Assuring an enterprise's network security is more diffcult than finding a needle in a haystack - it's more like staring at the haystack and wondering if there's a needle in it. The information that points to intrusion and misuse events may be there. But the sheer amount of data is overwhelming, and time-consuming to evaluate.

Intrusion.com’s Kane Secure Enterprise software provides the answers that make finding the "needles" much easier. By combining signature-oriented intrusion detection with advanced behavioral profiling, Kane Secure Enterprise delivers intelligent monitoring and recognition of potential intrusion and misuse — from both external and internal threats.

Kane Secure Enterprise brings together data collection, automated analysis, alerting and reporting into a single monitoring system. This robust, scalable system assimilates complex tracking and analysis of events from hosts, network devices and multi-vendor security applications, blending them into a simple, centralized architecture that is easy to install and use.

Multi-Vendor Monitoring.

Collecting, analyzing and managing multi-vendor security data is critical in detecting security-related events. The ability to interface with a variety of systems, infrastructure devices and applications is a bottom-line requirement.

Kane Secure Enterprise integrates audit and event data from a variety of sources including Windows NT and Solaris servers and desktops, Cisco IOS routers, Check Point FireWall-1, ISS RealSecure, and Cisco Secure IDS. What’s more, the universal parser enables the integration of data from a multitude of agents and proprietary systems.

User Behavior Profiling.

The greatest network security threats don’t come from outside hackers, but from insider misuse, abuse and tampering. Kane Secure Enterprise tracks the activity, usage and behavioral patterns of individuals to build a statistical profile of each user. Users are tracked across categories such as:

• Login-log off times
• Applications executed
• Number of files opened, modified and deleted
• Use of administrative rights
• Directories used most frequently

A significant increase in any unusual patterns can indicate problems with the user, or that the user’s password has been stolen and an intruder is browsing files.