Alternative to Symantec ESM (Enterprise Security Manager), CCS (Control Compliance Suite) or Critical System Protection (CSP)
Symantec loves anti-virus – the cash cow for the business has long been AV (and latterly backup) and there has been huge reluctance to admit that the effectiveness of AV is diminishing every day. Corporate messaging acknowledges this with marketing phrases like ‘move beyond anti-virus’, but this is still an organization with anti-virus at its heart.
However, the AV cash cow has funded acquisitions – lots of them – to try and get beyond AV and allow access to the wider information security marketplace. While the top-level strategic view shows a broad range of security products, as with any conglomerate product range built by acquisition, there are as many gaps as there are overlaps and inconsistencies.
There has also been a continual succession of distractions, diversions and dilutions of focus with acquisitions in the backup, encryption and cloud markets.
The result is a fragmented product range and similarly disjointed sales and support teams.
Computer Reseller News provide an interesting time-line for Symantec ‘Symantec's Split: Here's How The Growth Bubble Burst’*
Symantec ESM – Your Time is Up
With a conglomerate like Symantec, there are always periodic attempts to rationalize a bloated product range, otherwise known as the Revolving Door of Product Management, which many say was pioneered by CA ☺. The latest victim is Symantec ESM, now on its death bed thanks to the decision to end of life the product.
Time is not on your side: November 2014 is a critical month for anyone using Symantec ESM as the product has now reached the end of limited support. This means there will be no more patches released for the ever increasing threats and ultimately placing your organization at increased risk.
Similarly, Policy and Compliance standards always require continual updates and improvements to keep pace with the discoveries of new vulnerabilities, and with the introduction of new applications, database and operating system versions. From this point on, none of these updates will be provided for ESM.
What are the options to replace Symantec ESM?
As is often the case with Symantec, there isn’t a clear product strategy to guide customers. There is a list of options, none of which really provide the ideal solution to deliver the key security controls required
- Compliance and Vulnerability Management: Is my estate secured, hardened and vulnerability-free? Are my systems prone to attack?
- Change Control: How can I effectively manage changes to systems when required? How can I patch and upgrade systems without weakening compliance with my hardened build standard? How can I analyze changes to ensure security breaches and unintended changes are highlighted?
- Breach Detection: If systems are infected or breached despite my best efforts to prevent this, will I be able to detect that this has happened, immediately and with the required intelligence regarding who, when and how?
In summary, the options are these:
Symantec Endpoint Protection – Anti-Virus with extra functions, but not a strategic security solution, with no compliance, FIM or change control functions
Symantec Critical System Protection – Covers more of the compliance and breach detection controls but a legacy product that doesn’t embrace the need for tight links between change control, compliance and vulnerability management.
Symantec Control Compliance Suite – Provides a high-level executive view of compliance and orchestrates remediation actions but without the focus on breach detection and change control/change analysis required to manage a fluid, dynamic IT environment.
ESM End of Life - The Symantec Customer View
Customers are telling us that this now sprawling corporation doesn’t understand compliance or high-end security technologies such as Enterprise File Integrity Monitoring, compliance and change control. They are concerned that the current phase of product range rationalization will leave them with dead-end products and fading support resources to call on.
The NNT Solution – Simple Migration with a Strong Security Vision for the Future
NNT can help migrate from any Symantec products to provide a highly focused security solution from a truly focused manufacturer – FIM, compliance, vulnerability management and change control is all we do and all that we want to be known for. We can readily convert any legacy policies or templates you may be using in Symantec solutions to provide a seamless migration, while introducing a strong vision for automated Closed-Loop Intelligent Change Control for continuous, non-stop compliance and breach detection.
Talk to us today about what we can offer and how we would manage your migration.