Expanded Enterprise Vulnerability Management

    October 7, 2004

Citadel Security Software will soon release Hercules 3.5 and the new AssetGuard component.

Hercules 3.5 delivers an enterprise vulnerability management solution that includes expanded security configuration policy templates, improved workflow and monitoring capabilities and comprehensive device discovery. The new AssetGuard component provides a full device inventory capability, giving administrators increased knowledge and the ability to rapidly target devices in need of critical patches and configuration updates to mitigate IT security risk. With the release of Hercules 3.5, Citadel offers an integrated technology platform that meets the requirements of compliance officers, IT operations and security personnel by providing capabilities to comply with both internal and external mandates, configure and maintain systems, and proactively eliminate security vulnerabilities.

“Today, most enterprises use manual processes or single point tools that don’t communicate with each other to solve the problem of mitigating risk. By using a single, integrated technology platform, across all organizational units responsible for managing and resolving IT security risk, enterprises are able to realize cost and process efficiencies, react faster to threats and demonstrate compliance with corporate mandates or government legislation,” said Carl Banzhof, chief technology officer of Citadel Security Software. “With Hercules 3.5 and AssetGuard, Citadel provides an enterprise vulnerability management solution that allows the compliance, IT operations and security groups to communicate and work effectively together to mitigate IT security risk.”

With the addition of network discovery, Hercules 3.5 addresses the difficulty of uncovering unknown devices which pose potential security risks. Administrators now have the ability to automatically discover devices on their network via NT Domain, Active Directory and IP address ranges, and select those devices to be managed by Hercules. Also fully integrated with Hercules 3.5 is Citadel’s newest offering, AssetGuard, which enables administrators to collect detailed workstation and server device information and store that information in a centralized database. AssetGuard improves how devices and their inventory are discovered on a network, searched and grouped into security configuration profiles and automatically remediated to be successfully repaired and in compliance with security policies.

“With Hercules, we have successfully remediated hundreds of vulnerabilities automatically. With a few clicks of the mouse, I am able to initiate the vulnerability remediation process before leaving the office and return in the morning to find all the devices remediated,” said Paul Ernst, manager of technology and communications, Satellite Asset Management, L.P. “As our organization continues to expand, Hercules 3.5 with AssetGuard will be extremely valuable, offering us even greater flexibility and control.”

New with Hercules 3.5:

— Operations Console — Measure and monitor the status of remediations, device activities and device discovery in a single, comprehensive view. Administrators can monitor actionable V-Flash events which allow fast reaction to new vulnerabilities.

— Enhanced Policy Management — Expanded pre-defined policy templates based on the Federal Information Security Management Act (FISMA) and National Security Agency (NSA) recommended guidelines. Enhanced policy definition and workflow capabilities ensure efficient security configuration enforcement.

— Expanded Remedy Support — Library of tested and proven remedies exceeds 19,000. Administrators have the ability to schedule multiple remediations for device groups and automatically update the Hercules client.

— Network Discovery — Automatically discovers devices on the network to be managed by Hercules. Administrators have the ability to discover devices via NT Domain and Active Directory (including support for LDAP servers) and IP address ranges.

Citadel’s AssetGuard is comprised of the following capabilities:

— Device Discovery — Collects and stores detailed hardware and software inventory data, as well as running services and processes. The inventory collection process creates a baseline profile of the network, and can store historical profiles for comparisons as desired.

— Device Query — Allows users to create and save queries used to search for devices that contain specific attributes, including hardware, software, operating system, patch level, configuration and services inventory data. Device Query enables an administrator to easily identify the devices that require remediation or configuration changes based on their inventory profile.

— Action Packs — Allows a remedy or set of remedies to be applied and enforced to a set of devices that meet a certain criteria, the results of a Device Query. Delivered by Citadel’s automated delivery service, V-Flash or custom-developed for an environment, Action Packs allow administrators to respond quickly to new and existing security vulnerabilities.

The Hercules 3.5 software and the AssetGuard component will be generally available at the end of October.