Vendors tighten security offerings

Security vendors in the government market are increasingly seeing a new

type of customer: agency managers who know they need something but don't

know exactly what. Spurred to action by presidential directives and hacker

threats, many agencies are eager to beef up their security but are short

on the skills to do it.

Like several other security vendors, Internet Security Systems Inc.

(ISS) is reshaping its business to offer help through consulting services

and by bundling its products into an integrated suite that simplifies security

management.

"The new mainstream customers need to be served in a different way than

the traditional market," said Tim McCor- mick, vice president of corporate

marketing at ISS.

As agencies begin to offer their services via the Internet, they want

security to be another piece of the support system. "These are the people

who see security as an enabler," said Steve Russ, vice president of strategy

and corporate development at ISS.

ISS is putting together new offerings for these customers. The consulting

services, first offered last year after ISS acquired Netrex Secure Solutions,

now include a series of managed security services and education offerings

based on best practices such as British Standard 7799.

Also, ISS' federal group is creating its own professional services group

during the next few months, and that group will offer product deployment

services and education solutions.

The General Accounting Office has emphasized the need for agencies to

base security on the level of risk for each system or application, and a

key part of that is vulnerability analysis tools such as ISS' Internet,

system and database scanner.

Last year, the company tied together several of its products into the

ISS SafeSuite managed security platform. The benefit of integrating the

vulnerability assessment and intrusion-detection tools is that when a new

vulnerability is found, it is immediately fed to the detection sensors.

Likewise, when the sensors notice a new attack, the system passes information

back to the analysis engine.

Other new products include solutions that will extend the technology and

make it simpler for less-experienced administrators, McCormick said. Among

these are the new RealSecure Server Sensor family, which enables agencies

to monitor the traffic going through the server in addition to the traffic

on the network, and the RealSecure Network Appliance, which provides a way

to simply plug intrusion detection into a network.

***

Sample of Internet Security Systems' consulting services

Assess

* British Standard 7799 risk assessment.

* Vulnerability assessment.

* Penetration assessment.

* Threat assessment.

Design

* Security strategy workshop.

* Information security architecture and policies.

* Risk management processes.

Deploy

* Security deployment workshop.

* Product deployment services.

Manage and Support

* Emergency response services.

* Vulnerability and threat management.

* Configuration management.

* Policy management.