ELISA Security Manager
Tool for intercepting and evaluating cybernetic security events
The Novicom ELISA Security Manager is a robust, powerful yet highly cost-effective solution for collecting, correlating and analysing logs. The system provides a high level of convenience for the analysis of detected security incidents and the relevant logs.
WHAT INFORMATION CAN THE ELISA SOLUTION UNCOVER?
The user interface is a web browser. Searching through the database is similar to using an internet search engine. After a short training session, even an inexperienced user will be able to prepare complex filters. The ELISA tool was originally developed as a log management system which has been gradually enhanced to a more complex SIEM-type tool.
Novicom ELISA Security Manager also utilises an advanced correlation engine supporting contextual correlation, even over periods of several months. This allows the detection of cybersecurity events, not only through repeated elementary incidents, but also the spread of hidden malware over a network or users signing into applications after several weeks of inactivity.
The ELISA allows you to enrich the events with information from external sources and calculates a “risk score” for all events, allowing one to easily prioritise the steps needed to resolve alarms that appear. The ELISA includes support for regular monitoring of configurations (the so-called Change Auditor) and other advanced SIEM functions.
ELISA – KEY PROPERTIES
- Automatic evaluation
- Security risk detection
- A clear and simple web user interface
- Compliance with the Cybersecurity Act, GDPR, ISO, PCI
- Built-in Change Auditor
- Further advanced SIEM functions
- Integration with tools for network monitoring and management
- Physical and virtual appliances
- Distributed log collection
- Horizontal scalability
- High performance (up to 10 000 EPS).
- Low initial costs
- Designed for embracing of advantages of strategy of active SOC advantages
ELISA – TECHNOLOGIES USED
Thanks to its architecture ELASTICSEARCH provides lightning-fast responses even with large indexes/databases. The basic user view shows a histogram with the number of matching events in a selected time interval and a paged table summary. When configured properly, the ELISA solution records events in the analytic database in their original form and structure, with seamless support for diacritics. By selecting a specific event, users can open an overview of all its attributes and perform drilldown analyses.
NXLOG is an agent designed for installation on monitored systems that cannot process and send log records autonomously. NXlog supports the interception of events from text logs, Windows event logs, various types of structured logs (CSV, j2log and many more) and relational database tables.
ELISA – PHYSICAL SERVER OR VIRTUAL APPLIANCE
Physical appliances are a complete Novicom ELISA Security Manager system in the form of a pre-installed physical server with “On-Site Service” hardware “the next business day” for 5 years.
Novicom ELISA Security Manager is also available as a virtual appliance (VMware, Hyper-V).
ELISA AND ACTIVE SOC
ELISA is an important part of the Active SOC (Security Operation Center) strategy, which Novicom, together with its SOC partners, is trying to promote on the market. ELISA, together with the ADDNET solution (for efficient management of network services and network access control) and the BVS solution (for visualization of network assets, including their connection to business services) form a unique portfolio that prepares customers for fast and seamless connection to the SOC service. Customers using this product platform can then take full advantage of Active SOC's premium services. Thanks to this, selected SOC operators are able to guarantee a fully qualified active response to cyber attacks in the 24x7 mode without the necessary cooperation with the system administrators at the customer. This is fully in line with the current trend of using top security survaillance (SOC) as a service. This approach eliminates the economic disadvantage of acquiring a complete range of single-purpose technologies and the need to have an in-house highly specialized team able to face professional hackers at any time.
THE NOVICOM ELISA IS APPRECIATED NOT ONLY BY SECURITY ADMINISTRATORS, BUT ALSO BY ADMINISTRATORS RESPONSIBLE FOR SYSTEMS OPERATION.
If you are interested in more information about this or our other products, do not hesitate to contact our sales department at firstname.lastname@example.org.