If your network admins aren't already enforcing security rules, they could be soon, according to Altiris. The company has just updated its SecurityExpressions auditing and enforcement tool with a version that ties into its helpdesk and IT operations software, allowing one admin desk to run the lot.
Version 4 of SecurityExpressions also adds the ability to audit a broader range of servers and desktops from a single tool, the company said, including Windows Vista, 64-bit Windows, versions of Solaris 10, AIX 5.3 and newer versions of SuSe Linux. The software lists at around £23 per client and £521 per server.
"Every operating system comes with very basic security guidelines, which may or may not be appropriate to your organisation," said Christine Ewing, the market segment manager for Altiris' security products.
She said that Altiris replaces those basic guidelines with over 75 security templates. These are based on best-practices and take into account such things as known vulnerabilities from SANS and vendor patches, and also give you a baseline that you can audit against.
"It's a matter of understanding the threats to each operating system version and converting those into enforceable policies, as well as ensuring real-time communication between the network and security teams," she added.
Ewing said that as the need rises for effective security policy - and for fixes to be applied faster - she sees the roles of those two teams changing.
"It's not necessarily convergence," she said. "Their duties are changing as the security admin and network operations teams merge. In the past, the security team set policies and ran audits, then passed the exceptions to ops. In the future, the security team will set policies and ops will implement them."
Altiris said that integrating SecurityExpressions with the helpdesk means that potential problems discovered by an audit can automatically be turned into a trouble-ticket and routed to the right person, such as the server's administrator, for action. Alternatively, the process could generate a task to fix the problem via the company's software deployment and configuration tools.
Ewing said that SecurityExpressions can audit with or without an agent on the target system, with agents preferred for systems that need more frequent auditing such as servers, and agentless perhaps being for desktops, to reduce the client management workload.
She added that she doesn't expect the acquisition of Altiris by Symantec to change the company's role or aim.
"We will become a separate business unit within Symantec, with our CEO reporting to their CEO as a divisional VP," she said. "Symantec caters very well for consumers and large enterprises, while Altiris has done very well for the mid-market and SMEs."