June 5, 2007

NetIQ Drives Evolution of SIEM with Industry’s First Solution to Integrate User Monitoring and Change Auditing on Windows

NetIQ Security Manager 6.0 with Change Guardian for Windows Tackles Compliance Demands and Multiplying Threats to Corporate Data

Press Release


Today at the Gartner IT Security Summit, NetIQ announced the upcoming worldwide release of NetIQ® Security Manager (SM) 6.0 with Change Guardian™ for Windows. With this release, NetIQ is delivering the industry's first comprehensive security information and event management (SIEM) solution with robust user and access monitoring, real-time auditing of system changes and powerful threat detection for the Microsoft Windows platform.

Organizations face ongoing challenges to meet mandates, such as the Payment Card Industry Data Security Standard, as well as the threat of potential data breaches. Forrester Research estimates that breaches cost companies between $90 and $305 per lost record¹, a figure that increases as breaches go undetected. As organizations' security management requirements evolve and internal and external threats proliferate, SM 6.0 with Change Guardian for Windows provides the most complete solution to address their full spectrum of compliance and data protection requirements.

"As a leading healthcare organization, our mission depends on the trust of our patients and customers, but we're also driven by HIPAA, SOX, and similar mandates, all of which require strong protection of personal health and billing data. Monitoring and reporting on who is accessing that data is paramount to providing strong protection," said Mike Von Hoven, director of Information Security at Kindred Healthcare. "Change auditing and user access monitoring allow companies like ours to satisfy compliance mandates and investigate and resolve potential security incidents quickly, without the headaches of managing, integrating and orchestrating a multitude of third-party products."

Traditional SIEM approaches have limited visibility of user activity and changes on host platforms. Their visibility is further limited when administrators disable cumbersome native Windows object-level logging. With the threat vectors changing to avoid traditional perimeter and network protection, traditional SIEM solutions are blind where they are needed most—at the host platform.

NetIQ SM 6.0 with Change Guardian for Windows delivers integrated user monitoring and change auditing technology with full SIEM capabilities to overcome these challenges and fully protect the host platform where corporate data resides. By leveraging Microsoft's file system filter drivers for server monitoring capabilities not provided by other SIEM vendors, security teams get an easy-to-read audit trail, real-time alerting of dangerous activities and a much smaller performance footprint than native Windows auditing.

Along with integrated user access monitoring and change detection for files, directories, file shares, registry keys and system processes, SM 6.0 with Change Guardian for Windows includes NetIQ's new TRACE™ proprietary file-based log server technology that scales log management capabilities radically better than relational or object-level databases. TRACE includes:

  • Nonrepudiation of consolidated log data – provides integrity controls via digital signatures to protect against the tampering of log data.
  • High-speed enterprise log forensics – distributable, indexed log servers provide high-speed queries of large amounts of data to expedite incident response and investigation.
  • Multidimensional security analytics – the industry's only OLAP-based trend analysis and summary reporting provide security intelligence and streamline routine log reviews.

"Organizations can no longer predict where the next threat to their data will come from, nor can they feel confident that today's regulations and mandates will not evolve to require additional data safeguards," said Todd Tucker, director, Product Marketing, NetIQ. "SM 6.0 with Change Guardian for Windows delivers the user monitoring and change auditing to address data protection and compliance requirements as part of a fully-integrated SIEM solution. Combined, SM 6.0 with Change Guardian for Windows provides customers with an easier, cost-effective solution that eliminates the need for additional product integrations, which really marks a radical departure from current SIEM technologies and approaches to address these competing demands in a comprehensive fashion."

As a cross-platform solution, NetIQ Security Manager protects data in complex, distributed environments and helps meet compliance mandates at an enterprise level. With the addition of NetIQ Change Guardian for Windows, NetIQ Security Manager now delivers complementary user and access monitoring and change detection capabilities across Windows, Unix, Linux and iSeries platforms as well as security and network devices.

Pricing and Availability

NetIQ SM 6.0 with Change Guardian for Windows will be available worldwide in July, 2007. Platform pricing for SM 6.0 with Change Guardian for Windows is $800 per managed server.

About NetIQ

NetIQ, an Attachmate business, is a leading provider of comprehensive systems and security management solutions that help enterprises maximize IT service delivery and efficiency. With more than 12,000 customers worldwide, NetIQ solutions yield measurable business value and results that dynamic organizations demand. NetIQ's best-of-breed solutions help IT organizations deliver critical business services, mitigate operational risk, and document policy compliance. The company's portfolio of award-winning management solutions includes Systems Management, Security Management, Configuration Control and Change Administration.

Let's Talk

Welcome, Want to talk to someone? Call our Sales team or request a call and we'll get right back to you.

  • Sales: (888) 323-6768

For support information, please visit Technical Support.

Amy Sachrison
Media and Analyst Relations

Phone: (713) 418-5368
Email: amy.sachrison@netiq.com