eIQnetworks, Inc.
Product Version Certified: Network Security Analyzer v4.2
Certified for use with: Check Point Next Generation with Application Intelligence
Product Description: eIQnetworks is helping security professionals in multiple industries worldwide build a security intelligence layer to minimize incident response time, eliminate false-positives and maximize opportunities for proactive and preventative actions, ultimately strengthening organization's overall security posture, reducing hacker and virus attacks while meeting regulatory compliance requirements. eIQ's Network Security Analyzer (NSA) provides real time security monitoring, security-critical forensics analysis, centralized log management, correlated alerting, reporting and compliance audit management, all within a single solution.
|
| Company Description: eIQnetworks is an award-winning provider of Security Information and Event Management (SIEM) solutions. eIQnetworks delivers the industry's most comprehensive and cost-effective solutions for security professionals who require real-time security intelligence for identifying, understanding and pre-empting hacker and virus behavior and security threats, all while meeting stringent federal compliance requirements. The Company's products are used in more than 50 countries around the world and are currently deployed in over 1000 companies and government agencies including LL Bean, Hess, Sprint, Boeing, Avaya, MCI, Malaysia Telecom, Fujitsu, Unisys, Fiberlink, Boston.com, FCC, US Army, US Navy, Wachovia, Citibank, HP, ADP, Bertelsmann, UBS, KPMG and many more. eIQnetworks' solutions are available worldwide through an extensive, global distributor network. For additional information, visit the website or call 1-877-LOGS R US. |
| Key Features and Benefits |
| Network Security Analyzer (NSA) provides essential security intelligence layer across enterprise-wide IT infrastructure. NSA helps decipher hacker/virus behavior, combat security threats and meet regulatory compliance requirements across the entire IT infrastructure. It provides advanced security event management across all network devices that have an impact on a company's security framework including routers, switches, firewalls, VPN/SSL, IDS/IPS, Anti-Virus systems, SPAM, Spyware, Proxy, content filtering, and more.
Features and Benefits:
- Monitoring & Correlated Alerting - NSA provides real time event monitoring, advanced correlation analysis and alerting necessary for comprehensive real-time security intelligence. Using the real-time monitoring, business impact analysis and correlated alerting security professionals can quickly and easily gain insight into hacker and virus activity to improve the overall IT security.
- Reporting - NSA provides concise, yet comprehensive and easy to read security and activity reports required by all levels of the organization via a reporting portal. NSA includes over 800 correlated reports to assist organizations in the development of security processes to meet regulatory compliance. The reporting portal provides the ability to offer role based access to reporting portal that is tailored to the needs of individuals, departments, or executive management. User configurable Device and Host dash boards offer a quick summary view into the security posture. Report categories include Intrusion, Rule violations, Protocol usage, Web Usage, Content Categorization, Anti-Virus, SPAM, Spyware, and more.
- Forensics - Forensics and investigative analysis provides the ability to search through 100s of GBs of current and historical log data for ad-hoc audit verification or 'vector' an attack, that is track the route an intrusion took in the network by observing the chronological order of pertinent events recorded by nodes in the network.
- Log Management - provides scalable and cost effective centralized log management that can collect, normalize, aggregate, compress and encrypt log data from disparate sources such as routers, switches, firewalls, IDS/IPS, AV, SPAM/Spyware. It provides automated compression, encryption and archival of log data on to any DAS, NAS or SAN system to help meet compliance requirements
|
| OPSEC Integration |
| eIQ's Network Security Analyzer (NSA) collects logs from Check Point FW1/VPN1 using the LEA (Log Export API) protocol. Data from Firewall-1/VPN-1 is correlated with information from other security devices and applications in the network to provide a holistic view of the security environment. Through this integration, NSA analyzes Check Point security alerts in real-time and correlate them through a comprehensive set of software methodologies that perform aggregation, normalization, and correlation analysis.
All events collected from Check Point are fed into NSA's robust monitoring, alerting, correlation and analysis engine. Correlated alerts can be used to detect intrusions, blended attacks, and other security breaches. This makes it possible to get more value from existing security devices and tools and helps with auditing, reporting, refinement of security processes, minimizing of business risk and helps with regulatory compliance. Event Manager allows real time viewing of security events data from 1,000s of heterogeneous and multi-vendor network devices and prioritize the actions based on business impact of each event, allowing for corrective actions before an incident occurs. Security and Network managers can access this information from any browser on the intranet and quickly and easily sort through large volumes of raw information to focus on high-risk threats.
Additionally, NSA includes an independent reporting engine, which is used to generate over 800 cross-vendor/cross-device reports as well as vendor specific reports in variety of formats (HTML, PDF, Text, Word, Excel) and in different languages for the security analyst. The reporting portal provides easy to use drill down capability that allows security administrators zero-in on important information.
|
| Additional Information |
 21-Day FREE Trail of Network Security Analyzer v4.2
Installation Overview
|
|
Key Features and Benefits
