Model: NitroView 2000 ESM

Part #: NS-ESS-2250-R

The NitroView 2000 ESM provides advanced correlation and analysis of relevant security information collected from IDS, IPS, firewalls, servers, hosts, or virtually any other device. By unifying all relevant security information together, NitroView is able to provide Unified Security Management (USM), combining and ehancing the functions of:

  • Log Managment
  • Security Event Management (SEM)
  • Security Information Management (SIM)
  • Network Behavior Analysis (NBA)
  • Anomaly Detection

NitroView uses an advanced, highly responsive web-based User Interface to provide near real-time analysis and reporting of both live data (events as they occur) and deep forensics (events collected over months or years).

NitroView ESM is an essential tool in managing the data needed for regulatory compliance efforts, including GLBA, HIPAA, FERPA, FISMA, SoX, and PCI. Easily use NitroView's granular data stores to generate compliance reports using pre-defined templates or custom reports. Because NitroView preserves more data over time than most SIEM systems, the validity of each report is maintained over the entire audit history.

The NS-ESS-2250-R does not support the NitroView Receiver, and therefore cannot accept third party feeds. Collection, Correlation and analysis features are still available for security events and network flows collected by a NitroGuard IPS device.

Specifications

Operating Modes

  • Network Flow collection, analysis and correlation
  • Security Event collection, analysis and correlation
  • Log collection, analysis and correlation
  • Common data management for flow, event, and log data for cross-analysis and correaltion of disparate data types

Analysis Methods

  • Counts, Sums, Averages
  • Time Correlation of data for baselines, Trends, Deviations
  • Time Correlaton for historical context of log, event, flow data
  • Data Correlation for situational context of log, event, flow data

Management Functions

  • Log Management
  • Security Event Management (SEM)
  • Network Flow Analysis
  • Network and/or Event Anomaly Detection

Dimensions

  • size: 1.75"H x 17.5"W x 27"D

Power

  • power: 200W, 100/240 VAC, 50/60Hz
  • vibration: ASTM D 999-86

Certifications & Safety

  • safety: EN 60950/IEC 60950-Compliant, UL Listed (USA), CUL Listed (Canada), TUV Certified (Germany), CE Marking (Europe)
  • regulatory: FCC Class B, EN 55022 Class B, EN 61000-3-2/-3-3, CISPR 22 Class B
  • common_criteria: v2.3 EAL3

Performance Specifications

  • processor(s): 2 x 2.66GHz (dual core)
  • memory: 4GB
  • total storage: 1 TB
  • usable storage (after RAID): 0.5 TB
  • number of drives: 2

Fail Safe Features

  • RAID Storage
  • Redundant Power

Compliance Reporting

Visit our Compliance page for more detail on regulatory compliance and reporting, including sample reports.

  • NitroView Report: SOX - System Test Data, Source Code Access, Logon Activity, Account Reports, Admin & Control of Systems, etc.
  • NitroView Report: PCI - Log initiation, Admin activity, Access to Card Holder Data, etc
  • NitroView Report: NISPOM - User Account Deletion, Pasword Events, System Access, etc.
  • NitroView Report: HIPAA - User Access, Logins, Modifications, Policies, EMR Access, etc.
  • NitroView Report: GLBA - User Access to Customer Data, Policy & Password events, Admin access and activity, etc.
  • NitroView Report: FISMA - Session Terms, Login failures, Disabled Accounts, etc.
  • NitroView Report: BASEL II - System Test Data, Source Code Access, Password and Login events, Foreign Domain activity, Control of Audit, Software, Evidence, etc.
  • NitroView Report: Applications - Mindows User Rights Modification, System Reboots, Domain Modifications, etc.
  • ... and more





    • These icons link to social bookmarking sites to help share this content.
    • share this page:
    • bodytext
    • del.icio.us
    • Reddit
    • Slashdot
    • Technorati
    • Propeller