NitroView Enterprise Security Manager

More documents

Recommendations

Info

Powerful Security Information and Event ManagementUnbeatable PerformanceNitroView's patented data management engineprocesses and analyzes security information andprovides it back to you as actionable securityintelligence. Unlike most SIEM reports, however, theresults are produced in a fraction of the time. Evenduring periods of peak event collection, on systemsstoring billions of records, NitroView can producesecurity and compliance information in just a fewminutes, rather than hours or even days.Massive Data CollectionWhether using a single, entry-level appliance or a fullydistributed implementation of our flagship ESM X5,you'll appreciate the industry's highest event and flowcollection rates, from a wide range of data sources. Asingle NitroView Receiver can collect over 20,000 eventsper second. The ESM itself can support multipledistributed receivers, and is able to handle hundreds ofthousands of events per second without compression oraggregation. With aggregation, a single appliance cansupport tens of millions of events per second—enoughfor almost any network.Long-term Data RetentionNitroView is able to store billions of events and flows,keeping all information available for immediate analysis,investigation and reporting. That's important wheninvestigating low-and-slow attacks, searching forindications of advanced persistent threats, orattempting to remediate a failed compliance audit—allof which require looking at years of data, and having fullaccess to the complete details of specific events.NitroView ESM’s dynamic baselinesprovide at-a-glance indication ofnetwork and event anomalybehaviorDynamic, Real-Time BaselinesWhether its network traffic, user activity, or trends inapplication use, any variation from normal activity couldindicate that a threat is imminent. Normal event activitycan also be a clue to a larger threat or incident. Nitro-View calculates real-time baseline activity for allcollected information and alerts you of potential threatsbefore they occur, while at the same time analyzing thatdata for patterns that could indicate a larger threat.Content AwarenessNitroView's scalability and performance enables moreevents to be collected, from more sources. All informationis heavily indexed, normalized, and correlatedtogether to detect a wider range of risks and threats.When contextual information is available from vulnerabilityscanners, identity & authentication managementsystems, or privacy solutions, each event is enrichedwith that context for•a better understanding of howevents correlate to real business processes and policies.Policy-aware Compliance ManagementCompliance management requires more than simpleevent logging. It requires an understanding of networkdevices and their vulnerabilities, users and their roles,allowed applications and their use, and the business andoperational policies that tie it all together. NitroViewmakes compliance management easy, and provideshundreds of pre-built dashboards and reports forPCI-DSS, HIPAA, NERC-CIP, FISMA, GLBA, SOX, and others.Integrated Tools for Improved Security WorkflowNitroView ESM gets to the heart of security operationswith integrated tools for configuration and changemanagement, case management, and centralized policymanagement needed to improve workflow and facilitatedaily information security operations.
Turn Billions of Events & Flows into Security Intelligence in MinutesDeveloped specifically for large-scale collection and real-time analysis of data, NitroView provides theperformance needed to support the requirements of a content-aware, operational SIEM.NitroSecurity has decades of experience in database technology, which provides a dramatic performance advantageover other SIEM systems. NitroView’s highly optimized data management architecture uses patented techniques toprovide simultaneous event collection, analysis and reporting—at extremely high speeds.Rich, Flexible AnalyticsPatented technology also enables real-time statisticalcalculations—including baselines and deviations—on allcollected information. This enables NitroView to detectanomalies across all monitored activity, from networks,users, applications, or any other information source. Italso enables visual indicators of trend activity across alldashboards, for at-a-glance trend analysis.High Acquisition RateUnlike most databases, NitroView's data managementengine is able to collect, parse and insert newinformation at extremely high rates—up to thousands oftimes faster than commercial SQL databasemanagement systems. This also allows NitroView tomaintain these high collection rates without impactingthe performance of other SIEM functions, such asanalysis and reporting.Rapid ResponseNitroView's patented data management engine eliminatesthe need to perform time-intensive database tablescans, producing detailed reports and queries in justminutes instead of hours. NitroView won’t slow downduring periods of peak event activity—making Nitro-View the perfect real-time analytical tool for yourSecurity Operations Center.Diverse Device SupportNitroView can support a wide range of devices becausethe underlying architecture supports diverse indexes.This means that NitroView can collect more than just logand event data, collecting and analyzing identityinformation, database activity, policy, privacy and otherinformation from third party systems and applications.Efficient Storage UtilizationNitroView's patented data indexing also allows moreinformation to be stored using less physical storage,while maintaining full granularity of all collectedinformation. This allows billions of events and flows tobe stored locally on the NitroView appliance—fullyaccessible for analysis and reporting.
Page 1: NitroViewEnterprise Security Manage
Page 5 and 6: NitroView Enterprise Security Manag
Page 7 and 8: NitroView Enterprise Log Manager Sp

NitroView Enterprise Security Manager

Create successful ePaper yourself

Delete template?

Save as template?