axxera ci siem
DESCRIPTION
TRANSCRIPT
www.axxera.net
Axxera Central Intelligence SIEM
Axxera’s Central Intelligence SIEM is industry's most powerful and
scalable SIEM solution available today, rising to the challenge of
today's enterprise, government, and critical infrastructure networks. In
today’s complex security world, having just SIEM platform is not
enough, it has to be configured with processes and procedures to
proactively combat and mitigate security risks. Our patented built-in
ITIL security processes and procedures are tightly integrated into the
Central Intelligence SIEM platform. Every high-risk event occurred in
the environment is correlated auto ticketing system, ITIL discipline and
displayed in Console.
Central Intelligence (CI) SIEM analyzes and correlates every event that
occurs across the organization also brings all of the power of
intelligent contextual correlation to bear on your compliance and
security management needs. CI detects anomalies and other indicators
of risks and threats before threats occur, so you can strengthen your
security profile and minimize risk.
www.axxera.net
Axxera Central Intelligence SIEM is an ITIL process driven platform, which collects, stores and analyzes
events across any enterprise. The intelligent correlation helps to combat security threats and maintain
the security posture for compliancy and auditing.
Threat Detection and Prioritization
Internet-based threats and fraud continue to
proliferate in today’s complex networks. Central
Intelligence SIEM consolidates information to more
effectively detect and manage complex threats. The
hierarchical and process driven architecture of
Central Intelligence SIEM engine, Central
Intelligence Logger, and the Central Intelligence
Sensors allow seamless communication over
encrypted connections to address the largest and
most complex networks. The information is
normalized, correlated and ITIL processed to quickly
deliver intelligence that allows organizations to
detect, notify and respond to threats missed by
other security solutions with isolated visibility.
Collection of Events
Security Events – IDS/IPS (Network, Wireless and Host), Firewall, VPN etc.
Vulnerability Scanners – Servers, Databases, Network Devices etc.
Network Events – Switches, Routers, Servers, Hosts etc.
Application Logs – ERP, Web, Email, Workflow, Application Databases etc.
Others – DLP, Forensic Tools, Network Traffic Analysis Tools etc.
Correlation Engine
Axxera's Advanced Correlation Engine (CE) module
offers sophisticated correlation and analysis of all
enterprise log data in a uniquely intuitive fashion.
With a practical combination of flexibility, usability
and comprehensive data analysis, CE Engine
delivers real-time visibility to risks, threats and
www.axxera.net
critical operation issues that are otherwise
undetectable in any practical way.
Axxera CE is a real time correlation engine.
Correlation occurs as and when new events are
generated. Axxera CE has Two types of correlation-a
vertical correlation that occurs in the same device
and a cross correlation that occurs across multiple
devices. A combination of vertical and cross
correlation enables organizations to predict, detect
and swiftly respond to advanced attacks.
Built-in ITIL Framework-Ticketing System
As soon as an event is identified, a ticket (incident
record) is automatically created. This auto-ticketing
process pre-populates the incident record with all
known details, such as device/application name,
type, location, the time of occurrence, and the
performance issue. Auto-ticketing brings
tremendous efficiency to your support staff,
ensures that records are complete and accurate,
and accelerates your incident response time.
Other event management tool vendors require
extensive integration projects to approximate
Axxera range of capabilities. With Central
Intelligence, necessary technologies such as
monitoring, event handling, correlation,
configuration management and ticketing are pre-
integrated, providing seamless automation.
Log Management Framework
The Axxera’s Central Intelligence Logger is an Open
Log Management platform allows customers to
collect and analyze all of their log data from
virtually any device, application or operating
system, with features that ensure information
intelligence and increase efficiency. CI Logger Open
Log Management provides agile reporting and fast
search capabilities, as well as security features to
protect data integrity, allowing for reliable long-
term storage of unaltered log data.
E-commerce
WebFile
DatabaseServers
PCLaptops
BYOD
Switch
End Users
Axxera Logger
BI Reports Portal/Console Log analysis Behavior
Analysis
Data Leakage
SIEM
Firewall
Network Devices
Infection Detection
Regardless of how malware enters your network
(through innocent web surfing, email attachments,
direct exploit, or by attaching your laptop to the
wrong wireless network), once a machine within
your perimeter is compromised your whole network
is under threat. Infection Detection helps you
quickly identify and isolate these infected machines,
and helps you figure out who really owns your
computers.
Knowledge Base System
Axxera believes in providing its customers an
Information Security Knowledge base. Axxera
documents the best practices and share solutions of
common problems with its end-users through the
web-based Knowledge Base. The Knowledge Base
serves as an effective knowledge sharing medium,
enabling end-users to self-service the solutions to
their problems before contacting a security expert
team.
The Knowledge Base enables grouping of solutions
into specific topics, facilitating end-users to browse
for solutions in the Self-Service Portal. By
stimulating the use of keywords for each solution,
improves the search capability tremendously. The
number of views displayed for each solution in the
list view shows the usefulness of a specific solution
in the Knowledge Base. Furthermore, solutions can
be made visible or invisible to specific user groups.
www.axxera.net
This avoids cluttering the end-users view with
technical solutions or sensitive information.
Network Analysis, Availability and
Performance
Axxera Central Intelligence built-in availability and
performance connectors will constantly monitor
any device in an organization. Security effects
Availability, Availability effects Performance,
Performance effects Security, this triangle concept
of Axxera greatly helps organizations to combat and
mitigate security threats.
Early Warning System
Axxera uses threat intelligence from sensors across
the Internet; this reputation-based service
continually updates our customers’ backbone
routers with a personalized global threat lists to
prevent inbound and outbound connection
to malware sources and botnet controllers.
Compliance Management
Axxera Central Intelligence enables organizations to
collect, store, and analyze log data as well as
proactively monitor and respond to security threats
in order to meet IT risk and compliance
requirements. It can proactively monitor, collect
and respond to various event data and security
threats, and correlate the impact of incidents based
on their criticality to business operations, or the
level of compliance to various mandates. Axxera
Central Intelligence provides prebuilt dashboards,
reports and rules templates for the following
regulations and control frameworks: PCI DSS,
HIPAA, FISMA, GLBA, ISO/IEC 27001, and SOX
Centralized Portal/Console
Axxera Central Intelligence provides a solid
foundation for an organization’s Security
Operations Center by providing a centralized user
interface that offers role-based access by function
and a global view to access real-time analysis,
incident management and reporting. Portal /
Console is an enterprise-ready solution for the
collection, reporting, and remediation management
of security events affecting your network.
Regardless of the size or configuration of your
network, it provides a centralized console to
manage task delegation and enable efficient review
of remediation efforts.
Forensic Analysis
Understand the Who, What and Where behind
Every Risk. Axxera’s Central Intelligence Real-time,
location-based and historical searching of flow and
event data for analysis and forensics greatly
improves the ability to assess activities and incident
resolution.
www.axxera.net
Axxera Connectors-Sensor
Axxera Central Intelligence connectors are an
important part of the platform. They collect events
from hundreds of devices in native format, and then
they normalize those to a common, well-defined
format so that you can compare and analyze very
disparate events. The connectors collect locally and
then send the normalized events to our logging and
correlation products in a guaranteed, secure, and
bandwidth-efficient manner.
Security Action Plan System (SAP)
Axxera Central Intelligence Engine generates tickets
based on ITIL standards for every security event.
Axxera uses industry best practices to create an
Action Plan for each ticket. Action plans can be
tailored to suit customer their needs. The Action
Plan module has been integrated with Axxera
Central Intelligence platform.
Benefits of Action Plan include:
To lend credibility to your organization. An action plan is associated with each and every security event shows members of the community that your organization is well ordered and dedicated to getting things done.
To be sure you don't overlook any of the tickets. SOC analyst can address threats when the threat is accompanied with an action plan.
For efficiency: to save time, energy, and resources in the long run
For accountability: To increase the chances that people will do what needs to be done
Axxera Inc, 980 Roosevelt Suite 200, Irvine CA 92620 USA
Phone: +1 (949) 216-7800
Copyright 2011 Axxera Inc. All rights reserved. Axxera logo, Predictive Security Intelligence, and Central Intelligence are trademarks or registered trademarks of Axxera Inc. All other company or product names mentioned may be trademarks, registered trademarks, or service marks of their respective holders. The specifications and information contained herein are subject to change without notice.