Complex, Made Simple
Integrated threat and security intelligence driven by machine learning-based behavioural profiling, trend analysis and anomaly detection to rapidly determine root cause. Sounds cool if a little complex, but what does that mean? Simply put, it means that Insight constantly learns about your systems, your business-as-normal activity and creates a baseline making it easier to alert you when deviations and anomalies are detected.
Insight features full log aggregation, real-time event correlation and online data retention with rules and reports mapped to leading management and SOX, HIPAA, COBIT, GPG13 and PCI-DSS compliance standards. Insight can audit and automate the enforcement of IT controls and problem resolution so compliance becomes part of daily operations – not another managed project.
Security incidents often result in performance incidents, and vice versa. So why manage them separately? Get insights into the operational health of your network, systems, and applications – not just as discrete assets but as business services. Monitor application health, infrastructure resource usage, and tracking and correlating network and application behaviour through a single pane of glass to reduce your mean time to resolution MTTR and simplify, well, everything really!
You pay us for what you actually use, not what you predict you might use, or what we think can get away with charging you. See our Pricing policy for more details. As if that wasn’t enough, we start with free trials to prove the value and help with the business case. Then with the click of a button, the trial can be converted to an ongoing service, with no upfront or hidden costs. This is consumption economics and what we believe to be the true value proposition of cloud computing. Moreover, it removes the need for costly investments in recruiting and training additional specialised staff just to own and operate another platform.
Elastic scalability in the cloud
Planning a large project or marketing campaign? Insight can handle enormous workloads and scales seamlessly up and down with your business activity with no data migration required and minimal delay. The insight service is all managed for you the only thing you need to do is deploy one or more of our collector appliances on your hypervisor of choice.
We talk your language
Insight can collect, parse, correlate and store logs from virtually all IT infrastructure sources including SNMP, Syslog, Windows Management Instrumentation (WMI), Microsoft RPC, Cisco SDEE, Checkpoint LEA, JDBC, VMware VI-SDK, JMX, Telnet, SSH, HTTPS, IMAP, IMAP over SSL and POP3 we can query, consume, analyse and report on it all.
Anything you need not listed? Our Insightful gurus can write custom parsers to learn and feed new device languages into the system.
Forget having to write all your own custom rules and parsers. Insight is already aware of a huge number of vendor platforms so you can get straight to consuming the output and acting on events to prevent them becoming incidents that disrupt services. Do you have any of these systems on your network? 3com, airtight, alcatel, amazon, apache, apc, arista, aruba networks, barracuda bind, blue coat, brocade, checkpoint, cisco, citrix, dell, emc, eset, f5, fireeye, fortinet, foundry, hp, ibm, infoblox, juniper linux, mcafee, microsoft, mikrotek, mysql, nessus, netapp, nginx, nortel, okta, oracle, palo alto, qualys, rapid7, redhat, riverbed, snort, sophos, sourcefire, squid, sun, symantec, tippingpoint, tomcat, trend micro, vmware, voipsla, watchguard and websense. If we so we've got you covered!
Boutique & unique
Have you got some in-house or legacy applications that you're struggling to get visibility of? If so, don't worry we can assist you to get the information you need out of these devices and applications to be analysed and contextualized with the rest of your event data.
One-click, recursive drill-down can be performed on any report to make refining search criteria a breeze and to expedite root-cause analysis that is less error-prone. The quick information will provide detailed information about IP address, MAC address or user. In addition to the inventory data, it shows the health summary of the server without leaving the context.
You can select to view multiple rows of interesting information within the same trend view using checkbox selections to help pinpoint anomalies in the network behaviour in a matter of seconds.
The built-in summary dashboards provide a consolidated overview of security, compliance and performance status for all devices and applications that belong to a specific functional group or business service. Using a fast update mechanism and leveraging the Adobe Flex interface, Insight screens are refreshed quickly and automatically to provide quick insight into the current health of network devices, servers, applications, and services. Health is presented in three simple grades: normal, warning, and critical.
Minimal on premise footprint
Easy to deploy and configure, our virtual collectors use HTTPS so once placed inside your network, you don’t need to poke holes in your firewall for the service to work. To improve efficiency, collectors perform some of the smarts on the event data, including compressing it 8:1, encrypting it and then syncing back to the event database where it will be correlated and contextualized with historical data and near-instantly available to be queried and reported on. Offline? Don't worry, the collector will also cache events during any loss of connectivity to the eyes in the sky (whether your Internet is down, or during scheduled maintenance of the Insight service) so you never have to worry about gaps in your historical searches.
Simulate user behaviour to catch problems before your customers do. Insight runs automated tests around the clock so that a breakdown in performance doesn't mean a breakdown in your business. Internal and external resources. Deep service inspection for HTTP(S), Full end to end Email loop, DNS, SSH, LDAP, JDBC, FTP to name just a few!
Link your infrastructure and applications and display them as Business Services to monitor security, compliance and performance via Dashboard views.
The workflow integration API creates bi-directional workflow integration into leading IT service management and ticketing solutions. Users can now create alerts, tickets and incidents from platforms such as ServiceNow and Connectwise, or vice versa, as well as the ability to customize workflow integration and drill down to obtain deep-dive contextual diagnostics for faster problem analysis and resolution.
We include threat stream integrations as part of the service and can also leverage any of your existing threat intelligence subscriptions to make sure Insight is providing the latest information as it comes to hand whether it’s botnets, mail viruses, worms, DDOS and other day zero malware from DNS, DHCP, web proxy logs and flow traffic and to detect Advanced Persistent Threats.
Insight has the ability to archive events to off-line storage and to bring back off-line data for real time analysis. By default, we keep 1 years’ worth of customer logging data in the live database to increase the efficiency and effectiveness of historical reporting and detailed forensic investigations.
Insight demonstrates to security auditors that collected logs have not been tampered with while at rest within the system. To achieve this, logs are cryptographically signed immediately upon arrival. The checksums are then stored in a database, allowing an auditor to verify the log integrity from the Insight GUI simply by choosing a time period and running a check. If some logs have been found to be tampered with, Insight can identify the who and when.
Insight distils petabytes of data into actionable insights that translate the language of IT operations into the language of business value. Think rich, visual, interactive bubble charts, pie charts, heat maps, and geo maps to communicate the current state of the security, compliance and performance of your IT systems and business services. Always have insights at your fingertips with our smartphone- and tablet-enabled executive reports and dashboards, making Insight as valuable for the executive team as it is for the IT operations team.
(It's in our name!)
SIEM tools empower security analysts to conduct investigations into activities on the network to determine their impact on security. But like any big data system, the old adage “Garbage In, Garbage Out” applies.
This is where the true value of our as-a-service model comes into play; by constantly tuning the input and output of Insight for your organisation – and avoiding the red wall of death – you’re left to focus your limited and overburdened resources on what is most valuable.
That means improving the security, compliance and performance of your IT systems and business services. Boom.