The new information integrity idea appears to be a framework for figuring out what data availability and security issues a customer has, then recommending processes and products (both Symantec and third-party) to bring them under control.
What they expect from Symantec is a vision, process and set of methodologies that allow them to look at their environment in a different way, said Enrique, Salem, senior vice president of gateway solutions at the company.
Salem said that the information integrity initiation takes into account a combination of information availability and information security and will effect everything Symantec does from its products to its services.
The three pieces are: understand, working out what you have in terms of users/devices/applications, act, securing them and making them accessible, and control, keeping tabs on this newly secured infrastructure as it evolves.
While that could be made to sound fairly highbrow, at first glance it appears to boil down to a thought tool describing a fairly normal consulting process – figure out what you got, fix it, keep it fixed.
In the past, Salem said, customers would call Symantec and say: We have a spam problem, or We’re worried about hackers, and Symantec would roll into and try to fix it. It was a point solution kind of engagement, he said.
A software tool called Inform, which profiles customer’s environments, will help Symantec’s people stick to Information Integrity. In future, Symantec will develop integration points in its products that adhere to the framework.
Symantec has signed on product and services partners including HP, Network Appliance, EMEA Partners, EDS, Siemens, Ultima, Atos Origin, Computa Centre, BMC, E&Y, and PWC, but the extent of each partner’s involvement was not clear yesterday.
The move appears to be a way for Symantec to increase the importance of consulting services to its business, and to provide a neat framework where it can slot in products to ease upsell opportunities.
Symantec’s own services business currently brings in about 2% of quarterly revenue. The company has made a number of recent acquisitions in the security consulting space.
On the product side, the company will also today announce two new products that are very peripherally related to Information Integrity, in the respect that they have an emphasis on management features.
The company is updating is Enterprise Security Manager to version 6.1, and releasing a new security gateway that is designed to integrate more easily into existing Symantec enterprise security management systems.
The new 400 Series gateway appliance is targeted at the remote-office/branch-office market, said George Sluz, group product manager at the company, and sits between its relatively high-end 5400 and small office 300 Series.
We’ve ratcheted up the performance quite significantly, we have higher speed processors and higher speed encryption engines, supporting up to 200 users, Sluz said. The three models are expected to cost between $424 and $929.
What primarily sets them apart from the 300 Series devices is that they conform to the Symantec Enterprise Security Architecture framework and can interoperate with the Security Management System, allowing centralized administration.
The appliances contain stateful inspection firewall, IPSec VPN, content filtering, antivirus and some intrusion detection/prevention features. The 400 Series also has an optional wireless access point with built-in VPN.
