NetIQ today announced Sentinel 7, a full-featured security information and event management <http://www.netiq.com/sentinel7> (SIEM) solution that simplifies the deployment, management and day-to-day use of SIEM, readily adapts to dynamic enterprise environments and delivers the true “actionable intelligence” security professionals need to quickly understand their threat posture and prioritise response.
“Traditional SIEM solutions provide advanced functionality but add considerable complexity, which does not help them achieve greater visibility or control over their security posture,” said Matt Ulery, director, product management at NetIQ. “For our customers to achieve greater value from SIEM, they need solutions that are simple to use and deploy, rapidly adapt to their ever-changing environment and deliver actionable intelligence – the right information at the right time to the right stakeholder – to help identify and mitigate security threats.”
One customer, NetCom Systems Inc., is a high end business advisory and engineering services company offering strategic technology advisory services to both Fortune 100 and SMB clients in the financial, banking, telecommunications, healthcare, transportation and manufacturing sectors. Through SecurView, an affiliated company of NetCom, the customer offers SaaS-based, cloud-delivered managed SIEM-as-a-Service.
“Security teams are looking for real solutions that can protect corporate assets and make their day jobs easier – some may require an on-premise SIEM solution that they can ultimately manage and effectively use given limited resources and others may look to a managed SIEM service to achieve the same end result,” commented Rajeev Khanolkar, co-founder of NetCom Systems and CEO of SecurView. “Regardless of the delivery model, Sentinel 7 delivers the enterprise-grade capabilities that are needed to address the real threats our customers are facing from targeted attacks and malware, while providing visibility into user activity and regulatory controls that can affect an organisation’s security posture. Sentinel 7 represents a significant leap forward in SIEM over competitive options.”
SIEM is critical to gaining visibility into vast amounts of data from network event, log and flow data to identify risks, data breaches, insider threats <http://www.netiq.com/sentinel7> and APT-style attacks. Sentinel 7 delivers full-featured SIEM (real-time event analysis and log management <http://www.netiq.com/sentinel7> ) while eliminating the complexity other SIEM toolkits introduce and maximises the ability to align SIEM to organisational needs. Sentinel 7 provides the following benefits:
- Plug-and-play deployment – Ships as a virtual appliance that easily adapts to any environment without requiring expensive, dedicated hardware. Sentinel 7 has the ability to scale horizontally or vertically to meet changing IT needs by simply adding computing capacity or virtual machines.
- Detects new threats quickly and easily – Sentinel 7 ships with packaged intelligence to detect many threats out-of-the-box without time consuming rule-writing and configuration. Built-in anomaly detection automatically establishes baselines of normal activity and detects changes that can represent emerging threats. New or custom rules can be created easily by business users through an intuitive graphical user interface.
- Enables advanced remediation – Automated baselining of security events enhances the process of discovering emerging threats for rapid remediation and improved protection of information assets.
- Supports business decision-making with rich data – Sentinel 7 puts the information CISOs, compliance officers, auditors and other stakeholders require at their fingertips through integration with context from external sources to go beyond raw events and give the “who, what, when and where” through user activity monitoring <http://www.netiq.com/sentinel7> for security events.
“Organisations need to achieve successful outcomes from SIEM. Prior to Sentinel 7, SIEM technologies were too complex to reliably produce the right information needed to take action,” said Ulery. “With this latest release, we are combining power and simplicity – the features, functionality, ease-of-deployment and ease-of-use – to yield the true actionable intelligence teams require to execute effective security incident response, mitigate risk and protect information assets.”
Availability and pricing
Sentinel 7 is generally available today. Enterprise pricing and licensing is based upon an EPS model. Please visit our website for more information.
