I.T. Co. releases Security Vision, a new version of Security Information Control and Monitoring System. The new version has extended functionality and allows management of incidents and security in general.
The first release of Information Security Management System, known as Security Monitoring and Management Center (IT SMMC), was developed by I.T. Co.’s specialists in 2007 based on Cisco platform - the leader in network security. IT SMMC allowed collection and correlation of security events, happening in a building, from any heterogeneous subsystems of the Information Security System.
“When developing this solution, we referred to the market needs. While implementing projects for large enterprises, we constantly faced the problem of ineffective management of information security. Generally, companies had several heterogeneous information security systems, each responsible for a limited scope of tasks. Each subsystem was based on products developed by different manufacturers, required deep integration and a centrally controlled security system to assure coordination between all modules. Namely our experience in project implementation drove us in 2007 to create the Security Information and Event Management System”, said Ruslan Rakhmetov, I.T. Co.’s Director of the Competence Center for Security Information.
During the development period the functionality of the system was significantly expanded. Within the time, the system developed from a system for collection and correlation of security events into an integrated information security management system. I.T. Co.’s specialists significantly improved the system architecture and enhanced the implementation methods. In particular, the system retained capacity to function in a heterogeneous environment and acquired analytical components to process security events. I.T. Co.’s solution is based on the concept of Service Oriented Architecture (SOA) and secure code. It allows the system to adapt to business processes and IT infrastructure of any enterprise during the integration process. At the same time, enterprise business logic is shifted from program code into external settings and parameters. It takes into consideration business specifics and guarantees accurate system integration with existing business structures and technical solutions.
Finally, a new interface was designed and perfectly addresses the needs of users, whereas the system was renamed to Security Vision – a more accurate name reflecting the real purpose of this solution.
Currently, Security Vision is able to automate information security control processes of any enterprise, both on technical and management levels. Technical level of automation allows real-time access to information security of the company. It becomes possible due to central control and deep integration with all existing and planned information security products. Management level of automation assures real-time receipt of documents and recommendations to comply with information security polices.
Security Vision has a centrally controlled update function of a document database that allows receipt of more than 70 relevant document templates on information security according to ISO/IEC 27001 standard. In accordance with Service Oriented Architecture and business specifics, all received document templates are automatically adapted and always stored in up-to-date status.
“Security Vision is fully integrated and functions with the entire Kaspersky Open Space Security product range, designed for integrated security control of corporate networks. This symbiosis produces good results – integration provides actual data on dynamics of a company’s antivirus system and, what is more important, allows its control”, said Alexander Polyakov, Kaspersky Lab Manager for Cooperation with System Integrators.
To secure VPN connections, Security Vision employs the solution of S-Terra CSP – the first Cisco technology partner in Russia. Among advantages of this solution is IPSec protocol and the use of Russian cryptography. The use of CSP VPN together with the center for security control enhances management and scalability of encryption channels while providing high efficiency.
Security Vision is successfully implemented in a number of public and commercial enterprises, including the Ministry of Ecology and Use of Natural Resources, state unitary enterprise MOSSVET, etc.