Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIVISTA SAFEGUARD MANAGER
51525354555657585960
OmniVista SafeGuard Manager Administration Guide
56
Chapter 4: Visualization
Overview
Network visualization is the ability to determine detailed information about what users
are doing in the network. Data collected during visualization is aggregated and
maintained in a relational database using a set of tables (see Tab le 1 0 for more information
on the kind of data collected).
By having the events be user-based, network visualization allows an administrator to
monitor data in a manner that presents the data in a drillable and easily digestible format.
You can take remediation steps faster when you have a better understanding of a
problem and can act upon a network event.
For example, you have a vendor working on site on a regular basis. You might want to
give this vendor more privileges than a visitor, but might also want to restrict vendor use
to certain applications or file types. Network visualization allows you to configure
policies to block access and log information about that access to OmniVista SafeGuard
Manager. You can also set up visualization filters that enable you to selectively view
events based on VLAN ID, application type, or user role.
Network visualization provides all the user, application, and performance information
you need to have visibility into the network usage through the real-time dashboards (for
more information, see Dashboards). This usage is constant and covers all points in the
network. Visualization events are collected and stored for each user or application. The
OmniVista SafeGuard Manager command center provides dynamic, high-level views of
security information, including:
Providing real-time and historical data
Identifying who is using the network and viewing aggregated data for each user
Identifying applications and resources as they interact with each other and
viewing aggregated data for each application
Identifying traffic patterns that represent normal and legitimate use of the
network
Identifying which traffic patterns represent abnormal (and possibly abusive)
behavior
Identifying when important events occur
Identifying classified documents that passed over the network
Maintaining the malware state of all hosts and allowing administrators to reset
the malware state of hosts