NitroView Enterprise Security Manager

More documents

Recommendations

Info

NitroView Enterprise Log Manager (ELM)Compliant Log Collection, Storage and ManagementNitroView Enterprise Log Manager (ELM) automates the log management and analysis for all log types, includingWindows Event logs, Database Logs, Application Logs, and Syslogs. Logs are signed and validated, ensuringauthenticity and integrity—a necessity for regulatory compliance. Out-of-the-box, compliance rule sets and reportsensure that it is simple to prove your organization is in compliance and policies are being enforced.Fully IntegratedNitroView's performance and scalability allow securityinformation and log management functions to betightly integrated. When a security event is generated,the parsed event files are linked directly to the sourcelog file and even to the specific log record—for instantaccess during the event management and forensicprocesses. There's no extra step, extra application tolaunch, or extra time to waste by searching throughlogs manually.Maintains the log storage and retentionrequirements of compliance mandates, including:• PCI-DSS• SOX• HIPAA• FISMA• NERC-CIP• GLBAWhy is this important? Because log files alone don't tell us everything that we need: they contain important pieces ofevidence and are an important link in establishing chain-of-custody, but they also raise important new questions. Forexample, we might see a username in an access log, but there is no information about what that user's role is, or whathis or her privileges are. We also might know what system was accessed, but we're told nothing about what types of• GLBAinformation are used by that system, or who should be accessing it.• ISO 17799NitroView ESM and NitroView ELM, together, provide context about each and every• Basellog—relevantIIinformation aboutthe source or destination IP address, the username, hostname, or service being used, • FFIEC vulnerability information from aVA scanner, network topological information, even valuable policy and privacy information—making • DCID 6/3 every parsed logrecord much more valuable.
NitroView Enterprise Log Manager SpecificationsModelDescriptionDedicated Enterprise Log management AppliancesCollectionRatesNS-ELM-5750-RNS-ELM-4245-RNS-ELM-5510-RNS-ELM-5205-RNitroView ELM 5000 Enterprise Log Manager provides Compliant Log Management functions. 7 TB localstorage. 3U appliance.NitroView ELM 4000 Enterprise Log Manager provides Compliant Log Management functions. Supportsnetwork / SAN storage options. No local storage. 1U appliance.NitroView ELM 5000 Enterprise Log Manager provides Compliant Log Management functions. 3.75 TB localstorage. 3U appliance.NitroView ELM 5000 Enterprise Log Manager provides Compliant Log Management functions. 2.5 TB localstorage. 3U appliance.50,000events/sec45,000events/sec35,000events/sec20,000events/secCombination Enterprise Log Manager and NitroView Receiver AppliancesNS-NRCLM-4245-RNS-NRCLM-2250-RNS-NRCLM-2230-RNitroView ELM Receiver provides compliant Log Management and collects flow data for correlation andanalysis by NitroView ESM. 1U Appliance. Rated for 10,000 events per second.NitroView ELM Receiver provides compliant Log Management and collects flow data for correlation andanalysis by NitroView ESM. 1U Appliance. Rated for 8,000 events per second.NitroView ELM Receiver provides compliant Log Management and collects flow data for correlation andanalysis by NitroView ESM. 1U Appliance. Rated for 5,000 events per second.10,000events/sec8,000events/sec5,000events/secAll-in-one NitroView ESM, ELM and Receiver AppliancesNS-ESMLM-5510-R NitroView ESM / ELM 5000 Enterprise Security Manager provides SIEM , Compliant Enterprise Log5,000Management, and Network Analysis functions. Includes integrated NitroView Receiver for collection of third events/secparty feeds. 3.75 TB local storage. 3U appliance.NS-ESMLM-5205-R NitroView ESM / ELM 5000 Enterprise Security Manager provides SIEM , Compliant Enterprise Log2,500Management, and Network Analysis functions. Includes integrated NitroView Receiver for collection of third events/secparty feeds. 2.5 TB local storage. 3U appliance.NS-ESMLM-4245-R NitroView ESM / ELM 4000 Enterprise Security Manager provides SIEM , Compliant Enterprise Log1,000Management, and Network Analysis functions. Includes integrated NitroView Receiver for collection of third events/secparty feeds. 1 TB local storage. 1U appliance.
Page 1 and 2: NitroViewEnterprise Security Manage
Page 3 and 4: Turn Billions of Events & Flows int
Page 5: NitroView Enterprise Security Manag

NitroView Enterprise Security Manager

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?