In-Depth

CA Updates Security Products for Enterprises Big and Small

Antivirus/antispyware package get upgrades while small and mid-size businesses get backup and migration tools

Last week CA announced new releases of two endpoint products in their eTrust security family. Although aimed at difference audiences, both Threat Manager and Protection Suites may find roles in enterprises and institutions but in obviously different locations.

Threat Manager r8.1 ($60 MSRP) weds CA’s updated antivirus with updated antispyware. The heritage dates back to Cheyenne for antivirus and Pest Patrol for antispyware. The shotgun at the ceremony is the current malware evolution: head-on viral attacks through vectors such as e-mail are down, but blended threats through the Web are increasing. Coupled with compliance needs such as HIPAA and PCI, the antivirus/antispyware union is almost mandatory for corporate endpoints.

In the marriage, the user-facing side gets get a united interface over both products. IT operations gets an integrated Web-based management console that makes scanning, monitoring, and updating individual systems, groups of systems, or all systems easier. IT can actually give the end user the silent treatment by locking down the package and disabling the GUI.

In day-to-day operations, Threat Manager squawks to its centralized console when new threats are detected in their environment. CA provides 75 reports, including a “Top 10” virus/spyware hit list, for the operations and security teams to anticipate, locate, and remediate problems. The combination also works well with another CA combo, the recently announced fireware/IDS Host-Based Intrusion Prevention System (HIPS) product, and reports to CA Security Information Manager or other SIM/SEM products.

IT management also gets a couple of benefits. The product line joins more members of the family: Windows Vista, Unix a la Linux and Sun Solaris, and Macintosh Intel OS X systems. Although the later two categories (Unix and Mac) currently may draw smirks from the crowd, the Intel Mac is included for competitive completeness—and the recent iPod exploit via Linux may signal that the malware community is contemplating more vectoring through legitimate Linux services

Management also gets a product that fits into Unicenter and other corporate deployment packages. In addition, Management and operations get a product that understands both the Cisco-lead Network Admission Control (the other NAC) and Microsoft-lead Network Access Protection (NAP).

Protecting Smaller Enterprises

While Threat Manager is aimed at large corporations, Protection Suites r3.0 hits the small and medium business market. The suite also shows the strong genes from CA’s acquisition background. Depending on which of the five specific packages you choose, the suites join the same antivirus and antispyware tools in Threat Manager plus antispam from its Tiny Software gene, backup software of its Cheyenne heritage, and desktop migration software from its Miramar history.

Depending on the software bundle, the packages run from MSRP $329 to $1099 for a server plus five-user licenses. The delivery mechanism, direct or through resellers/system integrators, acknowledges most sub-100-seat companies rarely have a full-time IT employee, and opens the door to local support. Some forms of the package may be attractive to large enterprises for deployment at select field or remote offices that are better served by a locally-administrated package than the usual corporate-managed solution.

When I think of the centerpiece of attention, antivirus and antispyware, CA isn’t at the top of my list. Regardless of CA’s claims and protestations, neither the antivirus nor antispyware is the best of the breed.

Robin Bloor, a partner in the analyst firm of Hurwitz and Associates, Robin offered a similar view. “CA is a player—but isn’t a major player—in the antivirus field, but enterprises have different security needs than the typical [SMB/home] antivirus user: security issues from patch management to intrusion detection. Enterprises tend to look for portfolios of products that are easy to manage. Plus, for antivirus and antispyware, it is not as if somebody had some stunningly better technology than others.

“So it actually comes down to the effort needed to manage everything. In that area, CA has been building a large portfolio and it looks reasonably strong to me.”

I agree with that view. Both products are strong enough and have the needed “backroom support” to cope and deploy rapid updates to emerging threats. Both products have enough performance that users won’t want to disable the products, so the protection stays in force. That makes the product good enough for large-scale corporate deployment.

If your corporation already uses Threat Manager and you are satisfied with CA’s maintenance pricing (meaning the update is provided at no charge), rolling out the new edition, after the usual testing and trial, provides sufficient benefits to justify the effort.

Corporations shopping the market for a different antivirus/antispyware solution should give CA a seat at the bidder’s table. However, fill the remaining seats with vendors such as Symantec (which has almost a broader security portfolio) or Kaspersky (which has very strong point products). That strategy yields the appropriate choice to fit agreeable licensing terms and the enterprise’s security needs.

Must Read Articles