Security vendor Symantec
is looking beyond its agent-based compliance management capabilities with the $209 million purchase of BindView Development Corp.
The deal, still subject to regulatory and BindView shareholder approvals, gives the Cupertino, Calif., security company the ability to offer a more comprehensive security and policy compliance offering for customers, according to officials.
“Not only will we be able to meet customers’ IT security and policy compliance needs with a complete range of product capabilities, but we will also be able to help reduce the cost and complexity associated with compliance,” Ajei Gopal, a Symantec senior vice president, said in a statement Monday.
An agent is software code that monitors, manages and reports on an individual system’s status — whether it has the latest patches, has the correct user permissions and the like — but requires more administration from an IT staff.
Agent-less security management solutions, on the other hand, don’t require software to be installed on each machine and are considered ideal for automating security and policy compliance management in decentralized IT environments such as desktop machines on the network, according to Symantec officials.
Symantec sells an Enterprise Security Manager that uses an agent to check whether individual systems are complying with company security policies. The security manager then checks the system information against assessment templates, according to Symantec, for government regulations like Sarbanes-Oxley, Health Insurance Portability and Accountability (HIPAA) and the Revised International Capital Framework (BASEL II).
BindView does the same through its product line: Policy Operations Center, Compliance Center, Decision Support Center, bv-Control and bv-Admin.
Together, the assets will be able to offer its customers either agent-based or agent-less offerings to define, control and sustain IT compliance requirements, the companies said.
Symantec has been beefing up its security compliance line in recent times. In August, the company announced it was acquiring Sygate Technologies, which develops software that ensures all devices connected to the network have the latest security patches, updates and configurations.
The deal is expected to close in the first quarter of 2006.