Feature

TriGeo Network Security's TriGeo Security Information Manager 3.0

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: With SSL VPNs on the offense, will IPSec VPNs eventually be benched?."

Download it now to read this article plus other related content.

TriGeo Network Security's TriGeo Security Information Manager 3.0
TriGeo Network Security
Price: Starts at $19,820

    Requires Free Membership to View

TriGeo Network Security's TriGeo Security Information Manager 3.0

Turning data from multiple network and security devices into actionable information isn't just a headache for Fortune 1000 companies--SMBs with limited staff need to know quickly when their networks are threatened.

TriGeo Network Security's TriGeo Security Information Manager (TriGeo SIM) 3.0 fills this niche as a highly flexible, easy-to-manage appliance that's designed to support 50 to 5,000 active devices.

It also adds automated remediation, a plus for any organization. TriGeo SIM can issue policy-based commands to block IP addresses and ports, and shut down or reboot users through Cisco Systems, Check Point Software Technologies, Juniper Networks, WatchGuard Technologies, SonicWALL, TopLayer Networks and Fortinet devices.

Like other SIMs, the appliance gathers data--typically logs--from devices and applications via agents or remote logging from firewalls, routers and switches. Data is normalized and processed by the policy engine, which initiates remediation action and/or an alert via e-mail, SMS, pagers and handheld devices.

The sweet spot for TriGeo, though, is its interface and management. TriGeo has hundreds of prebuilt correlation filters and rules that are as easy to use as LEGOs.

You can create filters based on alert types, and then operate the filters based on any of the data contained within the alert. For example, you can create a "VPN Alerts" tab that can be used to show only the alerts from a Cisco VPN Concentrator. Other custom filters might show modifications to user accounts or changes to do-main properties.

The appliance ships with more than 500 predefined rules. For example, change management rules can identify when users, groups, domains or policies are manipulated. Rules can apply to a specific group of devices, be time-dependent and have easily modifiable thresholds. One drawback is the lack of directory support; users and groups have to be manually created.

This was first published in May 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: