eTrust Portal-based Security Management

eTrust Security Command Center is a security management solution that reduces, aggregates, correlates and prioritizes disparate security data to help you effectively manage “security information overload.” It allows you to monitor your security environment and manage your current security status, based on the user’s requirements, from a centralized location in real time — so you can make decisions, take action and provide appropriate reports in a timely manner.

By collecting and integrating key security and system data from disparate technologies, as well as integrating with enterprise management systems, eTrust Security Command Center provides the tools and capabilities for implementing or enhancing a security operations center. Complete role-based situational and operational access provides a real-time view into a network’s security status, enabling a proactive approach to security through automated alerts and detailed reports.

eTrust Security Command Center integrates diverse security solutions into a single security management platform with an enterprise-wide resource catalog. It brings the entire security theater to a single, web-based portal, allowing you to see only what you need to see, when you need to see it — improving incident response times and reducing exposure to new, emerging threats. Security professionals can leverage existing security infrastructures and extract the most relevant, actionable information possible from their existing data sources. With the open, standardized approach of eTrust Security Command Center, you can now experience real-time operational and situational security awareness and can tie your policies, actions and knowledge into existing business processes. In addition, you can identify critical events and take appropriate action, as well as analyze and enhance your existing security posture.

Implementing a True Security Management Solution

Security management is a term that is widely used and can have many interpretations. Some of the other common descriptions include security information management and security event management. While many use the same labels in describing the key requirements of such a solution (see below), it is important to explore the depth of each of the requirements in detail to gain a thorough understanding of their features and characteristics.

Implementing a true security management solution like eTrust Security Command Center will enable IT departments to:

• Reduce the cost and complexity of event management by automatically addressing many security events with little or no administrator intervention.

• Gain full command and control of their entire enterprise security environment with a centralized, web-/role-based portal.

• Improve overall security posture by reducing exposures to serious incidents.

Distinctive Functionalities

eTrust Security Command Center is a true security management solution that provides the following capabilities and benefits:

Real-Time Operational and Situational Awareness. eTrust Security Command Center allows you to employ role-based views, providing business-focused prioritization of your security posture. In addition, you can immediately drill down to determine type, source and location of threats.

Reduction in “Signal-to-Noise Ratio.” Eliminate clutter by enabling administrators to easily identify which critical events they should keep and process. Likewise, administrators can pinpoint those events that are of little or no use — which they can direct to lower priority collectors or alternatively discard.

Open and Extensible Design. eTrust Security Command Center supports rapidly evolving technologies through its open and extensible design. In addition, it accepts event data submitted by many systems, applications and appliances through its integration kits.

Security State Models. eTrust Security Command Center allows you to build security state models, enabling you to respond to events based on the severity of the security condition in effect.

Real-Time Alert Management. eTrust Security Command Center filters and logs critical events and sends them to a security monitor, allowing security personnel to be notified of crucial events in real time. Responses can be automated via emails, pagers, screen pop-ups and more.

Predefined Correlation Rules and Policies. eTrust Security Command Center identifies sets of events to monitor and correlate, along with the actions that need to be performed using both out-of-the-box and custom-tailored rules.

Central Audit Log Data Repository. Using the capabilities of eTrust Audit, you can collect audit log data from a variety of sources and store it in a central repository, which is built around a relational database for easy access. This allows viewing and reporting for historical and forensic analysis and preserving evidentiary value.

Powerful Reporting Capability. Detailed reporting for trend analysis, as well as for management and regulatory compliance initiatives, bundled with numerous reporting and graph functions. Reports can be generated in multiple formats, including HTML/XML for easy web viewing and dissemination.

Timely and Accurate Response to Events. eTrust Security Command Center helps ensure seamless management of event responses through integration with existing trouble-ticketing systems.

Web-Based Interface Based on Portal Technology. eTrust Security Command Center combines all web-based resources in the same workspaces and creates user defined, role-based views — helping to ensure secure access anywhere and at anytime.

Integrated with Multiple Technologies eTrust Security Command Center allows you to reduce, aggregate, correlate and prioritize data from both CA and non-CA security technologies