As advanced persistent threats continue to raise the bar for security event information management vendors and other key security players, eIQnetworks upgraded its SecureVue platform, with the goal of offering a more comprehensive view of what’s happening in IT infrastructures.
Version 3.6 of eIQnetworks' SecureVue extends the suite’s capability to perform complex correlation and forensic searches over long time periods. New features include alerts that can be transmitted when a server becomes targeted for a reconnaissance scan, experiences a failed login attempt or undergoes a configuration change, even if no security events are present in the system's log file. The net objective is to enable complete situation awareness from a single console.
"We are bringing together multiple security functions into a single platform," said John Linkous, the Acton, Mass.-based company's vice president, chief security and compliance officer. "There are four critical functions, including next-generation SIEM. The second is the secure configuration audit, which means we can agentlessly monitor everything on the network to make sure that configurations around your firewall, routers, switches and other gear, along with your registry settings, have not been changed without your knowledge. Thirdly, we offer compliance automation capabilities. And finally, we have contextual forensic analysis which brings together all of the various security elements regardless of whether they exist at the network, the OS layer, the app layer, etc.
"In bringing together information from multiple security silos into a single console, the process of doing complete contextual forensic analysis is greatly simplified," Linkous added. "So if something goes wrong, users can assess exactly what happened."
In addition, SecureVue's new forensic search engine speeds up the searching and automatic profiling of billions of data points (more than 10 TB per day of data) to help organizations realize the security benefits of big data analysis without the financial and technical challenges usually associated with it.
NEXT: MSSPs Will Find Midmarket A Sweet Spot
Other upgrades include a complete redesign of the user interface, which has been converted to 100 percent HTML to help support mobile devices. Report rules and alerts have been expanded and are fully customizable within the GUI. The number of alerts has been increased from 200 to more than 500.
The company's targeted customers typically include Fortune 1000 enterprises and the federal government, including the Department of Defense, for which eIQnetworks has earned the Security Content Automation Protocol (SCAP) certification, as well as a host of other seals of approval.
EIQnetworks' go-to-market model is a hybrid that includes direct sales for extremely high-end, named accounts; VAR/systems integrator indirect sales for the remainder of the enterprises; plus MSSP partners who deploy SecureVue as a service and help push the solution stack downward into the midmarket.
“You’d be surprised how many midmarket customers need these capabilities,” Linkous said. “Midmarket retailers with 100 stores or less still have to comply with the same conditions and regulations from a security perspective. Many of these are ideal customers for integrators and MSSPs.”
Linkous estimated channel margins starting at 15 percent for engagements where eIQnetworks furnishes the lead and upward of 35 percent for partner-generated leads.