Datasheet
Data Sheet
All contents are Copyright © 1992–2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 6 of 9
Topology Discovery
●
Layer 3 and Layer 2 routers, switches, and firewalls
●
Network IDS blades and appliances
●
Manual and scheduled discovery
●
Secure Shell (SSH) Protocol, SNMP, Telnet, and device-specific communications
Vulnerability Analysis
●
Incident-triggered targeted network-based and host-based fingerprinting
●
Switch, router, firewall, and NAT configuration analysis
●
Automated vulnerability scanner data capture
●
Automated and user-tuned false positive analysis
Incident Analysis and Response
●
Role-based security event management dashboard
●
Session-based event consolidation with full-rule context
●
Graphical attack path visualization with detailed investigation
●
Attack path device profiles with endpoint MAC identification
●
Graphical and detailed sequential attack pattern display
●
Incident details, including rules, raw events, common vulnerabilities and exposures (CVEs),
and mitigation options
●
Immediate incident investigation and false positive determination
●
GUI rule definition in support of custom rules and keyword parsing
●
Incident escalation with user-based “to-do” work list
●
Notification, including e-mail, pager, syslog, and SNMP
●
Integration with existing ticketing and workflow system using Extensible Markup Language
(XML) event notification
Query and Reporting
●
Low-latency, real-time event query
●
GUI that supports numerous default queries and customized queries
●
More than 150 popular reports, including management, operational, and regulatory
●
Intuitive report generation yielding unlimited customized reports
●
Data, chart, and trend formats that support HTML and comma-separated value (CSV)
export
●
Live, batch, template, and e-mail forwarding reporting system
●
Easy-to-use query structure built for an effective navigation to the information in a specific
incident