NetIQ Unveils SIEM Solution

NetIQ has announced Sentinel 7, a full-featured Security Information and Event Management(SIEM) solution that simplifies the deployment, management and day-to-day use of SIEM, readily adapts to dynamic enterprise environments and delivers the true “actionable intelligence” security professionals need to quickly understand their threat posture and prioritise response.

“Traditional SIEM solutions provide advanced functionality but add considerable complexity, which does not help them achieve greater visibility or control over their security posture,” said Matt Ulery, director, Product Management at NetIQ. “For our customers to achieve greater value from SIEM, they need solutions that are simple to use and deploy, rapidly adapt to their ever-changing environment and deliver actionable intelligence – the right information at the right time to the right stakeholder – to help identify and mitigate security threats.”

SIEM is critical to gaining visibility into vast amounts of data from network event, log and flow data to identify risk, data breaches, insider threats and APT-style attacks. Sentinel 7 delivers full-featured SIEM (real-time event analysis and log management) while eliminating the complexity other SIEM toolkits introduce and maximises the ability to align SIEM to organisational needs. Sentinel 7 provides the following benefits:

The solution ships as a virtual appliance that easily adapts to any environment without requiring expensive, dedicated hardware. Sentinel 7 has the ability to scale horizontally or vertically to meet changing IT needs by simply adding computing capacity or virtual machines.

Sentinel 7 ships with packaged intelligence to detect many threats out-of-the-box without time consuming rule-writing and configuration. Built-in anomaly detection automatically establishes baselines of normal activity and detects changes that can represent emerging threats. New or custom rules can be created easily by business users through an intuitive graphical user interface.

Automated baselining of security events enhances the process of discovering emerging threats for rapid remediation and improved protection of information assets.

Sentinel 7 puts the information CISOs, compliance officers, auditors and other stakeholders require at their fingertips through integration with context from external sources to go beyond raw events and give the “who, what, when and where” through user activity monitoring for security events.

“Organisations need to achieve successful outcomes from SIEM. Prior to Sentinel 7, SIEM technologies were too complex to reliably produce the right information needed to take action,” said Ulery. “With this latest release, we are combining power and simplicity – the features, functionality, ease-of-deployment and ease-of-use – to yield the true actionable intelligence teams require to execute effective security incident response, mitigate risk and protect information assets.”