This article can also be found in the Premium Editorial Download "Information Security magazine: Is your data safe from next-generation attackers?."
Download it now to read this article plus other related content.
Another noteworthy feature of many policy management products is that they integrate across the enterprise, pulling data from a variety of sources, including backup, antivirus, content filtering solutions, firewalls, operating systems and routers; these data feeds should reduce the amount of data the user has to sift through. Some automated tools also integrate vulnerability management, keeping systems up to date and addressing emerging threats and zero-day exploits.
The ability of policy management tools to automatically correlate large amounts of disparate data can also facilitate regulatory compliance and reporting since it allows users to pull compliance data for specific regulations. A major complaint among security professionals is the redundant requests for the same audit-related information from external auditors, internal auditors and government regulators. Instead of having to complete several different audits that address similar issues, these tools allow you to generate reports tailored for different groups.
Automated policy management tools can also monitor for violations and track policy exceptions. A key benefit is that all reports are consolidated into one management console, making them easier to track than with the manual approach. But they are not really active monitoring products--they won't act like a fire alarm. Symantec, however, plans to integrate BindView with technology that manages incidents; other tools are designed to integrate with
None of the products are plug-and-play--all take time to implement; some even require companies to convert their policies into a specific format. Implementation times vary depending on the product and the state of the organization's policies.
Along with implementation times, software cost is a key consideration with automated tools. For instance, the Elemental Security Platform 2.0 starts at about $35,000 with server agents costing around $600; workstation and laptop agents cost $60.
This was first published in June 2006