In today's multi-platform network environments, assessing and managing security on network and Web platforms one server at a time is no way to implement, manage or enforce a corporate security policy. Because, whether the security solutions run on a NetWare platform, Windows* NT*, Linux* or elsewhere, each still needs to be individually configured and managed. Multiply this effort by the hundreds of network and Web servers found in any large enterprise, and implementing any kind of corporate-wide security policy can become a slow, expensive, and often political, struggle.

Consolidated Natural Gas (CNG) is one of North America's premier energy companies. Their businesses include independent exploration and production, the fifth-largest natural gas utility system, an interstate natural gas pipeline network, and a rapidly growing energy mass-marketer. Their WAN spans six organizational units, with nearly 6,000 users and 100 satellite sites. To help standardize security processes and enable the security team to implement and manage security policy across their organization, CNG security experts selected Symantec's Enterprise Security Manager* (ESM) for eDirectory, UNIX*, and Windows NT.

"Over the last 18 months, we've worked toward enterprise-wide accountability, and we're moving to integrate everything into a standard, directory-based network environment," said Jones. "After selecting Enterprise Security Manager, we did a long-term pilot on our low-usage servers to assess the product's capabilities, be certain of its compatibility with our environment and understand the implementation requirements. ESM has none of the barriers noted in other platform-specific security products we tested, and it adds value to our integration investment with its ability to leverage individual supported platform security features."

In addition to leveraging rights to eDirectory user and container objects, ESM supports dozens of servers, including NetWare, Windows NT, Sequent*, AIX*, Sun Solaris*, and HP-UX* as well as programmable options for applications such as Lotus Notes*.

"We began ESM deployment based on areas of highest need and impact, as well as resource availability," said Jones. "For example, ESM is already installed on 64 of our NetWare servers, and we have administrators in all of our locations. By enforcing standardization through ESM we ensure policy compliance. From an administrative standpoint, ESM doesn't significantly affect their daily tasks, and can actually simplify some of them. We haven't pulled all servers into compliance, but we're working on it. Right now, we are particularly interested in protecting our outward-facing environment of firewalls and Web and proxy servers," noted Jones.

ESM's management console and advanced reporting enable CNG security analysts to monitor, manage and enforce sound security practices across all supported systems. "We now have a handle on what our issues are," commented Jones. "Our security analysts are already enforcing our change-control policy by producing reports and forwarding them to system and network administrators for server changes and improvements. ESM's manager/agent architecture checks for specific items in specific environments, such as vulnerabilities on a firewall or web server. With easy access to this detailed information, we can now quickly upgrade current installations and verify each new deployment is secure, as well as address potential threats from the Internet."

ESM illustrates the growing value of cross-platform, directory-enabled applications that operate seamlessly across today's complex network and Internet environments. With extensive directory and operating system support, dynamic configuration capabilities and integrated reporting, ESM enables customers to integrate security architecture and policy into a single manageable interface, dramatically reducing administration overhead and risk.

With the Symantec solution in place, Consolidated Natural Gas can conduct business on its network and the Internet with customers and partners—anytime and anywhere.

*All other third-party trademarks are the property of their respective owners.