Collapse & Return to Top
A highly scalable database designed to capture real-time log event and network flow data, revealing the footprints of would-be attackers. Extreme Networks SIEM is an enterprise solution that consolidates log source event data from thousands of devices distributed across a network, storing every activity in its raw form, and then performing immediate correlation activities to distinguish the real threats from false positives. It also captures real-time Layer 4 network flow data and, more uniquely, Layer 7 application payloads, using deep packet inspection technology. An intuitive user interface shared across all Extreme Networks Security Analytics components helps IT personnel quickly identify and remediate network attacks by rank, ordering hundreds of alerts and patterns of anomalous activity into a drastically reduced number of offenses warranting further investigation.