Powerful <strong>Security</strong> Information and Event ManagementUnbeatable Performance<strong>NitroView</strong>'s patented data management engineprocesses and analyzes security information andprovides it back to you as actionable securityintelligence. Unlike most SIEM reports, however, theresults are produced in a fraction of the time. Evenduring periods of peak event collection, on systemsstoring billions of records, <strong>NitroView</strong> can producesecurity and compliance information in just a fewminutes, rather than hours or even days.Massive Data CollectionWhether using a single, entry-level appliance or a fullydistributed implementation of our flagship ESM X5,you'll appreciate the industry's highest event and flowcollection rates, from a wide range of data sources. Asingle <strong>NitroView</strong> Receiver can collect over 20,000 eventsper second. The ESM itself can support multipledistributed receivers, and is able to handle hundreds ofthousands of events per second without compression oraggregation. With aggregation, a single appliance cansupport tens of millions of events per second—enoughfor almost any network.Long-term Data Retention<strong>NitroView</strong> is able to store billions of events and flows,keeping all information available for immediate analysis,investigation and reporting. That's important wheninvestigating low-and-slow attacks, searching forindications of advanced persistent threats, orattempting to remediate a failed compliance audit—allof which require looking at years of data, and having fullaccess to the complete details of specific events.<strong>NitroView</strong> ESM’s dynamic baselinesprovide at-a-glance indication ofnetwork and event anomalybehaviorDynamic, Real-Time BaselinesWhether its network traffic, user activity, or trends inapplication use, any variation from normal activity couldindicate that a threat is imminent. Normal event activitycan also be a clue to a larger threat or incident. Nitro-View calculates real-time baseline activity for allcollected information and alerts you of potential threatsbefore they occur, while at the same time analyzing thatdata for patterns that could indicate a larger threat.Content Awareness<strong>NitroView</strong>'s scalability and performance enables moreevents to be collected, from more sources. All informationis heavily indexed, normalized, and correlatedtogether to detect a wider range of risks and threats.When contextual information is available from vulnerabilityscanners, identity & authentication managementsystems, or privacy solutions, each event is enrichedwith that context for•a better understanding of howevents correlate to real business processes and policies.Policy-aware Compliance ManagementCompliance management requires more than simpleevent logging. It requires an understanding of networkdevices and their vulnerabilities, users and their roles,allowed applications and their use, and the business andoperational policies that tie it all together. <strong>NitroView</strong>makes compliance management easy, and provideshundreds of pre-built dashboards and reports forPCI-DSS, HIPAA, NERC-CIP, FISMA, GLBA, SOX, and others.Integrated Tools for Improved <strong>Security</strong> Workflow<strong>NitroView</strong> ESM gets to the heart of security operationswith integrated tools for configuration and changemanagement, case management, and centralized policymanagement needed to improve workflow and facilitatedaily information security operations.
Turn Billions of Events & Flows into <strong>Security</strong> Intelligence in MinutesDeveloped specifically for large-scale collection and real-time analysis of data, <strong>NitroView</strong> provides theperformance needed to support the requirements of a content-aware, operational SIEM.Nitro<strong>Security</strong> has decades of experience in database technology, which provides a dramatic performance advantageover other SIEM systems. <strong>NitroView</strong>’s highly optimized data management architecture uses patented techniques toprovide simultaneous event collection, analysis and reporting—at extremely high speeds.Rich, Flexible AnalyticsPatented technology also enables real-time statisticalcalculations—including baselines and deviations—on allcollected information. This enables <strong>NitroView</strong> to detectanomalies across all monitored activity, from networks,users, applications, or any other information source. Italso enables visual indicators of trend activity across alldashboards, for at-a-glance trend analysis.High Acquisition RateUnlike most databases, <strong>NitroView</strong>'s data managementengine is able to collect, parse and insert newinformation at extremely high rates—up to thousands oftimes faster than commercial SQL databasemanagement systems. This also allows <strong>NitroView</strong> tomaintain these high collection rates without impactingthe performance of other SIEM functions, such asanalysis and reporting.Rapid Response<strong>NitroView</strong>'s patented data management engine eliminatesthe need to perform time-intensive database tablescans, producing detailed reports and queries in justminutes instead of hours. <strong>NitroView</strong> won’t slow downduring periods of peak event activity—making Nitro-View the perfect real-time analytical tool for your<strong>Security</strong> Operations Center.Diverse Device Support<strong>NitroView</strong> can support a wide range of devices becausethe underlying architecture supports diverse indexes.This means that <strong>NitroView</strong> can collect more than just logand event data, collecting and analyzing identityinformation, database activity, policy, privacy and otherinformation from third party systems and applications.Efficient Storage Utilization<strong>NitroView</strong>'s patented data indexing also allows moreinformation to be stored using less physical storage,while maintaining full granularity of all collectedinformation. This allows billions of events and flows tobe stored locally on the <strong>NitroView</strong> appliance—fullyaccessible for analysis and reporting.