Security Testing and Evaluation Labs

Secure Elements: C5 EVM (Enterprise Vulnerability Manager)

Secure Elements’ C5 EVM Overview

External threats continue to pose risks for the network perimeter. However, a bevy of security solutions, including intrusion detection systems and firewalls, are providing formidable risk mitigation for external attacks that independently penetrate the network perimeter.

Networks continue to be hampered by vulnerabilities within the network perimeter, which open up enterprises to threats from the outside. Whether it is because of user error or malicious acts of sabotage, activities within the network perimeter are increasingly exposing critical enterprise data and applications to unauthorized users on the outside. According to the latest CSI/FBI Computer Crime and Security Survey, 80 percent of respondents reported security incidents that originated among network insiders in 2003, up from 64 percent in 2002.

Today's complex enterprises require a security solution that can provide a real-time picture of the network and its assets at all times and a means of assessing and remediating vulnerabilities and threats, in an automated manner, that does not limit network performance or productivity.

These requirements encompass the foundation of Secure Elements C5 Enterprise Vulnerability Manager (EVM) security appliance.

About Secure Elements C5 EVM

Secure Elements C5 EVM and its ability to develop comprehensive remediation plans is built on four pillars:

1. Asset Control – Asset control is the fuel that runs C5 EVM. C5 EVM discovers all assets on the network, then captures and continuously monitors the detailed attributes of each asset via an extremely light-weight agent. Secure Elements classifies and assigns group and criticality to each asset based on its business function value. Those assets that are most critical to the core business of the organization are prioritized for alerting, remediations, and reporting.
2. Policy Enforcement – The majority of vulnerabilities within the network perimeter could be mitigated if enterprise security policies were enforced. C5 EVM receives a survey from the controlled assets every 15 minutes, ensuring that every user is abiding by corporate policies, and that a community standard is enforced. For example, when a road warrior logs onto the corporate network, C5 EVM can immediately identify and remediate if it is out of compliance with security standards, and even limit network access. In addition, it can enforce specific parameters of use – perhaps a company only wants its accounting department to access the system on weekdays during standard business hours, and prevent weekend access.
3. Incident Response/Remediation Management – C5 EVM is a security solution that creates and implements remediation strategies "in an automated manner" for unknown vulnerabilities that do not have a universal patch. C5 EVM provides remediation strategies, such as configuration based countermeasures, based upon real-time threat intelligence, even before a vendor may have a patch, minimizing the vulnerability window for all asset classes and applications. In addition, C5 EVM integrates with industry leading vulnerability scanners, providing an integrated framework for vulnerability management and enabling management of the entire remediation management process from a central console. Most importantly, countermeasures, even the quarantining of assets, may be implemented without limiting network performance or productivity.
4. Real-time Situation Awareness – Leveraging the C5 EVM security dashboard, organizations can obtain a holistic view of the entire enterprise through intuitive screen views such as violations by asset criticality, remediation status, vulnerabilities remediated in the past 24 hours, and violations on protected assets over the past 24 hours. In addition, C5 EVM allows chief security officers to produce reports that proof of compliance with public and private sector Federal mandates, such as FISMA for federal agencies, or Gramm-Leach-Bliley Act, Sarbanes-Oxley, and HIPAA security mandates for the private sector.