Introducing Intrusec CM

For the Enterprise that desires a single tool for continuous monitoring of all network assets

Intrusec has created a new class of network security software that detects the appearance of new devices and services, as well as changes to existing devices and services across an entire heterogeneous network. Intrusec's unique Differential Detection Technology integrates heuristics-based detection with a growing signature library to provide near real-time change detection across a wide breadth of devices and services.

Intrusec's detection technology monitors your enterprise from a single centralized point on a network and operates entirely as a network client. It eliminates the need to install "agents" or make any changes whatsoever to monitored devices.

Intrusec CM features include:

• Multi-Layer Detection: Changes at all of the IP, application, and Web services layers of the network are monitored and detected through heuristics built-in to the software and a growing library of dynamically updated signatures
• Vulnerability Scanner Integration: Provides the ability to automatically configure, launch and analyze the results from your existing network vulnerability scanner products when a change is detected, providing detailed vulnerability data and corrective actions about a change.
• Interoperability: Alerts can be delivered via SNMP, XML, email, or to a user-defined executable allowing easy interoperability with security and network management systems.
• Bandwidth Shaping: Built-in bandwidth shaping capabilities allows the network traffic generated to be strictly limited, ensuring it will not interfere with existing applications on your network. Policies such as "Use no more than 100kbps on my local LAN and no more than 5kbps to my external Web server" can be configured in the console in seconds.

Intrusec CM benefits at-a-glance

• Asset oriented - Intrusec Exposé realizes that it is the assets themselves, and the applications and information on them, which are important. With this in mind, Intrusec Exposé provides detailed asset views, as well as advanced methods of asset organization for streamlined use and notifications. Different thresholds and scan patterns can be assigned for different assets and asset groupings.
  
• Prioritize resources - Asset events are ranked by both the technical severity of the change and the business value of the asset affected. This allows the organization to prioritize mitigation resources by business impact, ensuring maximum effectiveness.
  
• Instant visibility - The Intrusec Exposé console provides a view into what is happening on the network: what assets are there, what applications/ports/services exist on the network, what changed and when. When someone in sales sets up their desktop to act as a FTP server, the security staff will know about it in minutes.
• Enhance existing infrastructure - Intrusec Exposé makes other security tools work better by providing much needed guidance. Vulnerability scanners, typically so resource intensive that they are run on a schedule, become instantly more effective because they are run the minute a change is detected, and targeted to minimize drawbacks. Intrusion detection systems produce voluminous alerts, many of them false alarms. Intrusec Exposé can help reduce false alarms by up to 90% by providing insight into the actual state of the asset.
• Lower security TCO - By helping to maximize resources and existing tools, Intrusec Exposé can lower the total cost of security ownership. Mitigation is performed when appropriate, not when it becomes an emergency. By dealing with changes before they become exposures, an organization ensures they are ready for the next attack.