Navigation

Management Solutions
:: Performance
:: Availability
:: Security


Vendor Solutions
  :: Apani
  :: Lancope
  :: McAfee
  :: nCircle
  :: Netcordia
  :: netForensics
  :: Niksun


:: White Papers
 Lancope Product
 Information

  :: Product Hierarchy
  :: StealthWatch Management Console
  :: StealthWatch Xe for NetFlow
  :: StealthWatch Xe for sFlow
  :: StealthWatch NC
  :: StealthWatch ID-1000
  :: StealthWatch Flow Replicator

  

 Lancope StealthWatch ID-1000

Know automatically who is responsible and who is affected – with StealthWatch™ IDentity-1000

Lancope's StealthWatch™ IDentity-1000 (ID-1000) appliance provides a direct linkage between individual users and specific network events. By combining StealthWatch's flow-based Network Behavior Analysis (NBA) and Response technology with advanced user identity tracking, the ID-1000 automatically connects any unexpected event within the enterprise network with the user or users who caused the event. Administrators simply request the username(s) and IP address associated with an event from the StealthWatch Management Console, and the system returns the appropriate information in real-time.

The ID-1000 is a powerful, real-time solution that requires no agent or service running on an identity or authentication server. Administrators simply click on any IP address within the StealthWatch Management Console and specify a date range or point in time. The ID-1000 can even connect a username with all the IP addresses into which it is currently logged on. Multiple administrators can access this data simultaneously, making the ID-1000 an ideal tool for both network optimization and security across the enterprise.

Network and security administrators gain the ability to connect individual network transactions with individual users with the ID-1000, which in turn means that users can be held accountable for their actions, and unexpected user needs can be better anticipated and met. This capability significantly improves audit controls for regulatory compliance, since administrators can immediately identify the party responsible for a hardware, software or security issue. The ID-1000 also simplifies identifying other users affected by an event, so that quarantine and corrective actions can be taken sooner.

This 24x7 monitoring of who is on the network, connected automatically with what each user is doing, overcomes the forensics challenges presented by dynamic enterprise environments. Since it is part of the StealthWatch system, the ID-1000 works both with StealthWatch native flow capture appliances and with traffic accounting information generated by NetFlow™ and sFlow®-enabled routers and switches. In addition, the ID-1000 appliance supports a wide range virtual private networks (VPNs), DHCP IP addressing within network segments, and large pools of dial-up access devices.

The StealthWatch IDentity-1000 Advantage:

  • Integrates optimization of security and network operations with user identity tracking
  • Automatically identifies individual users and user sessions with specific IP addresses for greater user accountability and faster, more immediate insight into unexpected network events
  • Requires no agent or service, and includes built-in support for 8+ market-leading identity store technologies
  • Integrates easily with traffic accounting information generated by NetFlow and sFlow-enabled routers and switches
  • Cost-effectively supports enterprise infrastructures with a limited number of ID-1000 appliances, each independently managed by the appropriate domain administrator
 
home page  |  company  |  services  |  solutions  |  news room  |  jobs
© Copyright 2002 - 2008 iSimile Ltd. / Lancope Inc.