Escolar Documentos
Profissional Documentos
Cultura Documentos
Agenda
1.Enterasys
2.Enterasys
3.Enterasys
4.Enterasys
5.Enterasys
NAC
IPS
SIEM
Compliance
Convergence
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
SIEM Market
Total 2010 revenue forecast to
almost $1B
Excellent growth (16%
average) projected from 20082013
Market Dynamics
2008 SIEM projects more
narrow, tactical focus,
Phase 1 deployments
Cisco MARS
Discontinued support for
any new third party devices
No longer considered a
viable SIEM product
(Gartner, 10/29/09)
Enterasys SIEM, positioned
as the master of the other
Sources: IDC, Gartner
SIEMs can provide a
smooth, transition for
migrating
from
Cisco MARS.
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications
GmbH & Co KG
- All
3
Threat Detection
Anomaly Based
Signature Based
Network attacks
Protocol anomaly detection
Denial of Service Attacks
Intrusion Prevention
Systems
(Host and Network-based)
Compares traffic
against library of
known threats =
signatures
Behavior Based
Behavior-based Systems
Network Behavior Anomaly
Detection (NBAD)
Establishes performance baselines
(apps. protocols, networks,
individuals/devices) & monitors for
anomalies
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
Distribution
Edge
Compliance
Monitoring &
Reporting
Core
Data Center
Threat Detection
NAC Appliances
Gateways
Controllers
Network IDS/IPS
Host IDS/IPS
WAN
Public Networks
or Internet
Threat Monitoring,
Detection,
Prevention
Router
Branch
Office
Router
Router
Remote
Office
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
Teleworker
Road Warrior
5
Distribution
Edge
Compliance
Monitoring &
Reporting
Core
Data Center
NAC Appliances
Gateways
Controllers
Network IDS/IPS
Host IDS/IPS
WAN
Public Networks
or Internet
Threat Monitoring,
Detection,
Prevention
Router
Branch
Office
Router
Router
Remote
Office
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
Teleworker
Road Warrior
6
Compliance
Monitoring &
Reporting
Distribution
Edge
Core
Data Center
Correlate
Prioritize
Normalize
Remove duplicate
Remove false positive
Present
SIEM Security
Information &
Event Mgt.
NAC Appliances
Gateways
Controllers
Network IDS/IPS
Host IDS/IPS
WAN
Public Networks
or Internet
Threat Monitoring,
Detection,
Prevention
Router
Branch
Office
Router
Router
Remote
Office
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
Teleworker
Road Warrior
7
Agenda
Market Drivers, Challenges, Opportunities
Enterasys Value Proposition
Solution Components (Products/Services)
Key Differentiators
Competitive Strengths/Weaknesses
People to Target Questions to Ask
Sales Tools and Resources
1.Enterasys
2.Enterasys
3.Enterasys
4.Enterasys
5.Enterasys
NAC
IPS
SIEM
Compliance
Convergence
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
10
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
11
Compliance Enablement
Reports: Enterasys SIEM offers a
robust reporting engine providing
users with the capability to
quickly and easily create
customized reports for the
critical business assets essential
to compliance
Reports can be created for any
portion of the network and most
any measure taken by the SIEM
Default compliance-focused
reports and rules are based on
industry control frameworks
applied to specific regulations
Enterasys SIEM provides critical
and detailed compliance reporting
SOX, CoBIT, HIPAA, Gramm Leach Bliley,
NIST, COBIT, ISO Control Monitoring
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
12
Agenda
Market Drivers, Challenges, Opportunities
Enterasys Value Proposition
Solution Components (Products/Services)
Key Differentiators
Competitive Strengths/Weaknesses
People to Target Questions to Ask
Sales Tools and Resources
1.Enterasys
2.Enterasys
3.Enterasys
4.Enterasys
5.Enterasys
NAC
IPS
SIEM
Compliance
Convergence
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
13
Flow Processor
Flow Collectors
***Flow support for existing NetFlow, sFlow, cFlowd, jFlow, or QFlow from the Behavioral Flow Sensor. A Behavioral Flow
Sensor is required to collect flows and forward to SIEM. Since NetFlow is unidirectional, the device can support about 1
times what is listed in the license.
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
14
Agenda
1.Enterasys
2.Enterasys
3.Enterasys
4.Enterasys
5.Enterasys
NAC
IPS
SIEM
Compliance
Convergence
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
15
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
16
Agenda
1.Enterasys
2.Enterasys
3.Enterasys
4.Enterasys
5.Enterasys
NAC
IPS
SIEM
Compliance
Convergence
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
17
SIEM Market
Log
Management
LogLogic
TriGeo
Nfx
EIQ
EventTracker
ArcSight
NIC
NetIQ/Attachmate
SIEM
e-Security/Novell
Symantec
Enterasys
SIEM
Intellitactics/Trustwave
Cisco
MARS
Lancope
Mazu
Arbor
Sourcefire
NBAD
Source: Gartner
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
18
Threat Management
Strong
Strong
Cisco MARS
Weak
Arcsight
Cisco-focused
No NBAD
RSA Envision
Strong
Mazu/Lancope/
Arbor
No
Weak
No event data
Limited flow support
Flow data only
No NBAD
Compliance
Management
Strong
Weak
Strong
Strong
Weak
Scalability
Strong
Yes
Has limitations
Real-time analysis
Has limitations
Real-time analysis
Has limitations
Complexity
Simple
Moderate
Complexity
Complex
Moderate
Complexity
Simple
Cost
$$
$$
$$$$
$$$
$$
$$ - Moderate
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
19
Agenda
1.Enterasys
2.Enterasys
3.Enterasys
4.Enterasys
5.Enterasys
NAC
IPS
SIEM
Compliance
Convergence
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
20
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
21
Agenda
1.Enterasys
2.Enterasys
3.Enterasys
4.Enterasys
5.Enterasys
NAC
IPS
SIEM
Compliance
Convergence
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
22
Data Sheets
Request a Demo!
References
White Papers
2010 Enterasys Networks, Inc., A Division of Siemens Enterprise Communications GmbH & Co KG - All
23
Network Optimization:
24
25