Enterprise Security Management, SIEM

The World's Fastest and Most Scalable SIEM

NitroView ESM is an enterprise-class security information and event management system that identifies, correlates, and remediates threats faster than any other SIEM on the market.

  • Report on Months of data in under 10 seconds
  • Supports hundreds of thousands of events per second on a single appliance
  • Scale even further—simply add new appliances

Security management needs continue to push the limits of security information management platforms, requiring massive scalability, broad and deep visibility into business and IT systems, and blazing analytical performance.

To accommodate these needs, next-generation security management must be built upon a foundation of performance and scalability, allowing security and compliance professionals to collect, store, analyze, and act upon risks and threats--quickly, easily and accurately.

 

  • Overview
  • Key Features
  • Specifications
  • Use Cases

NitroView ESM is the industry's most powerful and scalable SIEM solution available today, rising to the challenge of today's enterprise, government, and critical infrastructure networks. Leveraging our patented, high-speed and purpose-built data management engine, NitroView ESM is uniquely able to provide:

  • Unbeatable performance, producing actionable information in minutes instead of hours 
  • Massive data collection across a wide range of information sources
  • Content awareness for broad visibility and deep analytics
  • Long-term data retention, for immediate access to years of event and flow
  • Powerful detection & management of risks and threats 
  • Policy-aware Compliance Management
  • Integrated tools for improved security workflow

Unbeatable Event Analysis and Reporting

Provides full collection, analysis and reporting of log and event data, with unprecedented speed and scale.

Automatic Baselines

Establishes security baselines automatically, in real time, so you can easily see "normal" vs "abnormal" behavior.

Proactive Risk and Threat Detection

Detects anomalies and other indicators of risks and threats before threats occur, so you can strengthen your security profile and minimize risk.

Rapid Response Capability

Lightening-fast, interactive user interface enables rapid threat investigation and incident response.

Configuration Audit

Audits device configurations and detects configuration changes.

Case Management

Tracks and logs all incident investigations and response activities.

Model Description Collection Rates Analytical Performance Local Storage

Dedicated NitroView ESM Appliances
NS-ESM-X5 NitroView ESM X5 "High Speed" Enterprise Security Manager provides Log Analysis, SIEM, and Network Analysis functions for large enterprise networks. 7TB local HDD storage plus 2TB of Flash array for extremely high performance. One 3U appliance, plus one 2U Appliance.

300,000 per second 1 Less than 10 seconds 3

7 TB 4

+

2TB Flash5
NS-ESM-X3 NitroView ESM X3 "High Speed" Enterprise Security Manager provides Log Analysis, SIEM, and Network Analysis functions for large enterprise networks. 7TB local storage plus 320GB of solid-state storage for extremely high performance. One 3U appliance.

150,000 per second 1 Less than 30 seconds 3

7 TB 4

+

320 GB SSD 6
NS-ESM-5750-R NitroView ESM 5000 Enterprise Security Manager provides Log Analysis, SIEM and Network Analysis functions. 7TB local storage. 3U appliance.

70,000 per second 1 Less than 1 minute 3 7 TB 4
NS-ESM-5510-R NitroView ESM 5000 Enterprise Security Manager provides Log Analysis, SIEM and Network Analysis functions. 3.75TB local storage. 3U appliance.

60,000 per second 1 Less than 2 minutes 3 3.75 TB 4
NS-ESM-5205-R NitroView ESM 5000 Enterprise Security Manager provides Log Analysis, SIEM and Network Analysis functions. 2.5TB local storage. 3U appliance.

50,000 per second 1 Less than 3 minutes 3 2.5 TB 4

All-in-one NitroView ESM and Receiver Appliances
NS-ESMRCV-5205-R NitroView ESM 5000 Enterprise Security Manager provides Log Analysis, SIEM and Network Analysis functions. Includes integrated NitroView Receiver for collection of third party feeds. 2.5 TB local storage. 3U appliance. Rated for 5,000 events per second. 5,000 per second 2 Less than 4 minutes 3 2.5 TB 4
NS-ESMRCV-4245-R NitroView ESM 4000 Enterprise Security Manager provides Log Analysis, SIEM and Network Analysis functions. Includes integrated NitroView Receiver for collection of third party feeds. 1.5 TB local storage. 1U appliance. Rated for 1,000 events per second. 1,000 per second 2 Less than 5 minutes 3 1.5 TB 4

All-in-one NitroView ESM, ELM & Receiver Appliances
NS-ESMLM-5510-R NitroView ESM / ELM 5000 Enterprise Security Manager provides SIEM , Compliant Enterprise Log Management, and Network Analysis functions. Includes integrated NitroView Receiver for collection of third party feeds. 3.75 TB local storage. 3U appliance. 5,000 per second Less than 4 minutes 2.5 TB
NS-ESMLM-5205-R NitroView ESM / ELM 5000 Enterprise Security Manager provides SIEM , Compliant Enterprise Log Management, and Network Analysis functions. Includes integrated NitroView Receiver for collection of third party feeds. 2.5 TB local storage. 3U appliance. 2,500 per second Less than 4 minutes 2.5 TB
NS-ESMLM-4245-R NitroView ESM / ELM 4000 Enterprise Security Manager provides SIEM , Compliant Enterprise Log Management, and Network Analysis functions. Includes integrated NitroView Receiver for collection of third party feeds. 1 TB local storage. 1U appliance. 1,000 per second Less than 5 minutes 1 TB

Dedicated NitroView Receiver Appliances
NS-NRC-4500-R NitroView Receiver, collects 3rd party logs, events and data for correlation and analysis by NitroView ESM. 1U Appliance. Rated for 20,000 events per second. 20,000 per second 2 N/A 1 TB 4
NS-NRC-4245-R NitroView Receiver, collects 3rd party logs, events and data for correlation and analysis by NitroView ESM. 1U Appliance. Rated for 18,000 events per second. 18,000 per second 2 N/A 1 TB 4
NS-NRC-2250-R NitroView Receiver, collects 3rd party logs, events and data for correlation and analysis by NitroView ESM. 1U Appliance. Rated for 15,000 events per second. 15,000 per second 2 N/A 1 TB 4
NS-NRC-2230-R NitroView Receiver, collects 3rd party logs, events and data for correlation and analysis by NitroView ESM. 1U Appliance. Rated for 10,000 events per second. 10,000 per second 2 N/A 1 TB 4
NS-NRC-1225 NitroView Receiver, collects 3rd party logs, events and data for correlation and analysis by NitroView ESM. 1U Appliance. Rated for 5,000 events per second. 5,000 per second 2 N/A 500 GB 4
NS-NRC-VM-500 NitroView Virtual Receiver. 1,000 per second 2 N/A N/A
NS-NRC-VM-25 NitroView Virtual Receiver. 250 per second 2 N/A N/A

1 Based on typical network environments using average event and flow aggregation.

2 Represents raw event rates, without compression or aggregation.

3 Indicates the average response time to generate a monthly report consisting of all events that occurred over a period of 30 days.

4 Represents usable event and flow storage, after RAID configuration.

5 NitroView ESM X5 utilizes a dedicated 2 terabyte Flash array for fast access to event and flow data

6 NitroView ESM X3 utilizes a dedicated 320GB SSD drive array for fast access to event and flow data

NitroView ESM's real-time, operational capabilities support a variety of a use cases, including:

Network and Security Operation

  • Identify network congestion points
  • Identify network behavior patterns
  • Identify Security hot-spots in the network
  • Identify top talkers

Risk Assessment

  • Assess risks and vulnerabilities
  • Monitor access to critical assets
  • Monitor device configurations

Threat Detection

  • Detect fraudulent account activity
  • Detect fraudulent data retrieval
  • Detect advanced threats and blended attacks
  • Detect data loss
  • Detect rogue devices
  • Detect rogue user accounts

Incident Response

  • Establish automated incident communications
  • Manage security breaches and other incidents
  • Minimize Incident Responses Time
  • Track incident handling and response

Compliance

  • Discover network assets
  • Discover sensitive information and data stores
  • Establish an audit trail for protected data
  • Establish automated reporting
  • Establish an audit trail for user account activity and changes

For more detail on popular use cases, please visit our Use Cases page, or Contact Us to arrange a personal webinar, and see how NitroView can meet your individual requirements.