Product: eIQnetworks Enterprise Security Analyzer
Family: eIQnetworks Enterprise Security Analyzer

Product Description: ESA is the first SIEM solution on the market to deliver (i) topology based threat visualization, (ii) centralized log management, (iii) continuous and real-time monitoring, correlated alerting, (iv) comprehensive reporting, and (v) forensics analysis, all in a single solution. ESA collects, archives and correlates event and system data from a variety of heterogeneous, multi-vendor network devices and Hosts. ESA enables large enterprise and MSSPs customers to bolster security operations and deliver essential insight into security operations management to meet stringent federal regulatory requirements, such as SOX, GLBA, HIPAA, and FISMA compliance.  ESA scales from few nodes to 1,000s of nodes and provides secure access to Monitoring and Reporting Portals.

Performance: ESA can handle hundreds of thousands of events per second (EPS) as it is processing real time information for monitoring and only use DB for reporting.

Key Features & Benefits:

Log Management

Better archival ability

• Not limited by database size or embedded disk. 
• Leverage the existing storage infrastructure.
• Store logs in their native format on SAN, NAS or DAS. 
• Provide the ability to automatically compress and encrypt logs on disk. 
• Compression ratio between 12 to 22.
• Logs are indexed and stored for forensics search over an extended period of time.  

  Performance .

• Saves log data in delta files (ASCII format), for higher performance.
• ESA handles 100s of Ks of EPS as it processes real time information for monitoring and only use DB for reporting.

  Forensics

• Conducts forensics on actual archived Log files enabling forensics on much older log data and un-altered log files.
• ESA is in better alignment with Regulatory requirements (call for un-altered log data storage).
• Compress and encrypt log data automatically, preventing tampering, enabling users to extract snippets of actual raw log data for forensics, investigative and legal purposes.

Topology Threat Visualization

• Unique, patent pending technology.
• Useful in large distributed enterprise
• Simplifies overall insight into security posture
• Get to the bottom of problems with drill-down, work bench.
• Color coded event mapping allows visually friendly threat visualization.

Reporting

• Over 1,000 reports (device & host based)
• Most comprehensive reporting.
• Pre-built reports delivered via Reporting portal.
• Profile based reporting allows automated report delivery in HTML, PDF, Word, Excel, Text formats in multiple languages: English, French, German, Italian, Japanese, Chinese, Korean, Spanish.

Highlights: Low TCO – eIQnetworks believes that an organization should not have to spend more than 15% of their total annual hardware/management cost to deploy SIEM solutions.

End-Users: ESA scales from small to medium Enterprises to very large Enterprise environments.

eIQnetworks
31 Nagog Park
Acton , MA 01720 USA
Tel: 1-978-266-9933