SolventView™ Overview

SolventView™ is an enterprise security management framework that enables customers to rapidly identify, isolate, and respond to complex and diverse security threats and incidents. An open framework architecture enables security data collection from a wide variety of IT assets, including perimeter security, network devices, mobile devices, and applications. This information is forwarded to one of several distributed analysis engines that identify and prioritize security incidents based upon business-driven security rules maintained with the policy manager.

Advanced event and alert processing continuously verifies normal operating conditions and immediately identifies any non-sanctioned activity on monitored assets. SolventView's customer specific policies prioritize asset levels to ensure incident response efforts are targeted and efficient. SolventView's forensic reporting module supports process improvements and identifies key security and system health trends.

Features and Benefits

Automated Threat Management

» Auto-discovers and inventories network assets and devices
» Monitors assets for vulnerabilities, signs of intrusion, threat behaviors, and other external factors
» Sets and enforces security policies at the device level and helps identify non-compliance conditions
» Responds to correct exposures and incidents by taking corrective action with varying degree of automation
» Records event details for forensic and audit purposes

Advanced Event Correlation and Analysis

» Consolidates and correlates system-wide network and application events
» Correlates across devices and across types of events and information
» Real-time event filtering and reduction eliminates “noise” and presents only appropriate and actionable events
» Provides fast, powerful Java-based correlation operations
» Allows immediate flexible response using extensive rules-based action processing
» High-level view as well as detail event drill-down

Agent or Agent-less Deployment

» Monitors using local agents or remotely (agent-less), depending on the depth of monitoring, control, and type of asset
» Agents are lightweight and optimized for low resource consumption
» Agents and plug-ins are certified and distributed for use through a developer network
» Development tool kit enables easy application development and extension of the framework
» Transparent, dynamic agent updates utilize web services to automate system maintenance
» Self-healing properties keep components alive, secure, and up-to-date

Visualization and Management of Security Environment

» Global Management Center provides a single, web-based console for managing and monitoring the ongoing security and performance of multi-vendor IT devices and assets
» Allows managers to analyze historical data, assess the effectiveness of existing solutions, and improve policies

Scalable Hierarchical Architecture

» Eliminates central processing bottlenecks and scales easily through distributed information handling
» Distills important events, provides more relevant information, and enables faster detection, correction, and response through distributed correlation and analysis