Check Point Software, the firewall company, has launched a security management infrastructure called SmartCenter at its user event in Dublin, Ireland.
SmartCenter provides a dashboard with policy management for security, virtual private networks (VPNs) and quality of service (QoS). The Pro version also handles automatic software updates, and links policies to directories based on LDAP and Active Directory.
Another module due in summer, SmartDefense, will manage intrusion detection systems.
"Security has to be everywhere," said Gil Schwed, Check Point's chief executive. "Tivoli and Computer Associates (CA) have the concept of security management but in the real world security management does not exist."
Although management systems management companies all offer to manage security -- recent launches include products from MicroMuse and Smarts -- what they do is not real security management, according to Schwed: "They import alerts from security systems, but that is something easy. Drawing diagrams, setting up VPNs, fixing links that are problematic, and administering policies -- that is management."
Each security product needs a different management product, he warned, and management products must also handle earlier versions of security products, that are still in use at user sites.
"SmartCenter seems to have the same approach to management as (Check Point's security product integration scheme) Opsec," said analyst Aaron Goldberg of Ziff Davis Market Experts. "It is a framework that lets users choose point products."
The company has also moved its VPN 1 virtual private network product onto a new licence scheme, charged per VPN tunnel rather than per user. Since many user sessions can be multiplexed onto one VPN tunnel, this will work out cheaper for large organisations. More importantly, the billing model will be easier to compare against other networking infrastructure such as frame relay links.
"This will be a frame relay killer," said Steve Barnett, head of Check Point for Northern Europe. "We can offer five VPN tunnels for £995 -- the same price as five frame relay permanent virtual circuits (PVCs) but without the packet charges."
"This moves the crossover between building your own hub-and-spoke frame relay design and outsourcing through an Internet gateway, so that frame relay makes no sense any more."
Users at the event included Standard and Poors, which has a frame relay infrastructure but has begun to replace it with VPN 1.
Have your say instantly, and see what others have said. Go to the ZDNet news forum.
Let the editors know what you think in the Mailroom.