Novell has announced further enhancements to its security information and event management (SEIM) solution, Sentinel 6. The new service pack helps Sentinel 6 gather and correlate security and non-security information from across an organization’s networked infrastructure.
For Novell this is an ongoing process. In March of this year the company announced enhancements to Sentinel’s automated incident response and workflow system, a new correlation framework, and increased platform support. Overall, one of the driving forces for adoption of a solution like Sentinel is the convergence of security and compliance requirements.
“The template for compliance management is part of the overall Sentinel function,” says Ross Chevalier, chief technology and chief information officer of Novell Canada. “This allows us to collect and consolidate event feeds from multiple vendors’ products.”
Sentinel centralizes data collection in a GUI console, which then provides visibility into data flow and network health. Recent advancements mean that language support includes Japanese and Chinese.
The just-released service pack for the SEIM product further streamlines error-prone processes. Specific enhancements include: an improved graphical display; an engine that simplifies the creation of collectors; the ability to export raw, unaltered log data to a text file; and support for Red Hat Enterprise Linux 4 on x86_64 hardware.
Chevalier confirms that improving the GUI is an ongoing priority.
“We wanted to increase the quality of the automated experience and remove some of the complex steps. This makes it simpler to get a holistic view of what is happening in the enterprise. We’ve added a ‘magnifying glass’ function that will explode a section view.”
Although Novell is not a Red Hat partner, and in fact has raised some feathers with last year’s announcement of a Microsoft partnership, the company is promoting how well Novell SUSE Linux and Sentinel 6 work with Red Hat.
“If you want to deploy on 64 bit Red Hat Linux 4, now you can. Providing Red Hat Linux support is important for us. This is all a part of allowing customer freedom of choice.”
On the product front things are looking good, with the multi-OS approach having led to Novell’s SUSE Linux signing agreements with behemoth proprietary vendors SAP and Microsoft. Such is the strangeness of the legal world, the latter agreement exits alongside a three-year old Novell antitrust suit against Microsoft for monopolistic behaviour with productivity software.
But, for the company overall, things are still rough. Novell just announced that it is releasing 250 people, 200 of them in Utah, with many of the jobs going to India. In the end, Novell will still have approximately 4,600 employees. The layoffs come after September’s announcement of a loss from operations for its third fiscal quarter of US$10 million. The good news is that the company may be near the end of its year-long restructuring.
Chevalier, however, is staying on message regarding the appeal of the recent Sentinel 6 enhancements to Novell’s Canadian customers, specifically when considering the challenge of compliance issues in the mid-market.
“We know that the compliance issues are incredibly important to a lot of Canadian organizations, and we also know that many are struggling. Smaller companies may not have the resources.”
Perhaps the most exciting of the announced enhancements is the “data-collector-builder”, which has added features to make creating collectors easier.
“We define a number of collectors in advance,” says Chevalier. “And modifying the collectors doesn’t require knowledge of a proprietary scripting language. It’s now in Java script. Many organizations have this skill.”
As well, the ability to export raw log data to a text file will help with debugging and testing.
“In a text file you can see all the raw data,” says Chevalier. “This is a great tool for those organizations that are building custom stuff.”