|
Incident MiND
Your EYE to Security
Incident

As the network security technology becomes more complex, different brands of security devices are emplyed to provide a more comprehensive protection to the network. Log data managment is hence becoming a vital element in managing network security, regulatory compliance and network availability in coporations nowadays. Unmanagble of different logs and events which fired from different devices located diversely, even within a site, implies an inadequate information for monitoring network activities which enhance the network vulneribility to attacks. Immediate, efficient and effectively responses to attacks can not be made either. This rising security concerns is now proceeding into both managerial and operational views in many corporations. Security Information Management (SIM) is hence an indispensable solution to satisify the urgent needs.
Security Information Management defines the process of collecting, analyzing and reporting security-relevant information. It helps in controlling the security infrastructure instead of being controlled by them. Security Event Management assists in analyzing the collected logs and events from various security devices, revealing true attacks and at the same time generating real alerts to administrators in manageable manner. The tools and workflow for the security staff to protect the organization are provided. The business continuity is hence greatly ensured.
 |
 |
Incident MiND |
|
Incident MiND is an innovative product of combination Security Information Management and Security Event Management into one single platform. It enables security cross-products integration with incident handling in a centralized management console as integrated Security Incident Solution. Logs and events from all disparate security infrastructure are centrally collected, normalized, correlated and transformed into meaningful information. Real-time events and post-event analysis can benefit corporations in efficiently and effectively resolve the network security threats in a cost-saving manner.
Centralized Management
Maximizes value of existing security investment by unifying
security process across geographies, disparate security technologies,
and network tiers. Incident MiND empowers you to manage hung
amounts of security event from various security devices in
a single GUI (Graphical User Interface) management console;
which satisfies essential security tasks in monitoring, alerting,
query, analysis, action, as well as technical and management
reporting.
Customize Your Network and Visualization
Customization of network environment and security products
is one of the critical issues to handle false alarms and security
events. Incident MiND helps you to filter false alarms and
visualize the intrusion scenario cases on your management
console with prioritization; which draws your attention on
the most significant security events and gets understanding
in a fast way by GUI representation.
Incident Identification and Workflow
Control
It connects security knowledge to action by coordinating and
tracking response activities throughout the incident lifecycle
helping enterprises respond quickly and effectively, thereby
minimizing the business impact of information security breaches.
Event Correlation and Cross-Product
Analysis
Because few standards exist today in the world of information
security, security devices themselves do not adhere to common
criteria when producing security event information. So, while
multi-vendor firewalls and IDS / IPS may perform a similar
function, their event information looks very different. Incident
MiND helps in normalization and handles cross-product security
alarms and event logs into single normalized dataset for correlation
analysis and visualize in a single management console.
Comprehensive Report
With providing both managerial level and technical level reports;
including summary charts in top attacks with daily, weekly,
or monthly basis, as well as technical details information
about each intrusion scenario case in graphical or log formats.
Incident MiND generates reports with whole
security pictures for your network environment, instead of
pieces information from individual security devices; and also,
it allows for scheduling of report generation and welcome
for customization of client's own report types and report
formats.
|