Collapse & Return to Top
Extreme Security Information and Event Management (SIEM) is a highly scalable database designed to capture real-time log event and network flow data, revealing the footprints of would-be attackers. Extreme Networks SIEM is an enterprise solution that consolidates log source event data from thousands of devices distributed across a network, storing every activity in its raw form, and then performing immediate correlation activities to distinguish the real threats from false positives. It also captures real-time Layer 4 network flow data and, more uniquely, Layer 7 application payloads, using deep packet inspection technology. An intuitive user interface shared across all Extreme Networks Security Analytics components helps IT personnel quickly identify and remediate network attacks by rank, ordering hundreds of alerts and patterns of anomalous activity into a drastically reduced number of offenses warranting further investigation.
Extreme Networks Security Analytics Log Management analyzes all the data from various network and security devices, servers and operating systems, applications, and a wide assortment of endpoints to provide near real-time visibility into developing threats and to meet continuous compliance-monitoring requirements. With the Log Management flexible query engine, diverse log data is aggregated and correlated into actionable IT operations and security forensics to help identify patterns of attack, anomalies, access and use of confidential data and insider threats.