|
Traditional security information and event management (SIEM) offerings leave organizations blind to attacks that shut logging off and involve configuration changes to critical devices. SecureVue from eIQnetworks circumvents this limitation by deliver the first true unified threat and compliance solution that analyzes all security data - going beyond logs to include complete collection, analysis and correlation of configuration data, asset data, performance metrics, vulnerabilities and network flows - providing the broadest perspective available for both security and compliance requirements, and resulting in a more accurate view of security posture and situational awareness.
By offering the industry's only true UTC solution, SecureVue delivers:
 Log Management. Automatically collect and correlate event data from any device, host or application to generate actionable alerts. Meet compliance mandates requiring log aggregation and analysis.
Configuration Analysis. Detect configuration changes and present current and historical configuration snapshots detailing changes and trends to identify policy violations.
Asset Analysis. Centralize archiving, tracking and management of hardware and software. Identifies unauthorized software installations to detect malware outbreaks.
Performance Analysis. Monitor, collect and analyze current and historical performance data to proactively pinpoint potential bottlenecks and device problems.
Vulnerability Analysis. Monitor and alert on known vulnerabilities to reduce false positives and apply context to emerging attacks.
Network Flow Analysis. Monitor current and historical network performance and alert on anomalous network traffic to pinpoint outbreaks.
Key capabilities and features of SecureVue include:
GUI-based Correlation, Monitoring and Alerting. SecureVue ships with over 250 correlation policy templates to accelerate time to value and start detecting and resolving security incidents immediately. By automatically correlating data and centralizing configuration audit across the enterprise, SecureVue provides real-time monitoring and alerts on policy violations, non-standard processes, rogue applications, potential financial fraud, identity theft and cyber-attacks.
Detailed Compliance Reporting. Providing over 1,500 security and compliance metrics-based reports, SecureVue lets you quickly gain visibility into infrastructure activity across lines of business, locations and applications. These reports - viewable from a secure portal or exported in HTML, PDF and other formats - provide extensive drill-down capabilities that allow users to quickly go from big-picture summary data to specific security, risk and audit management details.
Integrated Architecture. Collect, correlate, archive, analyze and report on all security data, including log, vulnerability, configuration, asset, performance and network behavioral anomaly data across the enterprise.
Single Console. SecureVue provides an enterprise-wide view of security and compliance status from a single console. Data from multiple silos can be correlated and evaluated in a consolidated presentation using eIQ's innovative QuickVue window, which enables users to easily drill into information to speed incident identification and provide root cause analysis, fostering collaboration between NOC and SOC teams.
Optimized Data Store. SecureVue's flat-file data store has been built to provide fast and efficient data collection, rapid search and forensic analysis, secure and reliable log management and support for existing SAN and NAS storage to provide the fastest alerting and reporting in the industry.
Role-Based Access Control. Shipping with over 50 dashboards supporting integrated role-based access, SecureVue segregates and customizes data to support job-specific views, analysis and reporting. While executives may desire to view high-level summary reports, IT professionals can easily drill into more complex monitoring, alerting, reporting and forensics detail. This role-based approach to security ensures that SecureVue provides the appropriate separation of duties mandated by many regulations, best practices, and information security standards.
Scalability. SecureVue's advanced product architecture supports massive hierarchical deployments ranging from one to six tiers of data collection - all from a single code base. With the capacity to process over 15,000 events per second in a standalone deployment, over 1 million events per second in a distributed implementation, SecureVue delivers optimal performance to meet the requirements of even the most demanding enterprise, government and managed security service provider (MSSP) customers.
Reliability and Security. SecureVue is certified to operate in the most demanding environments. SecureVue is certified under the NIST FIPS-140-2 standard, has achieved Common Criteria certification under NIAP EAL 2, and is in-process for certification under EAL 4+.
| 
