The latest incremental update to this event-driven security product gains major new features The e-Security 4.2 security event management suite scans events reported by devices for potential security problems, links them through a correlation engine that compares events to what’s normal on your network, and sifts out potential threats.Version 4.2.1.8 for Windows, despite the obscure numbering, is a major update that was released on Aug. 2 and includes the ability to interface with HP Service Desk and HP OpenView Operations. It also includes a new Advisor function that provides up-to-the-second vulnerability intelligence from TruSecure, as well as a data manager to help deal with the vast quantity of security data produced.The e-Security suite looks at input from a wide variety of sources. For my tests, I used a Snort IDS, as well as a firewall and the Syslog input from Linux and Windows servers. The result was a list of events, each flagged according to its potential security impact, presented graphically as well as in a list — a great feature, considering the mind-numbing detail provided by many IDS solutions. During the test, our network suffered a DoS attack and several attempts at worm propagation. It was during those attacks that e-Security proved its value. I was immediately able to determine what the attacks were, whether my systems were vulnerable, and even the origin of the attacks. In one case, it allowed me to differentiate between an actual attack and a vulnerability scan that looked a lot like an attack but wasn’t.The software can be distributed among a number of machines if you need to manage a large network. It does, however, require machines with some horsepower and isn’t cheap. Still, there’s little else out there that can match e-Security’s capabilities. Technology Industry