This article can also be found in the Premium Editorial Download "Information Security magazine: Security Readers' Choice Awards 2008."
Download it now to read this article plus other related content.
Security information and event management systems
CA Security Command Center
CA's combined Security Command Center and Audit appliance received the bronze medal, getting high marks for event correlation and containing a flexible policy definition.
Combined, the tools collect, aggregate analyze and then display security events across the enterprise.
CA Audit serves as the audit logs and security event collection and data repository. It uses agents installed on target systems for data collection. The software collects and filters event data and can automatically send an alert in the event of suspicious activity.
CA Audit also provides centralized and role-based policy management and alert management. The tool supports the Windows, Linux and UNIX platforms.
The data collected via CA Audit is then sent to the Security Command Center, which analyzes and monitors events to aid in threat response. The command center can correlate and uncover patterns to failed logon attempts and analyze database and mainframe data to expose patterns that could be suspicious. The results are displayed on a single, centralized console that can be customized based on a user's role.
NOTABLE CA's 17 percent market share in 2006 was tops in the SIMs space, according to Gartner.
This was first published in April 2008