Enterasys® Security Information & Event Manager
Compliance through Security Information and Event Management, Log Management, and Network Behavioral Analysis
The Enterasys Security Information and Event Manager (SIEM) product (also known as DSCC) combines best-in-class detection methodologies with behavioral analysis and information from third party vulnerability assessment tools to provide the industry’s most intelligent security management solution. Enterasys SIEM delivers actionable information to effectively manage the security posture for organizations of all sizes.
The challenge created by most threat detection systems is the volume of information they generate — making it difficult to determine which vulnerabilities require an immediate, high priority response. The Enterasys SIEM solution addresses this challenge and provides powerful tools that enable the security operations team to proactively manage complex IT security infrastructures.
Enterasys Security Information and Event Manager:
- Goes beyond traditional security information and event managers and network behavioral analysis products to deliver threat management, log management, compliance reporting, and increased operational efficiency
- Collects and combines network activity data, security events, logs, vulnerability data, and external threat data into a powerful management dashboard that intelligently correlates, normalizes, and prioritizes—greatly improving remediation and response times, and greatly enhancing the effectiveness of IT staff
- Baselines normal network behavior by collecting, analyzing, and aggregating network flows from a broad range of networking and security appliances including JFlow, NetFlow, and SFlow records. It then discerns network traffic patterns that deviate from this norm, flagging potential attacks or vulnerabilities—anomalous behavior is captured and reported for correlation and remediation
- Tracks extensive logging and trend information, and generates a broad range of reports for network security, network optimization, and regulatory compliance purposes; report templates are provided for COBIT, GLB, HIPAA, PCI, and Sarbanes Oxley
The Enterasys SIEM solution portfolio is appliance based for quick and easy setup. Available hardware components include:
- SIEM Appliance
- Event Processor
- Flow Anomaly Processor
- Behavioral Flow Sensors