Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Review: elQNetworks' Enterprise Security Analyzer

Albeit imperative, compliance has become a complicated subject and is stretching budgets and IT staffs to the breaking point. This issue is addressed with elQNetworks' Enterprise Security Analyzer (ESA), which combines compliance reporting with auditing and security tools.

ESA was designed to provide advanced Security Information and Event Management (SIEM) across all network devices and hosts that have an impact on an organization's security framework, including multivendor routers, switches, firewalls, VPNs, intrusion detection and prevention systems, antivirus, proxy, content filtering, spam and Web security systems. ESA also scales from a single firewall device to a distributed enterprise infrastructure.

The ESA platform's main responsibility is to collect data from the various components on the network and roll up that data into a managed database and reporting engine. But for the technology to work properly, ESA must normalize and aggregate the data so that meaningful forensics can be performed.

ESA is built from the combination of two major components: the ESA host application and a Syslog server. Those two components can reside on the same system or in a distributed fashion. The latter allows regional sites to report to a centralized management system and could be the basis for a VAR to roll out ESA as a managed service to their customers.

ESA's browser-based management portal is straightforward. The portal/management console is broken down into several sections, all of which offer a combined dashboard view. Administrators will find an event viewer, alerts, device manager, reporting portal, management portal, topology view and forensics tasks. All of the views offer direct drill down to the event level and realtime views into events and alerts.

  • 1