News

HP Extends Security Services Portfolio

• By Jeffrey Schwartz
• January 25, 2010

Hewlett-Packard today said it is adding to its diverse security services, while bringing them together under a common framework.

The company launched 90 new managed security services to its Secure Advantage portfolio, which covers everything from printers, mobile devices, PCs, servers, network gear and applications. Tying Secure Advantage together is the new Security, Compliance and Continuity Services portfolio.

Built upon HP's Information Security Service Management reference model, the new Secure Advantage framework is based on the popular industry standard IT Infrastructure Library (ITIL) architecture. HP's framework is intended to associate applications and infrastructure with business requirements.

The new services and framework aim to cover all aspects of security including vulnerability and risk assessment, business continuity, data integrity, compliance, policy management, authentication and identity management, said Chris Whitener, HP chief security strategy officer. "There are just so many dimensions in which security now has to play," he said.

A new security console functions as a central dashboard for management and reporting, Whitener said. The console is based on the Opsware network and server automation platform and configuration management database. "You can use the same set of tools but have a separation of roles from your security people and your operations people," Whitener said.

HP's Cloud Computing Security Assessment offers risk assessment to those considering migrating applications to various cloud infrastructures. Although it builds on existing cloud security services offered by HP, the latest service helps organizations determine security needs for both public and private clouds, HP said. The managed services also cover ongoing security management.

HP's new Application Security Center of Excellence is aimed at helping organizations thwart attacks aimed at Web applications, providing a security blueprint across the lifecycle of an application. The Application Security Center offering is also available as a managed service implemented and managed by HP.

HP has emerged as one of the broadest providers of managed security services, thanks to its acquisition of EDS. It has 6,000 security professionals in the field focused on Secure Advantage, Whitener said. But it also has assembled numerous other key software assets such as Opsware, Mercury Interactive and SPI Dynamics.

"What's encouraging is how they are bringing all of this under one umbrella," said Forrester Research analyst Jonathan Penn. "What they've also done is formalize their security framework. There are few companies that can do that." Among them are IBM and some of the larger systems integration firms, Penn said.