Security Information and Event Management

SIEM Technology – Responding effectively and in a timely manner to information security threats requires the continuous, thorough analysis of an enormous number of ongoing events. Without an automated tool to help an enterprise find patterns, filter, clean and analyze all the data that forms the context of an attack, the task of protecting the organization becomes exceedingly complex, time consuming and resource intensive.

Cloud SIEM offers an effective and efficient means to monitor your network 24/7/365- that includes all devices, servers, applications, users and infrastructure components. And it can be done from a central cloud-based dashboard. So, from a “single pane of glass,” you can…

  • Monitor all data center resources using situational behavioral context (correlation) – physical and virtual – anywhere in your enterprise
  • Receive real-time alerts on security or performance-impacting incidents
  • Perform forensic risk analysis and audits
  • Manage security and event logs for historical analysis
  • Automate compliance reporting
  • Assure end-user SLAs

SIEM combines data from a wide range of sources and correlates this data to provide control and visibility:

  • Security operations use the SIEM console for attack detection and mitigation
  • Compliance auditors use the reporting dashboard to create forensically accurate reports
  • Management uses the SIEM to plan for and justify budget requests

SIEM capabilities

  • Compliance automation
  • Low level real-time detection of threats and anomalous activity
  • Network, host and policy auditing
  • Contextual network behavior analysis
  • Forensic log management
  • Risk-oriented security analysis
  • Executive and technical reports
  • Scalable high-performance architecture

Features

Security information and event management (SIEM) brings all of the power of intelligent contextual correlation to bear for your compliance and security management needs. Situational awareness is automatically generated by the SIEM, giving you the visibility necessary to operate a secure and compliant network. It also provides security intelligence and data mining capacities, featuring:

  • Risk assessment
  • Correlation
  • Risk metrics
  • Vulnerability scanning
  • Data mining
  • Real-time monitoring

SIEM uses a SQL database which stores normalized information, allowing strong analysis and data mining capabilities. SIEM is tuned for high performance and scalability of many million events per day.  A partial list of SIEM features includes:

  • Compliance automation
    • Hundreds of canned compliance reports
    • Advanced reporting wizard
    • Forensic auditing console
  • Advanced contextual correlation
    • Network and applications
    • Events and flows
    • Asset inventory
    • Intrusion detection
    • Vulnerability assessment/database
    • Reliable attack detection
  • Drill?down risk oriented analysis
  • Compliance reports and dashboards
  • Automated asset inventory
  • Availability and resource monitoring
  • Comprehensive incident management system
  • Real?time analysis and reporting
  • Automated network profile and inventory management
  • Hierarchical, distributed architecture
  • Real?time attack identification
  • Pre?installed security and compliance directives
  • Integrated wireless, host and network IDS/IPS
  • Connectors for thousands of event sources
  • Flexible ad customizable dashboards
  • Granular user management
  • Search
  • Real-time alarms

Benefits

  • Active Monitoring Around the Clock
  • Real Time Reporting
  • Information Not Just Data
  • Ensures Compliance by Strong Policy Enforcement
  • Effective Operations and Compliance Platform
  • Fast Deployment
  • Audit, Compliance and Reporting
  • Interoperability
  • Reduced IT complexity and cost
  • On-Demand Scalable Pay-As-You-Go Service
  • Not Just Log Management, Integrated Modular System Supporting Your Growth
  • Proven Technology

button-quote