Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, May 11, 2007

RSA enVision boasts HA features and integration with EMC storage.

Formerly from Network Intelligence (acquired by RSA parent company EMC in September of 2006), RSA enVision is a centralized, appliance-based offering that facilitates both the collection/storage, and analysis of event data from disparate security and network devices.  Based on a locked-down Windows OS, the enVision appliance is managed remotely (one or many appliance can be so managed) with scalability listed from 500 to 3,000,000 EPS and from 320 GB to 3 TB per appliance.

Key features listed for the IPDB include a write-optimized architecture that stores the collected event and log data in its raw form—no pre-processing required (but with compression and encryption); WORM support for the protection of stored data; and direct support for the storage of Internet Protocol information (IP address, MAC address, hostname, etc.).

In addition to this, the appliance offers “Universal Device Support”—including a user interface for the definition of new messages, their payload data, and their classifications—allowing the integration of custom event sources.

http://www.products.datamation.com/security/security/1178815743.html

Posted on 05/11
Product • (0) CommentsPermalink