Federal Government and Defense

Security & Compliance Solutions for Federal Government

Federal agencies face unique and stringent requirements for information security, due to the critical nature of the social, industrial, defensive, and military services that those agencies serve. NitroSecurity's unique, real-time security analysis and reporting is especially suited for these critical environments, where rapid response to threats is mandatory.

We've also listened to our federal customers, and have continued to build critical capabilities into our solution to meet their specific needs: everything from configuration change management to global geo-location maps that can pinpoint the source of specific security events around the globe.

Finally, to better serve these agencies, NitroSecurity has engineered all appliances to the strict guidelines defined by NIST. All appliances are fully hardened, to ensure the security and integrity of these critical defensive devices. We've gone through extensive testing to earn Common Criteria certification to the third Evaluation Assurance Level (EAL3), and have further validated our appliances to FIPS 140-2, Level 2. 

 

  • Overview
  • Rapid Response
  • Certifications
  • Approved Products

When supporting federal, government and military networks, a security solution needs to be powerful, reliable, and heavily assured.  That's why NitroView and NitroGuard products are purpose-built around performance and reliability, to support rapid incident response requirements of these critical agencies.

But you shouldn't take our word for it -- we have plenty of third-party tests, certifications, and validations that prove the suitability and reliability of our products, including certification to Common Criteria EAL 3, full validation of FIPS 140-2 Level 2, and other industry substantiations. 

This attention to detail has earned NitroView praise from top authorities in the DHS, DOD and  and has also earned NitroView and NitroGuard full approval for deployment in US Army and Navy networks

In defense networks, incidents need to be handled quickly.  NitroView understands the need for a rapid response to threats, and leverages the power and performance of our patented data management engine to address the issue.

We start by allowing you to collect more information, from more sources, and retaining that information for analysis for a longer period of time.  We then provide advanced correlation and anomaly detection across all that data, to improve the chances of detecting a real threat early on, and to make sure that the most severe threats are easily identified.

Once detected, NItroView's analytical performance comes into play, allowing security operators to drill into each incident, find related events, and thoroughly investigate each and every threat--quickly.  No other SIEM can even come close: a report that can take hours on a competing SIEM can be completed in just a few minutes, even when managing billions of network flows in NASA's Security Operations Center, or tracking the Army's blue force communications across the globe.

Finally, NitroView integrates case management tools to manage incident response activity as it occurs, making incident response with NitroView as efficient as it is fast.

Common Criteria-EAL3 certified Certified to Common Criteria EAL 3, enhanced (view the Common Criteria Evaluation & Validation Scheme Validation Report)
FIPS 140-2 level 2 validated FIPS 140-2, Level 2 Validated (view the View the certificate for NitroGuard IPS or the certificate for NitroView ESM )
conforms to NERC CIP-007 requirements Conforms with cyber asset requirements of NERC CIP-007
Built to NIST 800-53 standards Suitable for deployment in defense and critical infrastructures under NIST SP 800-53
Listed on the US Army Approved Products List Certified and Listed on DOD Unified Capabilities Approved Products List (UC APL)
Listed on the US Army Approved Products List Approved for deployment under US Army Information Assurance Approved Products List (view the Army APL)
Listed on Navy ATO and DADMS Tested and approved for operation within Navy networks (Navy ATO and DADMS Listed)

The following products are listed on the DoD Unified Capabilities Approved Products List:

Model Description Collection Rates Analytical Performance Local Storage

Dedicated NitroView ESM Appliances
NS-ESM-5750-X5-512-R NitroView ESM X5 "High Speed" Enterprise Security Manager provides Log Analysis, SIEM, and Network Analysis functions for large enterprise networks. 7TB local storage plus 2TB of Flash array for extremely high performance. One 3U appliance, plus one 2U Appliance.

600,000 per second 1 Less than 10 seconds 3

7 TB 4

+

2 TB Flash 5
NS-ESM-5750-R NitroView ESM 5000 Enterprise Security Manager provides Log Analysis, SIEM and Network Analysis functions. 7TB local storage. 3U appliance.

70,000 per second 1 Less than 1 minute 3 7 TB 4
NS-ESM-4245-R NitroView ESM 4000 Enterprise Security Manager provides Log Analysis, SIEM and Network Analysis functions. 3.75TB local storage. 3U appliance.

40,000 per second 1 Less than 4 minutes 3 1.5 TB 4
NS-ESM-4200-R NitroView ESM 4000 Enterprise Security Manager provides Log Analysis, SIEM and Network Analysis functions. 2.5TB local storage. 3U appliance.

50,000 per second 1 Less than 3 minutes 3 3.75 TB 4

All-in-one NitroView ESM and Receiver Appliances
NS-ESMRCV-2250-01-R NitroView ESM 2000 Enterprise Security Manager provides Log Analysis, SIEM and Network Analysis functions. Includes integrated NitroView Receiver for collection of third party feeds. 1.5 TB local storage. 3U appliance. Rated for 1,000 events per second. 1,000 per second 2 Less than 5 minutes 3 1.5 TB 4
NS-ESMRCV-2250-R NitroView ESM 2000 Enterprise Security Manager provides Log Analysis, SIEM and Network Analysis functions. Includes integrated NitroView Receiver for collection of third party feeds. 1.5 TB local storage. 3U appliance. Rated for 1,000 events per second. 1,000 per second 2 Less than 5 minutes 3 1.5 TB 4

Dedicated NitroView Receiver Appliances
NS-NRC-2250-R NitroView Receiver, collects 3rd party logs, events and data for correlation and analysis by NitroView ESM. 1U Appliance. Rated for 15,000 events per second. 15,000 per second 2 N/A 1 TB 4
NS-NRC-2250-10-R NitroView Receiver, collects 3rd party logs, events and data for correlation and analysis by NitroView ESM. 1U Appliance. Rated for 10,000 events per second. 10,000 per second 2 N/A 1 TB 4
NS-NRC-2250-5 NitroView Receiver, collects 3rd party logs, events and data for correlation and analysis by NitroView ESM. 1U Appliance. Rated for 5,000 events per second. 5,000 per second 2 N/A 500 GB 4
Model Description Throughput Interfaces

Dedicated NitroGuard IPS Appliances
NS-IPS-1220-R NitroGuard IPS 1000, 1U IPS appliance supporting approximately 2 Gbps & 1.2m connections. Includes redundant power supply and network bypass capability.

2 Gbps 2 or 4 x 1Gbps fiber, or
2, 4 or 8 x 1 Gbps copper
NS-IPS-625-R NitroGuard IPS 600, 1U IPS appliance supporting approximately 750 Mbps & 1.2m connections. Includes redundant power supply and network bypass capability.

750 Mbps 4 x 10Gbps fiber, or
12 x 1 Gbps copper
NS-IPS-623-R NitroGuard IPS 600, 1U IPS appliance supporting approximately 500 Mbps & 1.2m connections. Includes redundant and network bypass capability.

500 Mbps 2 or 4 x 1Gbps fiber, or
2, 4 or 8 x 1 Gbps copper

1 Based on typical network environments using average event and flow aggregation.

2 Represents raw event rates, without compression or aggregation.

3 Indicates the average response time to generate a monthly report consisting of all events that occurred over a period of 30 days.

4 Represents usable event and flow storage, after RAID configuration.

5 NitroView ESM X5 utilizes a dedicated 2 terabyte Flash array for fast access to event and flow data