REM™ is a unified threat management solution that accurately assesses and improves a company’s overall network security posture, helping security and IT groups to work together more effectively. REM’s threat management portal enables the rapid identification and prioritization of vulnerabilities, thus optimizing resources to focus on the most critical vulnerabilities. REM’s advanced workflow capabilities also allow groups to collaborate in ongoing remediation efforts, thereby increasing operational efficiency.

REM allows security administrators to divide the network into logical, manageable segments. This allows you to focus the appropriate resources and attention on strategic assets within a network. Segments can be created based on department, affected business processes or hardware groupings.

Organizations can securely transfer security events (e.g. detected network vulnerability issues) from distributed scanning machines to one centralized location. REM connects with the various product engines via PKI-encrypted channels to collect, store and analyze security data.

Using REM's rule-based system, security events can be automatically evaluated and assigned to the appropriate resource for remediation. Issues that are uncovered become a security event and are entered into REM's centralized ticketing system. As appropriate, these events can be elevated to tasks and assigned to a user for remediation. REM's open architecture also allows for these events to be integrated with enterprise help desk/troubleticketing systems.

REM's open architecture enables full integration with an organization's existing third-party management system, such as CA Unicenter®, HP OpenView and IBM® Tivoli®.

Additional Features included:

Advanced Workflow Based on Scopes and Roles

Intelligent Event Tracking

Encryption and Authentication

Open Database Compliance

Comprehensive Remediation Management

Detailed Reporting

Advanced Workflow Based on Scopes and Roles
REM enables IT organizations to establish roles and responsibilities to accurately reflect the organization’s resource structure. This allows enterprise administrators to establish the network authority granted to each team. In order to replicate the logical layout and segmentation of your network, REM also allows for the creation of defined scopes. Scopes permit those tasked with assessment and remediation the ability to review the event data originating from their respective network locations.

Intelligent Event Tracking
To remedy an overload of data, REM has an intuitive rules wizard that allows administrators to proactively delegate tasks by filtering issues based on type, origin and severity. This eliminates staff dependency on management for disseminating assignments and facilitates more efficient and accurate remediation.

Encryption and Authentication
REM incorporates a built-in PKI infrastructure for quick installation of certificates and private key material. Industry standard X.509 certificates in XDA and PKCS#12 formats are also supported for compatibility with existing PKI infrastructure.

Open Database Compliance
REM is ODBC compliant for high-capacity storage of all network security events. REM enables querying directly into its data store provided the appropriate access controls are available

Comprehensive Remediation Management
Events can be elevated to tasks via the REM interface and/or rules system. Once a task is assigned, its progress can be tracked and verified. Full instructions on corrective actions are detailed within each ticket to assure accurate remediation of network vulnerabilities.

Detailed Reporting
Users can track assignments and progress from all parts of the security organization using REM’s charts and reports. Executive reports allow for an instant network threat level assessment at a glance and the progress made in correcting various security issues. Management reports enable a view of the network’s overall security posture. Administrators can access detailed information pertaining to their assignments and review the progress of their efforts. A sampling of some reports include:

• Audit Reports by Name: Audit reports show in-depth information about each vulnerability that was found on the network along with information about the steps needed to correct the issue. The reports are grouped either by name or by IP, and it is possible to view lists of all machines affected by individual vulnerabilities.
• Delta Reports by IP Delta: Delta reports show a side-by-side comparison of vulnerability assessments to show progress made by remediation efforts. It also allows the administrator to view network security issues that have failed to be corrected.
• Top 20 Reports: Reports are available to help profile the devices that exist on the network. Understanding the most common operating systems, ports, services, and users can be useful in determining strategies for IT security efforts.

Screenshots

Datasheets

• REM Data Sheet

Product Requirements

Microsoft Windows 2000 Server with Service Pack 4 / 2 Windows Updates or above

Microsoft Windows 2003 Server

Microsoft SQL 2000 Server with Service Pack 3 - Internet Explorer 5.51 or above

Microsoft IIS Server

Technical Overview

The REM™ Security Management Console is a unified threat management solution that accurately assesses and improves a company's overall network security posture, helping security and IT groups work together more effectively. REM's threat management portal enables the rapid identification and prioritization of vulnerabilities, thus optimizing resources to focus on the most critical vulnerabilities. REM's advanced workflow capabilities also allow groups to collaborate in ongoing remediation efforts, thereby increasing operational efficiency.

REM enables security professionals to efficiently aggregate and process security data to make informed decisions about the state of their network’s security and delivers enterprise-wide visibility through an intuitive user interface. REM acts as a threat management portal, consolidating security events and allowing for root cause analysis to efficiently plan, implement and review remediation activities.

REM's advanced workflow capabilities also create synergy between IT and security groups, facilitating collaborative remediation management through the efficient allocation of resources, and the tracking of progress through REM's unified portal view. REM's flexible administration of roles and responsibilities is complemented by a rules-based engine that automates task assignments according to multiple event characteristics such as vulnerability type, origin, severity, etc.

REM's reporting capabilities enable business process-centric vulnerability correlation, allowing companies to focus on the remediation vulnerabilities that have the greatest potential impact to business operations. A comprehensive set of executive, technical and administrative level reports provide threat assessments that allow various constituents to view trending and analysis data relevant to their role in the organization.
For organizations that rely on enterprise applications such as help desk, framework solutions or network monitoring solutions, REM's open architecture provides for seamless integrations with those platforms, passing along vulnerability data to further leverage such investments, delivering reduced IT costs and further operational efficiencies.

REM, when combined with Retina®, the industry's #1 rated network vulnerability assessment scanner, acts as the management console for the Retina Enterprise Suite.