Comodo NxSIEM SensorReveal what is hidden.
NxSIEM sensor is a passive network monitoring device that seamlessly weaves together three core functions: network monitoring, full packet capture, network-based and host-based intrusion detection, providing important amount of data for powerful network security analysis. By only deploying NxSIEM sensor in your or your customer's network, you can instantly gain significant security visibility.
NxSIEM Sensor fuses signature and anomaly based intrusion detection that monitors network activity and logs any connections, DNS requests, detected network services and software, SSL certificates, and HTTP, FTP, IRC SMTP, SSH, SSL, and Syslog activity, providing a real depth and visibility into the context of data and events on your network
Network Security Monitoring
NxSIEM sensor passively integrates to your network and logs activities. These activity are then enriched, correlated or analyzed by Comodo NxSIEM to generate real alerts. Comodo NxSIEM sensor generate high quality network monitoring logs that is fully compatible with NxSIEM predifned content.
Comodo NXSIEM detects intrusions or intrusion attempts by the NxSIEM Sensor's IDS and monitoring capabilities combined with powerful analysis and correlation features of NxSIEM cloud. This combination significantly eliminates false positives and gives you timely and correct information about intrusion attempts towards your network.
Comodo’s SIEM cloud has many predefined correlation rules designed for NxSIEM sensor that starts generating alerts on suspicious situations immediately after installation of the sensor.
Comodo NxSIEM sensor is capable of performing full packet capture. This enables both detailed analysis for critical incidents and forensic analysis after an attack using captured packets
Comodo NxSIEM sensor generates logs that is completely compatible to NxSIEM and every information sent from the sensor is normalized, classified and correlated by NxSIEM cloud. This provides easy and immediate security intelligence system enablement across your customer's network.Timely and meaningful alerts that have adequate severity and priority levels are generated automatically without stringent process of defining custom rules, queries or reports.