NetIQ`s latest security configuration management technology advances compliance, IT process automation

On 7 November, at the Computer Security Institute`s annual conference, NetIQ announced the latest iteration of NetIQ Secure Configuration Manager (SCM).

With the release of SCM 5.7, NetIQ continues to ease the compliance burden that IT organisations face when addressing immediate reporting and auditing requirements of multiple mandates.

Additionally, SCM anchors and supports the implementation of security processes required for automated, cost-effective enterprise compliance over the long-term.

Most organisations are faced with addressing numerous requirements, such as Federal Desktop Core Configuration (FDCC), Payment Card Industry Data Security Standard (PCI DSS) as well as others that call for appropriate configuration standards and mitigation of security vulnerabilities.

Moreover, these organisations are realising the benefits of leveraging security best practices from the outset to craft a strategy that yields both immediate system integrity and a flexible framework to support the ever-changing demands of regulatory compliance.

Featuring security best practices content and system configuration base-lining recommended by CIS, NIST and other leading sources, NetIQ`s SCM serves as a foundation for organisations challenged by multiple existing compliance mandates. A key component of SCM is its ability to protect against system configuration drift. By detecting and reporting on unscheduled or unsanctioned changes, variances from normal operations can be closely managed, serving to identify and reduce system exposures.

This latest iteration of NetIQ`s configuration management technology delivers enhanced audit automation, including access control assessment through more flexible Active Directory reporting. Additionally, it supports entitlement reporting on industry-leading NAS devices for better protection of critical enterprise data stores.

It also includes self-auditing and logging capabilities for accurate compliance reporting and more complete separation of duties in order to conform to established security best-practices. Richer workflow enablement for exceptions handling also provides the capability to create more structured security processes.

As the management of security and IT operations continues to converge, the need for tools to bridge these IT silos from a process perspective is growing. In response to this ongoing evolution, the functionality of SCM now integrates with other infrastructure management technologies via Web services. This means customers can now fully leverage the powerful security and configuration management capabilities of SCM 5.7 from other applications, such as helpdesk automation systems, in order to enhance management, security and IT process automation.

"Increasingly, we see organisations looking to utilise their security infrastructure to do more than just attain short-term compliance goals," said Geoff Webb, manager of Product Marketing at NetIQ.

"SCM 5.7 absolutely meets this need. Its improved functionality continues NetIQ`s commitment to delivering a broad, functionally-rich foundation on which to meet both short and long-term compliance and objectives, predicated on security best practices, reduced administration overhead and greater automation for routine IT audits."

Pricing and availability: NetIQ Secure Configuration Manager 5.7 is offered under controlled availability, with general availability slated for late November 2007. Pricing starts at $1 100 per server. For more information, visit www.netiq.com or call NetIQ at (888) 323-6768.