Benefits

Benefits of ASAM
  • Centralized agentless traffic data collection, analysis and management
  • Seamless visibility into both external and internal security threats
  • Context-sensitive zero-day intrusion / anomaly detection capabilities
  • Continuous overall security posture assessment
  • Proactive feedback-driven access and traffic policy decisions
  • Actionable and real-time decision support system

Technical Capabilities

  • High throughput & low latency Stream Processing
  • Asynchronous and parallel data processing
  • Rapid Rules Engine and flexible criteria profiles
  • Contextual resource modeling and problem heuristics
  • Advanced event correlation and mining algorithms

Features

Auto Discard Flows

Auto Discard Flows

  • Whitelist specific flows for specific problems
  • Extensive flow filter configuration options
  • Consolidated Discard Filter configuration reporting

 

Event Troublshoot Report

Event Troublshoot Report

  • Ad-hoc forensic investigation and analysis
  • Groups flows for quickly discerning patterns
  • Segment flows by originating router

 

Custom Problem Management

Custom Problem Management

  • Enable ⁄ Disable specific problems and algorithms
  • Focus in pertinent problems of interest

 

Auto Ignore Events

Network security snapshot

  • Whitelist specific resources for specific problems
  • Option to store ignored events for auditing
  • Consolidated Ignore Filter configuration reporting

 

Security Snapshot

Network security snapshot

This displays a list of grouped threat⁄ anomaly as a problem and further, the problems are categorized in to three major problem classes (Bad Src-Dst, DDoS, Suspect Flows). Read more...

 

Event List

Network security event list

The ‘Event List’ in ASAM lists, classifies and organizes all the events that might become attacks. Also, ASAM assigns severity of an event; this allows you to prioritize your actions. Read more...

 

Event Details

network security event details

Event details gives a thorough detail about the problem. The details include network, port, protocol, TCP flag and much more. Clicking on the router name gives details with mapped destination- source IP and the application, port, protocol etc. used. This report can be exported as a pdf or can be mailed with just a single click.