Security Management

Comprehensive Security Information and Event Management (SIEM) to protect corporate data and meet compliance mandates

NetIQ offers a comprehensive and unique approach to SIEM that includes change and threat detection, user and access control monitoring, real–time security event management, and enterprise log management – all in a single solution. By providing these powerful features together, NetIQ enables you to:

• Satisfy log management requirements quickly through a “start fast, start simple” approach
• Implement change detection and access monitoring quickly, without requiring third-party product integration
• Enable and leverage real-time event management, including correlation, as your organization is ready
• Address changing threat vectors by focusing SIEM protection on your host platforms

NetIQ provides SIEM protection for Windows, Unix, Linux and iSeries host platforms, network and security devices such as routers, switches, and firewalls, and applications such as web servers and databases. Custom integration is also supported.

Protect data, streamline compliance, and accelerate incident response

• NetIQ Security Manager provides customizable views of security incident information, presented in a single console view.

NetIQ® Security Manager™ is an industry-leading Security Information and Event Management (SIEM) solution that provides protection for your critical data and systems.

It provides host-focused security for your vital infrastructure and enables you to satisfy your toughest compliance challenges by automating security activity reviews, log collection, threat management, incident response, and change detection.

With NetIQ Security Manager, you will be able to reduce both organizational risk and workload by addressing far more easily some of the most demanding compliance and data security requirements, including:

• Change detection and file integrity monitoring
• Privileged-user monitoring
• Log management, analysis and query-based forensics
• Security event correlation, forensic analysis, and integrated response

Protecting Critical Data on Hosts

Security threats are increasingly focused where your enterprise data resides—your servers, databases, directories and other technologies. If these are accessed by unauthorized users, you are at risk of data breach, revenue loss and compliance fines.

NetIQ Security Manager offers a unique approach to secure host systems: not only to protect data where it resides but also to improve your ability to demonstrate compliance with mandates like PCI DSS, HIPAA, SOX and others.

Responding to Security Events

NetIQ Security Manager provides you with a single view into security events, potential breaches, and privileged-user activity. Events are collected, analyzed and stored to provide rapid detection and identification of threats to systems and data.

Responding to attacks in real-time closes the vulnerability gap and helps you ensure that attackers, insider or external, are prevented from causing damage or stealing sensitive data.

Log Management and Analysis

Log and event information from your systems is securely collected and stored to provide you with the ability to meet compliance goals and security needs from a single solution.

Flexible reporting and trend analysis provide you with the tools not only to identify risks, but also to build a sound security strategy by identifying activity patterns that could signify long-term attacks, breaches, or security weaknesses.

The NetIQ Difference – Accelerating Security Maturity

NetIQ Security Manager delivers the scalability you need to meet the ever-changing requirements of a highly distributed and demanding environment. Whether your requirements entail simple compliance-focused log management or you need to evolve to full-featured enterprise Security Information and Event Management, NetIQ Security Manager can help you improve the reliability and security of critical systems and data.

Combined with NetIQ® Aegis™ for security workflow automation, NetIQ® Change Guardian™ for enhanced privileged-user monitoring, and NetIQ® Secure Configuration Manager™ for compliance and entitlement reporting, NetIQ Security Manager forms part of a powerful, integrated, automated solution for security and compliance management.

NetIQ Security Management Capabilities

Change and Threat Detection NetIQ Security Manager and the Change Guardian modules provide powerful detection of changes and threats across host and network devices.

User and Access Control Monitoring NetIQ Security Manager and the Change Guardian modules provide monitoring of both privileged and non-privileged users to provide a better, centralized and protected audit trail of their activities.

Log Management and Forensics NetIQ Security Manager TRACE™ log management technology provides scalable and distributable log consolidation, supporting high-speed forensic queries, OLAP-driven trend analysis, and at-a-glance summary reporting.

Security Event Correlation and Analysis NetIQ Security Manager provides real-time security event management including correlation, multi-stage filtering and duplicate event reduction, to help identify, prioritize and respond to security incidents.