Network Intelligence channels Websense data

Security software vendor Network Intelligence Corp has developed interoperability channels to the web security and filtering products produced by Websense Inc, to let organizations take in employee internet usage patterns alongside the other network and perimeter security data sources being monitored as part of their consolidated security information event management regime.

The companies maintain the steps will help customers develop a complete view of security events across the entire enterprise.

Usage data from Websense can be consolidated into the Network Intelligence Engine, which uses a custom-engineered IP database known as LogSmart. The benefit of this is that it allows administrators to produce intelligible reports from the huge volumes of data that can be collected on employee access to web sites.

Upesh Patel, vice president for product marketing at Network Intelligence, said the system is designed as a high-speed collection engine for data, which can comfortably handle 30,000 events per second, and as many as 300,000 events per second in clustered formats. He said it uses business intelligence routines to display alerts based on anomalies in the data collected, and uses metadata to pull out data relevant for a particular report, rather than rely on standard reporting tools.

Privately held Network Intelligence makes much of the way its appliances normalize the data it collects. Normalization is the process by which the software cuts through the data and distills it down to those data points that matter.

Once data has been collated, the Network Intelligence appliance goes about analyzing the data in context, making decisions about which information is benign and needs to be held on record, which data is potentially benign and should be archived, and which is absolutely critical and must be held on line. The system only runs through a process of normalization after it has carried out this routine of contextual analysis.

This process also helps reduce the archive size, which means an organization can afford to retain more relevant security information and event data for trend analysis and base-lining. And because it is designed for purpose as an appliance form factor, it can compress the data, encrypt it, and authenticate it in real-time.

Patel said forthcoming product plans include the customary improvements to the user interface, extended device support, and extra built-in routines to support new compliance efforts of customers needing to meet emerging regulatory obligations such as Fisma in federal circles and PCI in the retail industry.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing