The Web    Google
Intellitactics Upgrades Security Manager Tool

Intellitactics Upgrades Security Manager Tool
October 24, 2002

Intellitactics, Inc. on Wednesday announced a new version of its Network Security Manager (NSM) security event management tool that makes it easier for users to identify and respond to problems in real-time as well as find insidious patterns and trends over time.

NSM 4.0 now translates security events and recommended actions into plain English, so even an administrator with no specific security training can understand them, says Paul Sop, Intellitactics' CTO. Rather than display an endless stream of cryptic messages, he says NSM 4.0 "might display a message that says, 'We've seen a host in the marketing group that has now touched five different Walmart business locations.'" In addition, the message will note when the problem started, whether it is still going on, and when it stops. The latter is especially important, so that users know whether their corrective measures actually worked, he notes.

Also new in version 4.0 is a set of pre-packaged correlation rules. "We've gone out to our customer base, over 50 customers, selected the most powerful correlation rules that they've developed and put them in 4.0," Sop says. The rules selected are not highly configuration-dependent, he notes, so they should work out of the box. They can also be customized.

Intellitactics is also now formally launching its Advanced Analytics module, previously available only to a handful of customers. The module is intended to analyze huge quantities of data from security devices and other sources, enabling users to identify trends that span long periods of time.

"It can deal with a huge amount of data very quickly," Sop says. "It takes 2 to 3 seconds to boil down a couple million events to a couple hundred." The module also includes advanced visualization techniques that help users spot trends, he says.

NSM 4.0 costs $75,000 for the central server and $17,000 for an event consolidator, each of which can support more than 6 billion events per day, Sop says. Remote Console software costs $2,500 each.

  • 'Critical' Office 2003 Patch Released
  • 5/3: Kelvir-AM Worm Spreads Via IM
  • 11/11: Masteq-H Trojan Runs Silently
  • In the Year 2005, Will Your Anti-Spam Arsenal Be the Same?
  • Symantec Offers Enhanced Portal for Enterprises
  • Disaster Recovery Still Just an IT Responsibility
  • 1/12: Mugly-D Worm Drops IRC Backdoor
  • 1/7: Sdbot-TB Worm Lets Hackers In Via IRC
  • 4/26: Mytob-BO Worm Spreads Flaw
  • Protecting Data While Protecting Your Job
  • 3/31: MyDoom-AI Worm Uses Email
  • Computer security background information