The Nevis LANsight management appliance provides centralized security policy configuration, user activity monitoring, event correlation and policy violation reporting for distributed LANenforcer security systems. Its dynamic, identity-based policy management and event reporting give network administrators unprecedented control and visibility into security and compliance-relevant activity for every user on the LAN.
The LANsight appliance and centralized management console enforces universal access control policies for groups, individual users, IP / MAC addresses, and specific ports. Authorization credentials are automatically imported from and synched with your existing AAA and directory services infrastructure (e.g. Microsoft Active Directory) – establishing a seamless integration of identity profiles with network access.
LANsight comes in two scalable configurations depending on the size of the overall Nevis deployment. The LANsight One appliance supports up to 3000 users and networks of 20 LANenforcers. LANsight Two appliances support 10,000 users and up to 100 LANenforcers. Multiple LANsight appliances can be deployed for larger networks.
LANsight can also be configured in a High Availability mode, where two appliances can be configured as the primary and secondary LANsights. In case of a failure of the active LANsight, the other LANsight takes over the operations seamlessly without any disruption to the services or user experience. This feature takes advantage of the strong replication capabilities of MySQL Enterprise Server to keep the data on the two LANsights in sync. MySQL Enterprise Server (http://www.mysql.com/trials/partner/) is the recommended database server for mission critical deployments.
Centralized policy management and reporting reduces complexity and effort for IT administration. LANsight One incorporates robust compliance analysis and reporting with real-time and historical reports by individual user, IP address, MAC address and applications for analysis and regulatory compliance auditing. Regulatory requirements like HIPAA, GLBA and SOX mandate role-based access controls as well as detailed reporting to ensure user accountability, segregation of duties and demonstration of due diligence to auditors and key stakeholders. As the centralized policy decision and enforcement point for the network, the Nevis solution maintains user visibility – before, during, and after network access is granted.
Additionally, compliance with security policy requirements for users’ laptops, PCs and PDAs are enforced and monitored to validate desktop security software (e.g. anti-virus enabled, OS up-to-date). Finally, Nevis compliance reports include detailed and summary views of specific user activity and security policy violations as well as security events (e.g. network scan incidents and anomalies). Real-time event correlation provides immediate and accurate security incident identification and alerting. Nevis’ unique multivariate event correlation analysis consolidates root cause events from multiple LANenforcer security systems and takes into account security policy, user, device, user activities, application, LANenforcer systems and threat detection, to provide deep analysis at wirespeed and virtually eliminate false positives.