 e-Sentinel brings together all of the components of the security infrastructure - including network hardware and software point products, to centralizing security events into one control center, bringing efficiency to your security operations and enabling real time incident response.
Seamless View
 e-Sentinel receives standardized alert information collected from various sources distributed throughout the enterprise through e-Security Agents, prioritizes the alerts with the appropriate severity level, stores the normalized data and performs correlation - all in real time.
e-Sentinel directly addresses the need of today's Security staff to centrally monitor all of their distributed security environment, viewing the status of enterprise security and information assets such as:
- Information security devices (e.g. firewalls, IDS)
- Network devices (for security events)
- Applications and services (e.g. OS, databases, e-mail)
- File servers & Enterprise Resource Planning (ERP) Systems
- Other security sources (e.g. badge readers, process control devices)
- Information assets grouped by business unit, business process, or enterprise initiative
All security events from throughout the security environment can be seen either in text alert form or graphically from the control center. These views are completely customizable, enabling you to represent your environment in any way that makes sense to you.
Real Time
Discovering a threat even minutes after it has taken place is too late. e-Sentinel monitors every component of your security infrastructure and reports activity as it's happening, so you can zero in on the exact source and location of an attack. No other security software allows you to respond this quickly and avoid damage to your enterprise assets. Thus, e-Sentinel gives you the "whole picture" of your enterprise security infrastructure with real time alerts on a 24x7 basis, and the ability to drill down to the exact location of any problem. You create the views that fit your distributed security situation, so that when a security event takes place, you can see what is happening from several perspectives, at any level of detail you want.
You can further reduce event clutter and focus on your critica business systems by using e-Sentinel's filtering functionality. Using filtering, you can create rules to reduce non-critical events, false positives and pinpoint truly threatening events. Different users can use different filters so that monitoring responsibility can be split among your team according to their areas of focus.
Correlation
In addition to monitoring, e-Sentinel contains advanced correlation functionality. By correlating the security events occurring throughout the enterprise, Security Analysts can spot similarities between and trends among attacks. This enables Analysts and the security team to close any holes, shut down troublesome IP addresses and fortify assets that come under frequent attack.
e-Sentinel gives you the ability to conduct "closed loop" incident response procedures. With built-in audit trail capabilities you can check on the status of events, append notes to detail steps taken to address events and report on the status of critical events. Additionally, e-Sentinel is integrated with leading problem management solutions, such as Peregrine, and network management solutions, such as HP OpenView, to enable effective incident response while complying with IT policies and procedures.
Management Reporting
e-Sentinel can also generate hourly, daily, or on-demand reports of event activity that can be used to identify trends, spot vulnerabilities, and support policy-making decisions as your distributed security environment grows and changes.
Key Benefits
- Increase manageability and reduce total cost of ownership of your security environment with centralized security event management
- Manage business risk in real time by identifying and responding to incidents before damage is done
- Complete situational awareness with an integrated seamless view of your entire security infrastructure
- Reduce false positives and identify critical alerts using pre-built rules, or your own custom correlation rules
- Attain provable security and usable results using customized reports or one of over 50 Crystal Reports templates
- Monitor the status of your security environment from any secure web browser using our intuitive, web-based interface
- Create a "closed loop" incident response process with e-Sentinel's built-in audit trail functionality and integration with leading network and problem management solutions
- Turn complexity into clarity by representing complex security relationships across your multi-vendor, distributed environment in any way that makes sense to you.
|
