Data Sheet
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 7 of 9
Incident Analysis and Response
Role-based security event management dashboard
Session-based event consolidation with full-rule context
Graphical attack path visualization with detailed investigation
Attack path device profiles with endpoint MAC identification
Graphical and detailed sequential attack pattern display
Incident details, including rules, raw events, common vulnerabilities and exposures (CVEs),
and mitigation options
Immediate incident investigation and false positive determination
GUI rule definition in support of custom rules and keyword parsing
Incident escalation with user-based “to-do” work list
Notification, including e-mail, pager, syslog, and SNMP
Integration with existing ticketing and workflow system via Extensible Markup Language
(XML) event notification
Query and Reporting
Low-latency, real-time event query
GUI that supports numerous default queries and customized queries
More than 150 popular reports, including management, operational, and regulatory
Intuitive report generation yielding unlimited customized reports
Data, chart, and trend formats that support HTML and comma seperated vector (CSV)
export
Live, batch, template, and e-mail forwarding reporting system
Easy to use query structure built for an effective drill down to the information in a specific
incident
Administration
Web interface (HTTPS); roles-based administration with defined privileges
Global Controller hierarchical management of multiple Cisco Security Monitoring, Analysis,
and Reporting Systems
Automated, verified updates, including device support, new rules, and features
Continuous compressed raw data and incident archive to offline NFS storage
Device Support
Network: Cisco IOS Software; Cisco Catalyst
®
OS; Cisco NetFlow; and Extreme
Extremeware
Firewall/VPN: Cisco ASA Software; Cisco PIX
®
Security Appliance; Cisco IOS Firewall;
Cisco Firewall Services Module (FWSM); Cisco VPN 3000 Concentrator; Checkpoint
Firewall-1 NG and VPN-1 versions; NetScreen Firewall; and Nokia Firewall Intrusion
detection: Cisco IDS; Cisco IDS Module; Cisco IOS IPS; Enterasys Dragon NIDS; ISS
RealSecure Network Sensor; Snort NIDS; McAfee Intrushield NIDS; NetScreen IDP; OS;
and Symantec ManHunt
Vulnerability assessment: eEye REM, Qualys QualysGuard, and FoundStone FoundScan
(12 páginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais