Security Event Management or firewall reporting and analysis has now become a very critical component within any organizations security strategy so that they meet regulatory compliance. Network Security Analyzer by EIQnetworks has developed an easy-to-use and cost effective security event management solution which provides essential real-time security intelligence to help decipher hacker/virus behavior, combat security threats and meet compliance requirements.

• Monitor and visualized hacker and virus attacks & behavior patterns

• Minimize or eliminate false positives with correlated alerting

• Understand hacker attacks and security breaches, including identifying blended attacks

• Identify attack type, source, destination, port, protocol, severity, rule, etc. in real time

• Obtain details on virus activity such as virus source, virus type, virus details, virus impact, etc.

• Meeting regulatory compliance such as HIPAA, GLBA and Sarbanes-Oxley

• Understand protocol usage by device, user and department

• Analyze incoming & outgoing traffic/bandwidth patterns

• Analyze web usage by department and individual employees

• Understand blocked web site access and allowed/denied traffic

• Bandwidth utilization by department, client and protocol

• Identify inappropriate Internet usage by employees

• Understand SPAM activity and obtain details on Spammers

• Provide role based access to reporting and monitoring portals

Cost Effective and Powerful - Network Security Analyzer offers the industry best ROI with powerful and scalable implementation. It is easy to use and requires little or no installation help.

Managed Services Offering Providers (MSSPs) Support - MSSPs can use Network Security Analyzer to

provide on-demand reporting service to managed services customers.

Real-time Event Monitoring - Monitors security event data across the entire network of devices in real-time via a monitoring portal. Monitor recent viruses detected, attack detections, emergency events, alert events,

warning events, average events per second, port activity, protocol activity, and more. Create monitors to meet

unique requirements and to identify anomalies. Real-time Correlated Alerting - Template driven alert

manager allows creation and definition of any number of alerts to reduce false positives, identify blended attacks and/or viruses by correlating alerts across multiple devices, sources, destinations, ports, etc. Deliver alerts on the screen, via email or SNMP.

Real-time Event Manager - View security events data from 100s of heterogeneous and multi-vendor network devices and prioritize the actions based on by business impact of each event, allowing for corrective actions

before an incident occurs.

Correlation Analysis - Get a holistic view and understanding of hacker and virus activity by correlating

data across all network devices instead of looking at each device data separately. This will help minimize incident response time and maximize the ability to take proactive and preventative action to improve security information management.

Anti-Virus Analysis - Generates over 100 anti-virus activity related reports that identify the presence of

viruses across enterprise networks. Anti-virus reports provide information on the following characteristics: Virus Type, Source, Destination, Frequency, Type, File Name, Extension and by Protocol (Http, SMTP, FTP, etc). Reports can be generated for events categorized by hour, day & month by each firewall, as well as across all devices.

SPAM Analysis - Generates over 30 SPAM activity related reports. Helps find information such as Spam source, spam email address, spam destination, frequency, file name, file extensions, device, etc.

And More - For further information click here for further details

Screenshots

Datasheets

• Network Security Analyzer Data Sheet

• Security Event Management

• Sarbanes Oxley White Paper

• GLBA White Paper

• HIPAA White Paper

Product Requirements

Minimum Requirements

• Processor - Pentium 4 – 2.0 GHz

• Disk Space - 10GB

• RAM – 1GB

• Operating System - Windows 2000/XP/2003

• IIS, Netscape or Apache

• Internet Explorer 6.0

Recommended Requirements

• Processor - Pentium 4 – 2.4 GHz or higher

• Disk Space – 20 GB or higher

• RAM - 2 GB or higher

• Operating System - Windows Server 2000 / 2003

Technical Overview

Network Security Analyzer (AKA FirewallAnalyzer Enterprise) from eIQnetworks provides real-time advanced security event management across all network devices that have an impact on a companies security framework including routers, switches, firewalls, VPNs, IDS/IPS and Anti-Virus systems.

Device Compatibility

• Astaro

• BlueCoat

• Check Point

• Cisco IOS Routers & Switches

• Cisco IDS

• Cisco VPN Concentrator

• Cisco PIX

• Cisco PIX & Firewall Services Module (FWSM)

• CyberGuard

• Fortinet

• GTA (GNAT)

• Inkra networks VSS

• iPolicy Enforcer

• ISS Proventia & Realsecure

• JUNIPER JunOS Routers

• McAfee Webshield

• Microsoft ISA

• NetContinuum

• Juniper/NetScreen Firewall

• Juniper/NetScreen IDP

• Juniper/NetScreen SSL

• Juniper/NetScreen VPN

• Nokia

• Secure Computing Sidewinder

• SNORT IDS

• ServGate

• SonicWALL

• StoneGate

• Symantec SGS & SEF

• TopLayer IPS

• Trend Micro IMSS

• WatchGuard

For effective security management, it is essential to collect, normalize, aggregate and correlate the event data

from disparate sources to identify security breaches, hacker, intrusion and virus activity that could potentially be crippling valuable corporate assets. Network Security Analyzer from eIQnetworks delivers an industry leading solution which provides scalable and cost effective monitoring, alerting and reporting of security events across the entire networked infrastructure.

Network Security Analyzer provides essential real-time security intelligence across 100s of network devices that have an impact on a company’s security framework to help decipher hacker/virus behavior, combat security threats, and meet compliance requirements. Network Security Analyzer automatically collects, archives, normalized, correlates, analyzes, monitors and reports on all event data across multi-vendor, multi-functional network devices to help eliminate false positives and improve security operations. These devices include Switches, Routers, Firewalls, IDS/IPS systems, Anti-virus, Content Filtering and SPAM Systems, Proxy servers, and Web Security Appliances from leading vendors including Cisco, Juniper/

NetScreen, Fortinet, Check Point, Nokia, Trend Micro, SonicWALL, Symantec, McAfee, WatchGuard and more.

Network Security Analyzer helps to quickly identify potential security breaches and viruses before they cripple the IT infrastructure. It also minimizes false positives, and delivers audit information necessary to meet security compliance.

Network Security Analyzer provides critical correlation analysis information needed to minimize incident response time and maximize the ability to take proactive and preventative actions to improve security information management, reduce hacker and virus attacks, and meet regulatory compliance requirement. Network Security Analyzer easily installs on any system running Windows 2000 / XP / 2003.

Using the real-time Event Manager monitoring and correlated features, Security professional can easily and

quickly gain insight into hacker and virus activity to improve overall perimeter security. Armed with information such as requests that triggered a particular rule, source, destination, frequency, port of attack, protocol, etc., enables expedient corrective actions before they gain access to sensitive information or spread the virus across the corporate networks.