

Mike Rothman, founder of new security research firm Security Incite, said that Symantec has to figure out what to do with ESM now that is has a more modern policy management software in place.

"I think they put in place a migration path," Rothman said. "Their alternative is that people will go to a different platform. It's very difficult to give up the ghost and say: 'we need to you migrate to a different platform.' But they won't support it forever. The question is: does forever mean two years or three years?"

"ESM as an architecture is tired enough where that's probably the outside of what people want to do," he said. "But again the mentality of buying BindView was to get that functionality but with an up-to-date and strategic architecture."

Rothman also noted Symantec isn't the only company to make such a play, choosing to buy a company with market traction and a healthy install base to sink its teeth into the market. Altiris snapped up Pedestal Software. A few years ago, NetIQ nabbed PentaSafe Security Technologies.

Vendors such as IBM, CA, HP, Sun Microsystems, Oracle and other sellers of security software are finding ways to throw compliance into their infrastructure software mix. These larger vendors have been home-cooking much of their compliance software.

"If you look at any security product today, there is always some positioning relative to compliance," Rothman said. "Everybody's got ID management on one side, which can provide some measure of who's getting access to what. You've got your policy environments that are focused on network hygiene."

"You've got to protect content, so you've got database security. It's one of those things that really touches every piece of the puzzle. It's about saving that revenue stream and they can use it to get a compliance budget line item."

While the IBM's, HP's and Sun's of the world round out their portfolios, Symantec is acquiring to boost its position as the premier enterprise security software maker in the world.

Since buying Veritas in blockbuster deal last year, the company has made several acquisitions, including BindView and, most recently, IMLogic.