Symantec ESM architecture

Symantec ESM manages sensitive data and enforces security policies across the following client and server platforms:

• Windows 2000, XP, and Windows Server 2003

• UNIX Solaris, IBM AIX, and HP-UX

• SUSE and Red Hat Linux

• Novell NetWare/NDS

Symantec ESM administers and enforces the policies and procedures that your organization establishes to control access to secured areas. Symantec ESM identifies the potential security risks and recommends actions to resolve the potential breaches in security. When the potential breaches are resolved, Symantec ESM delivers frequent updates to ensure protection against new threats. Symantec ESM has a broad reporting capability to keep you informed of the security status of the network.

Symantec ESM achieves the goals of confidentiality, integrity, and availability of secured information for your organization.

The primary functions of Symantec ESM are as follows:

• Manage security policies.

• Detect changes to security settings or files.

• Evaluate and report computer conformance with security policies.

To effectively evaluate the security of your enterprise, you can customize the Symantec ESM environment to match the needs of your organization. You can then continue to adapt Symantec ESM to the changing conditions in the network.

The Symantec ESM uses an agent-based architecture to collect data from computers on your network. Every computer from which you want to collect data must have an ESM agent installed. This agent collects data and forwards it for storage.

You must configure the Symantec ESM components and your network to allow the components to communicate with one another. In addition, the Data Processing Service Collector must be able to retrieve data from the ESM manager.