Collapse & Return to Top
Extreme Networks SIEM provides contextual and actionable surveillance across the entire IT infrastructure, helping organizations detect and remediate threats often missed by other security solutions. These threats can include inappropriate use of applications; insider fraud; and advanced, "low and slow" threats easily lost in the "noise" of millions of events.
A network traffic flow is a sequence of packets that share common characteristics - such as source/destination IP address, source/destination TCP port, and IP protocol used. SIEM Flow Collectors are deployed at strategic points in the network to collect IP traffic flow information from a broad range of networked devices - including switches, routers, security appliances, servers, and applications. SIEM Flow Collectors go beyond traditional flow-based data sources to enable application-layer flow analysis and anomaly detection. Deep packet and content inspection capabilities identify threats tunneled over standard protocols and ports.