NetIQ Sentinel 7 SIEM Solution Eliminates Complexity, Detects Threats Quickly

Virtual application simplifies deployment; integrates with context from external sources to give specific information from user activity monitoring.

• 03/02/2012

Note: ESJ’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements. 

NetIQ has released Sentinel 7, a full-featured security information and event management (SIEM) solution that simplifies the deployment, management, and day-to-day use of SIEM, readily adapts to dynamic enterprise environments, and delivers the true “actionable intelligence” security professionals need to quickly understand their threat posture and prioritize response.

SIEM is critical to gaining visibility into vast amounts of data from network event, log. and flow data to identify risk, data breaches, insider threats, and APT-style attacks. Sentinel 7 delivers full-featured SIEM (real-time event analysis and log management) while eliminating the complexity other SIEM toolkits introduce and maximizes the ability to align SIEM to organizational needs. Sentinel 7 provides the following benefits:

• Plug-and-play deployment: Sentinel 7 ships as a virtual appliance that easily adapts to any environment without requiring expensive, dedicated hardware. Sentinel 7 has the ability to scale horizontally or vertically to meet changing IT needs by simply adding computing capacity or virtual machines.

• Detects new threats quickly and easily: Sentinel 7 ships with packaged intelligence to detect many threats out-of-the-box without time-consuming rule writing and configuration. Built-in anomaly detection automatically establishes baselines of normal activity and detects changes that can represent emerging threats. New or custom rules can be created easily by business users through an intuitive graphical user interface.

• Enables advanced remediation: Automated baselining of security events enhances discovery of emerging threats for rapid remediation and improved protection of information assets.

• Supports business decision-making with rich data: Sentinel 7 puts the information CISOs, compliance officers, auditors, and other stakeholders require at their fingertips through integration with context from external sources to go beyond raw events and give the “who, what, when and where” through user activity monitoring for security events.

“Organizations need to achieve successful outcomes from SIEM. Prior to Sentinel 7, SIEM technologies were too complex to reliably produce the right information needed to take action,” said Matt Ulery, director of product management at NetIQ. “With this latest release, we are combining power and simplicity -- the features, functionality, ease-of-deployment and ease-of-use -- to yield the true actionable intelligence teams require to execute effective security incident response, mitigate risk and protect information assets.”

Sentinel 7 is generally available now. Enterprise pricing and licensing is based upon an EPS model. More information ins available at www.netiq.com/sentinel7.