Security Management
Comprehensive Security Information and Event Management (SIEM) to protect corporate data and meet compliance mandates
NetIQ offers a comprehensive and unique approach to SIEM that includes change and threat detection, user and access control monitoring, real–time security event management, and enterprise log management – all in a single solution. By providing these powerful features together, NetIQ enables you to:
- Satisfy log management requirements quickly through a “start fast, start simple” approach
- Implement change detection and access monitoring quickly, without requiring third-party product integration
- Enable and leverage real-time event management, including correlation, as your organization is ready
- Address changing threat vectors by focusing SIEM protection on your host platforms
NetIQ provides SIEM protection for Windows, Unix, Linux and iSeries host platforms, network and security devices such as routers, switches, and firewalls, and applications such as web servers and databases. Custom integration is also supported.
NetIQ Security Management Capabilities
 |
Change and Threat Detection NetIQ Security Manager and the Change Guardian modules provide powerful detection of changes and threats across host and network devices. |
 |
User and Access Control Monitoring NetIQ Security Manager and the Change Guardian modules provide monitoring of both privileged and non-privileged users to provide a better, centralized and protected audit trail of their activities. |
 |
Log Management and Forensics NetIQ Security Manager TRACE™ log management technology provides scalable and distributable log consolidation, supporting high-speed forensic queries, OLAP-driven trend analysis, and at-a-glance summary reporting. |
 |
Security Event Correlation and Analysis NetIQ Security Manager provides real-time security event management including correlation, multi-stage filtering and duplicate event reduction, to help identify, prioritize and respond to security incidents. |
