Products

Services

SIEMLink

NetWitness SIEMLink

Overview
Features
Specifications

How do you know if an event or alert from your SIEM, IDS/IPS or log consolidation solution is a false-positive or a zero-day threat to your organization?

Security is all about knowing when and where a threat exists, and definitively knowing its scope and magnitude so that you can take appropriate action in a timely manner – before critical damage is done. NetWitness SIEMLink extends your existing security monitoring infrastructure by empowering it with the deep knowledge and analytics needed to react more effectively to incidents.

SIEMLink™ enables instant integration of the NetWitness network monitoring platform with existing enterprise security technologies. SIEMLink is a light-weight Windows application designed to act as a transparent, real-time translator of critical security event data between Web-based consoles, such as security event and information management (SIEM) systems and network and system management (NSM) programs. Unlike other techniques used to interface event data sources, SIEMLink™ requires no special coding or systems integration work to link an organization’s existing SIEM with NetWitness.

NetWitness customers can greatly augment and empower any existing SIEM, security intelligence, intrusion detection or logging console, or enterprise network management system with zero integration effort.

SIEMLink provides the data that incident response and cyber threat analysis teams need to fuse security event telemetry with the detailed session analysis provided by NetWitness.

NetWitness SIEMLink is available to all NetWitness customers with no additional fee. Please contact your account representative for more information.

Compatible with any SIEM, log consolidator, I/T Search Engine, IDS/IPS, Firewall, NSM, CMF/DLP, sniffer, NBAD, etc.
Microsoft Windows system application that acts as a real-time, on-action translator between an external Web-based application (e.g., a SIEM) and NetWitness NextGen.
Constructs a request that automatically and transparently retrieves data for analysis through the NetWitness Investigator application.

Minimum System Requirements

Windows® 2003 Server or Vista
Internet Explorer 6+ or Firefox
1 Ethernet Port
Licensed NetWitness Investigator & Supporting NextGen capture infrastructure
Optional SIEMLink Firefox Add-on

Download NetWitness Investigator Free!

Now Includes NetWitness Live

Download

Upcoming Events

RSA NetWitness User Conference 2012 Call for Speakers Now Open!

September 10 - 11, 2012