|
RSA enVision
The RSA enVision® platform
Address every aspect of your security information and event management needs – including log collection, alerting and correlation, incident management, and reporting and analysis for compliance. The table below demonstrates the specific features that RSA enVision offers and the direct benefits to your organization.
|
Key Benefits
- Complete accounting of network activity
- Customized reporting capabilities
- Flexible incident workflow
- Retain & maintain complete log records
- Real-time notification of high-risk events
- Streamlined incident handling process
- Determine network availability and status
- Gain visibility into behavioral aspects of users
|
RSA enVision Platform Function, Attribute and Features
| Related Features |
Benefits |
| LogSmart Internet Protocol Database |
- Total collection of all raw logs for use in real-time monitoring, proving compliance, & forensic analysis.
|
| LogSmart IPDB Storage & Performance |
- Significant log data compression (up to 75%), minimizing storage costs & maximizing access & analysis.
|
| RSA enVision Appliances |
- Easy deployment & management.
|
| Integration Partners & Supported Event Sources |
- Broader event source support for better visibility into the IT infrastructure, as well as the ability to "do it yourself."
|
| Universal Event Source Support |
- Able to add new event sources without having to go back to the vendor or to write to custom API's.
|
| Related Features |
Benefits |
| Baselines |
- Establishes a standard by which user activity is tracked & anomalous behavior is detected.
|
| Correlated Alerts |
- Packaged alerts provide better security via correlation of log events & other information such as assets. Automated kick-off of remediation workflow alerts based on user role.
|
| Vulnerability Asset Management |
- More efficient security operations through the profiling of assets & matching against the national vulnerability database helps mitigate risk, minimize false positives, & prioritize high risk assets.
|
| Related Features |
Benefits |
| Reports |
- Comprehensive reports (over 1,200) for Sarbanes-Oxley, PCI, HIPAA, & other government & industry regulations as well as frameworks including ISO27002. Can be used "as is" or customized to suit the requirement.
|
| Forensics & Security |
- Maintains chain of custody for all log data, allowing for complete & proper investigation procedures to be met.
|
| Vulnerability Asset Management |
- Assessment of risk metrics such as the most vulnerable assets by business priority.
|
| Incident Management |
- Assessment of productivity metrics such as departmental workload, open incidents, time to closure, etc.
|
| Real-time Analysis & Event Explorer |
- Timely alerts, direct monitoring capabilities & beginning-to-end incident management & remediation.
|
| Related Features |
Benefits |
| Correlated Alerts |
- Automated kick-off of remediation workflow alerts based on user role, allowing for faster resolution to alerted incidents.
|
| Real-time Analysis & Event Explorer |
- Faster resolution for incidents, as well as direct access to real-time events.
|
| Vulnerability Asset Management |
- Remediation of asset compromise, creating actionable information about specific asset incidents.
|
| LogSmart IPDB Storage & Performance |
- Significant log data compression which will minimize storage costs. Easier access via web client to total archive.
|
| RSA enVision DAS2000 & NAS 3500 log storage |
- Scalable log storage solution leveraging industry leading storage solutions from EMC.
|
| Information Lifecycle Management |
- Manages security information through the stages of creation, use & archival & deletion over time to meet with logging compliance retention requirements.
|
|
|