Vigilar Atlas to Shrug Off Security Concerns

IBM , CA , HP , Microsoft  and CA  have been selling products to help companies keep track of who is using what in the datacenter.

But Vigilar, by offering similar IT security and compliance coverage as a service, has designs on making the way companies manage and secure their digital corporate assets a less cumbersome, messy affair.

The startup on Monday will unveil Atlas, a security-as-a-service offering that manages customers’ assets and licenses, authentication and logs, and provides technical support and systems maintenance. Basically, Vigilar consultants install an appliance in the customer’s datacenter and manage the customer’s network through the Internet.

Vigilar President and CEO James Fox said his company is trying to solve the time-draining tasks for keeping track security devices in networks, keeping them up to date and maintaining them while simultaneously meeting the strenuous security requirements of Sarbanes-Oxley and the Payment Card Industry (PCI) standard.

Such maintenance typically involves training IT staffs to do manual configurations; between the training and the actual maintenance, valuable time often gets wasted. Not to mention time wasted with device misconfigurations by human hands. Not anymore, if Vigilar has anything to say about it.

“We’re trying to let customers put their head down on the pillow at night knowing they’ve met their compliance requirements,” Fox told internetnews.com.

“It wasn’t that they were looking for new technology or new ways to solve problems, or that they were sitting up wondering how they employ NAC. They were saying, ‘How do I manage what I already have,’ because they’re all getting hit by their internal and external auditing groups.”

Atlas seeks to alleviate the burdens of device and regulations proliferation with the five aforementioned modules, which Vigilar will sell individually or as a whole. The Atlas node is accessed via a Web interface.

The asset and license management module tracks IT devices and licenses through serial number, date of sale, location and renewal date. It also provides historical snapshots for any point in time and includes automatic maintenance renewal reminders.

The authentication management module provides two-factor authentication as a managed turnkey solution so the onus of verifying user identity isn’t on the system administrator. The software automatically implements various authentication platforms and includes account approval process.

A log management service provides a secure, automated audit trail for all system and applications to allow for the reconstruction of all user activity and events. This module retains log data for a minimum of one year.

Also, a technical support “concierge” module tracks trouble tickets and supports products from multiple vendors. Finally, the system maintenance module automates patch management and health checks.

Vigilar customer using the platform include a who’s who in Fortune 1000 vendors, including AOL Time Warner, Pepsi and Aflac.

Security-as-a-service is an emerging field, but still very young, and most of the vendors are offering some form antivirus or some other protection over the Web. Watchfire, for example, offers Web application security on demand.

To that end, Vigilar may have an advantage in that no other vendors currently offer the breadth of systems maintenance and compliance-geared on-demand through a server.

However, the startup still has to unseat the mainstays — IBM, HP, CA and BMC — which offer those similar technologies through the traditional licensing route. The company expects to best those vendors in price, offering to support all of its modules on up to 100 devices a year for $500,000. Individually, the modules range from $50,000 to $300,000.

By comparison, Fox said the same services, coverage and duration from traditional vendors can cost up to $3.2 million.