NxSIEM Sensor Benefits

• Network Security Monitoring

  NxSIEM sensor passively integrates to your network and logs activities. These activity are then enriched, correlated or analyzed by Comodo NxSIEM to generate real alerts. Comodo NxSIEM sensor generate high quality network monitoring logs that is fully compatible with NxSIEM predifned content.

• Intrusion Detection

  Comodo NXSIEM detects intrusions or intrusion attempts by the NxSIEM Sensor's IDS and monitoring capabilities combined with powerful analysis and correlation features of NxSIEM cloud. This combination significantly eliminates false positives and gives you timely and correct information about intrusion attempts towards your network.

  Comodo’s SIEM cloud has many predefined correlation rules designed for NxSIEM sensor that starts generating alerts on suspicious situations immediately after installation of the sensor.

• Full Packet Capture

  Comodo NxSIEM sensor is capable of performing full packet capture. This enables both detailed analysis for critical incidents and forensic analysis after an attack using captured packets

• Instant Analysis on NxSIEM Cloud

  Comodo NxSIEM sensor generates logs that is completely compatible to NxSIEM and every information sent from the sensor is normalized, classified and correlated by NxSIEM cloud. This provides easy and immediate security intelligence system enablement across your customer's network.Timely and meaningful alerts that have adequate severity and priority levels are generated automatically without stringent process of defining custom rules, queries or reports.

Features

• Passive device, no network overhead
• Can be deployed on dedicated hardware or virtual environments
• Network Based Intrusion Detection
• Host Based Intrusion Detection
• Full Packet Capture for deep analysis
• Transport data to NxSIEM Cloud through SSL Channels
• Integration via network tap or SPA