StealthWatch IDentity

Know automatically who is responsible and who is affected with StealthWatch IDentity

Lancope's StealthWatch® IDentity appliance provides a direct linkage between individual users and specific network events. By combining StealthWatch's flow-based Network Behavior Analysis (NBA) and Response technology with advanced user identity tracking, the IDentity automatically connects any unexpected event within the enterprise network with the user or users who caused the event. Administrators simply request the username(s) and IP address associated with an event from the StealthWatch Management Console, and the system returns the appropriate information in real-time.

The IDentity is a powerful, real-time solution that requires no agent or service running on an identity or authentication server. Administrators simply click on any IP address within the StealthWatch Management Console and specify a date range or point in time. The IDentity can even connect a username with all the IP addresses into which it is currently logged on. Multiple administrators can access this data simultaneously, making the IDentity an ideal tool for both network optimization and security across the enterprise.

Network and security administrators gain the ability to connect individual network transactions with individual users with the IDentity, which in turn means that users can be held accountable for their actions, and unexpected user needs can be better anticipated and met. This capability significantly improves audit controls for regulatory compliance, since administrators can immediately identify the party responsible for a hardware, software or security issue. The IDentity also simplifies identifying other users affected by an event, so that quarantine and corrective actions can be taken sooner.

This 24x7 monitoring of who is on the network, connected automatically with what each user is doing, overcomes the forensics challenges presented by dynamic enterprise environments. Since it is part of the StealthWatch system, the IDentity works both with StealthWatch native flow capture appliances and with traffic accounting information generated by NetFlow™ and sFlow®-enabled routers and switches. In addition, the IDentity appliance supports a wide range virtual private networks (VPNs), DHCP IP addressing within network segments, and large pools of dial-up access devices.

The StealthWatch IDentity Advantage:

• Integrates optimization of security and network operations with user identity tracking
• Automatically identifies individual users and user sessions with specific IP addresses for greater user accountability and faster, more immediate insight into unexpected network events
• Requires no agent or service, and includes built-in support for 8+ market-leading identity store technologies
• Integrates easily with traffic accounting information generated by NetFlow and sFlow-enabled routers and switches
• Cost-effectively supports enterprise infrastructures with a limited number of IDentity appliances, each independently managed by the appropriate domain administrator

Read the StealthWatch IDentity datasheet.

Contact Lancope Sales for Additional Information

Request a Demo