Elemental’s Latest Release Enhances Policy And Risk Management Functionality Delivered To Customers

SAN MATEO, Calif. – March 6, 2006 – Elemental Security, Inc., the award-winning pioneer of new technology in enterprise information security, today announced the general availability of the Elemental Security Platform (ESP) v2.0, the next-generation release of its policy and risk management solution. This new product further enables enterprises to implement and manage security policies that support their business objectives, address IT risks associated with doing business, and measurably improve upon their security and compliance efforts.

The Elemental ESP provides the world’s only security policy system built from the ground up to make the state and activity of users and computers fully transparent, enabling customers to ensure that disparate security solutions and hardware products conform with security policies and business objectives. This award-winning product unifies policy management, host configuration, inventory/discovery and role-based access control in one seamlessly integrated offering. By continuously gathering richly detailed information about the state and activity of machines on the network, the Elemental ESP enables customers to tailor security policies to support the intended business purpose of individual machines. Using its compliance metrics, security administrators can easily assess the security posture of machines and networks, and make proactive decisions about managing risk.

“Elemental has been recognized in the industry for delivering extensive visibility into the security state, inventory, and network activity of machines, enabling organizations to measure compliance against their host-level security policies, and to identify changes or unapproved activity in their networks,” said Scott Crawford, Senior Analyst, Enterprise Management Associates. “One of Elemental’s more interesting aspects is its ability to leverage this continuous monitoring to dynamically group IT assets based on the security posture of machines and the roles of users and computers. This enables organizations to accurately target and continuously update their host-level policies that govern the configuration and network access of machines. Strategically, this aligns with IT’s increasing interest in an integrated approach for managing policies and risk throughout their networks.”

Addressing customer demand, the Elemental ESP 2.0 delivers a deep policy library, including templates for regulatory initiatives such as Sarbanes-Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry (PCI) Data Security Standard, as well as for security best practices for operating system and application security from organizations such as NSA, DISA, Microsoft, and CIS. The Elemental ESP delivers enterprise-class performance with support for up to 10,000 managed agent hosts per server.

The Elemental ESP delivers centralized policy management and process automation across common server and desktop operating systems, allowing security administrators and compliance officers to consistently manage security policies across their entire network within a single management system. Elemental’s new release offers agent support for UNIX versions of IBM (AIX) and Hewlett-Packard (HP-UX), as well as for Mac OS X. Updated agent support for Red Hat Enterprise Linux 4 and server support for Sun Solaris have also been added.

In addition, the Elemental ESP offers enhanced functionality, including fine-grained policy management privileges and distributed authentication for administrators, flexible scheduling of policies and reports, extensive reporting supported by detailed drill downs, rule exception granting, and policy support for leading Anti-Virus and Anti-Spyware applications. The product’s enhanced policy content includes more than 2,000 individual rules and an extensive suite of user-editable policy templates for security benchmarks, regulatory requirements and security best practices.

“We have many compliance needs, including GLBA (The Gramm-Leach-Bliley Act) because of financing student loans, HIPAA because we have a medical school and need to protect patient information on that portion of the network, and FERPA (The Family Educational Rights and Privacy Act) for student records privacy,” said Seth Shestack, Associate Director of Information Security, Temple University. “The most basic part of complying with regulations is the technical aspect, and now with Elemental we can do it all in a more automated fashion. Elemental is the best solution we’ve seen so far, especially regarding the visibility and control it gives us. Overall, it’s the most comprehensive solution we have seen, and also the one that has the smallest footprint.”

The Elemental ESP provides an in-depth assessment of the configuration, activity, and inventory of hosts running its agent, allowing security administrators to deploy role-based access control policies that align security management with business requirements and objectives. The depth of the inventory assessment has been enhanced to include tracking of installed applications and hardware devices, such as storage, local printers, modems, and smartcard readers; and detecting the presence of USB, serial, and parallel device ports. The Elemental ESP provides unparalleled visibility into the state and activity of machines on the network to dynamically group hosts based on similar properties, enabling precise targeting of policies and automation of the provisioning of policies as changes occur.

“The Elemental Security Platform increases the distance between us and the competition,” said Elemental CEO Peter Watkins. “The Elemental ESP is extremely flexible and responsive to our customers’ business needs. We are pleased to deliver this new release with expanded functionality and capabilities, all based on customer feedback and requirements.”

Elemental delivers a Unified Policy Infrastructure, tightly coupling the expression, monitoring, and enforcement of security policies across heterogeneous platforms and across multiple layers of individual computers (including OS, application, users, hardware, software, and network activity). Powering this unified framework is the first and only purpose-built security policy language. With no programming experience required, organizations can easily express policies in a manner that more closely resembles how they were written in a security policy document, without worrying about implementation details or platform-specific issues.


Sold through leading authorized channel partners, the Elemental Security Platform is available today. Contact the company at www.elementalsecurity.com for more, including sales and pricing information.

The Elemental Security Platform

The Elemental Security Platform is an enterprise security software solution that enables organizations to manage the policies and risk for any computer connecting to the network. The Elemental ESP is a client-server security system that provides broad visibility into all hosts in the enterprise and the means to control them through auto-deployed security policies. The system consists of the Elemental ESP server and Elemental ESP agents running on desktops and server hosts throughout a network. Its architecture is unique in its ability to detect, monitor and control hosts with or without Elemental ESP agents running on them. The product has earned numerous industry awards, including InfoWorld’s 2006 Technology of the Year Award, Information Security’s 2006 Product of the Year Award, and Network World’s 2006 Category Breaker Award.

Don't miss