Contact UsContact UsContact Us

Security Analytics

  • High availability that ensures delivery of SIEM data
  • Automatic failover and full disk replication
  • Delivers threat and log management, compliance reporting, and increased operational efficiency

Click to talk to a network expert

Request a Demo

Extreme Security Information and Event Management (SIEM)

A highly scalable database designed to capture real-time log event and network flow data, revealing the footprints of would-be attackers. Extreme Networks SIEM is an enterprise solution that consolidates log source event data from thousands of devices distributed across a network, storing every activity in its raw form, and then performing immediate correlation activities to distinguish the real threats from false positives. It also captures real-time Layer 4 network flow data and, more uniquely, Layer 7 application payloads, using deep packet inspection technology.

An intuitive user interface shared across all Extreme Networks Security Analytics components helps IT personnel quickly identify and remediate network attacks by rank, ordering hundreds of alerts and patterns of anomalous activity into a drastically reduced number of offenses warranting further investigation.

Extreme Risk Manager

Extreme Networks Security Risk Manager is an integral component of a complete security intelligence solution that can help security professionals stay ahead of advanced threats. The ability to proactively quantify risk from vulnerabilities, configuration errors, anomalous network activity and threats can help organizations prevent exploits that target high-value assets and data.

Extreme Networks Security Risk Manager correlates network topology information with data from Extreme Networks Security SIEM including asset configurations, vulnerabilities, network events and flow patterns. This provides valuable insights revealing, for example, which assets and vulnerabilities are causing the most risk, so IT staff can prioritize their remediation tasks. It can also help identify firewall and intrusion prevention system (IPS) misconfigurations that may allow attackers into the network and create inefficiencies in devices.

Extreme Networks Security Risk Manager automates risk management functions in mission-critical areas, helping security professionals safeguard their organizations against an ever-growing spectrum of attacks, vulnerabilities and compliance mandates. On today’s smarter planet, organizations require better visibility into their security policies, postures and practices than ever before, because instrumented, interconnected and intelligent businesses collect and use more information.

Extreme Vulnerability Manager

Extreme Networks Security Vulnerability Manager can help organizations minimize the chances of a network security breach by using a proactive approach to finding security weaknesses and minimizing potential risks. It uses a proven vulnerability scanner to collect up-to-date results, but unlike other solutions, it leverages the capabilities of Extreme Networks Security Analytics Platform to present the data within the overall context of the network usage, security and threat posture. Designed to consolidate results from multiple vulnerability scanners, risk management solutions and external threat intelligence resources, Vulnerability Manager operates like a centralized control center to identify key security weaknesses that need to be addressed to help thwart future attacks.

Vulnerability Manager helps security teams identify resource configuration issues, understand the impact of software patching schedules, coordinate with intrusion prevention systems to block open connections, and establish continuous monitoring of systems that can’t otherwise be remediated—all from a single, integrated dashboard. By correlating vulnerability data with SIEM event and threat analysis, Risk Manager device configuration and network traffic analysis, and external databases, Vulnerability Manager can help organizations build actionable plans for deploying their often constrained IT staffing resources. And since it is already integrated with Security Analytics Platform, security teams have one less system to install, configure and manage.

Extreme Log Manager

Extreme Networks Security Analytics Log Management analyzes all the data from various network and security devices, servers and operating systems, applications, and a wide assortment of endpoints to provide near real-time visibility into developing threats and to meet continuous compliance-monitoring requirements.

With the Log Management flexible query engine, diverse log data is aggregated and correlated into actionable IT operations and security forensics to help identify patterns of attack, anomalies, access and use of confidential data and insider threats.

Extreme X-Force Threat Intelligence

Security Analytics portfolio, an integrated family of products that helps detect and defend against threats by applying sophisticated analytics to more types of data. In doing so, the platform helps identify high-priority incidents that might otherwise get lost in the noise. And you can extend these comprehensive analytics still further, using X-Force Threat Intelligence to augment security analytics capabilities by feeding its proprietary threat insights, including data on malware hosts, spam sources and anonymous proxies. Combining worldwide intelligence from X-Force with security information and event management (SIEM), log management, anomaly detection, and configuration and vulnerability management capabilities provides users with additional context on security incidents, helping improve prioritization of incidents that require additional examination—and enabling organizations to prevent or minimize damaging attacks.

From Our Blog

Today’s University Library: Where Are All the Books?

During my college freshman orientation I asked my tour guide, “Where are all the books?” He replied, “I always get…

Read More

Bookstores Have Left Town, Are Libraries Next?

My small town library has actually become more popular over recent years. The town publicizes events through social media to…

Read More

Extreme Security Information and Event Management (SIEM)

  • Providing Real-Time Visibility for Threat Detection and Prioritization
  • Reducing and Prioritizing Alerts to Focus Investigations into Actionable Offenses
  • Answering Key Questions for More Effective Threat Management
  • Gaining Application Visibility and Anomaly Detection
  • Commanding a Highly Intuitive, One Console Security Solution
  • Extending Threat Protection to Virtual Environments
  • Producing Detailed Data Access and User Activity Reports to Manage Compliance

Extreme Risk Manager

  • Automated Risk Management for Greater Control
  • Vulnerability Risk Assessment
  • Network Security Configuration
  • Network Activity Monitoring
  • Network Security Event and Configuration Correlation
  • Policy Monitoring to Improve Compliance
  • Device Configuration Management to Detect Changes and Profile Future Risks
  • Modeling and Simulation of Attacks and Network Configuration Changes
  • Advanced Tools to Investigate Network Topologies, Traffic and Forensics
  • Security Intelligence to Minimize Risk

Extreme Vulnerability Manager

  • Get a Single, Prioritized View of Potential Vulnerabilities
  • Thwart Advanced Threats
  • Address Compliance Mandates
  • Extend Your Security Intelligence
  • Apply proactive security

Extreme Log Manager

  • Gain Visibility into Log Data for Actionable IT Forensics
  • Drill Down to Obtain Efficient Event Investigations
  • Receive Comprehensive Device Support for Capturing All Network Events
  • Deploy Scalable Appliances to Expand Coverage
  • Ease Burden of Security Today and Tomorrow
  • Log Management Base All-in-One
  • Event Processor
  • Log Management Console Manager
    Options
  • Conversion From Log Management to SIEM

Extreme X-Force Threat Intelligence

  • Address Growing Security Threats Head On
  • Channel the Power of X-Force
  • Enhance Security Analytics Capabilities with X-Force

Extreme Security Information and Event Management (SIEM)

Boost compliance & threat protection through integrated Security Information and Event Management, Log Management, and Network Behavioral Analysis

  • Integrate log management and network threat protection technologies within a common database and shared dashboard user interface
  • Reduce thousands of security events into a manageable list of suspected offenses
  • Detect and track malicious activity over extended time periods, helping to uncover advanced threats often missed by other security solutions
  • Detect insider fraud with advanced capabilities
  • Help exceed regulation mandates and support compliance
  • Leverages existing investments in network and security infrastructure while accelerating time to value through out-of-box functionality, rapid deployment, and staff efficiency gains
  • Integrates with Extreme Networks Threat Protection G2 portfolio, Network Access Control (NAC), and Purview solutions to provide a unified, real-time view of the threat landscape and effectively detect, isolate, and automatically remediate threats
  • Virtual Flow Collector allows the analysis of network behavior and enables Layer 7 visibility within virtual infrastructures
  • Integrated feature-rich management web interface for all applications; Multilingual web user interface – English, French, German, Japanese, Spanish, Korean, Chinese and more

Extreme Risk Manager

Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance

  • Visualize current and potential network traffic patterns with a network topology model, based on security device configurations
  • Quantify and prioritize risk with
    a policy engine that correlates network topology, asset vulnerabilities and actual network traffic, enabling risk-based remediation and facilitating compliance
  • Centralize network security device management to help reduce configuration errors and simplify monitoring of firewall performance
  • Model threat propagation and simulate network topology changes to help improve security

Extreme Vulnerability Manager

Improve security and compliance by prioritizing security gaps for resolution

  • Help prevent security breaches by discovering and highlighting high- risk vulnerabilities from a single, integrated dashboard
  • Prioritize remediation and mitigation activities by understanding the complete network context
  • Enable seamless integration with Extreme Networks SIEM to get dynamic, up-to-date asset information for proactive vulnerability management
  • Conduct rapid network scans— periodically or dynamically—to find security weaknesses and minimize risks
  • Automate regulatory compliance with collection, correlation and reporting

Extreme Log Manager

Real-time log management for defending IT infrastructures and meeting compliance mandates

  • Generate actionable IT forensics by aggregating and correlating a diverse set of logs and events
  • Capture event data from security and network devices, servers, endpoints and applications within a federated repository with a single global view
  • Easily perform forensics, application and network troubleshooting across normalized data for simplified searching
  • Scale to support hundreds of thousands of events per second, per system
  • Help exceed regulatory mandates with rich compliance-reporting capabilities
  • Leverages existing investment
    in network and security infrastructure while accelerating time to value through out-of-box functionality, rapid development and staff efficiency gains
  • Preserve investments by enabling the addition of integrated security information and event management (SIEM) technology
  • Integrates with Extreme Networks Threat Protection (G2), Network Access Control (NAC) and Purview to provide a unified real- time view of logs for highest level of visibility

Extreme X-Force Threat Intelligence

Use dynamic X-Force data from IBM research & development with Extreme Networks Security Analytics products to detect the latest Internet threats

  • Automatically feeds X-Force data into Security Analytics Platform
  • Enrich SIEM threat analysis capabilities with up-to-the-minute data on Internet threats
  • Leverage the additional threat context provided by Security X-Force Threat Intelligence to gain deeper insight and greater protection
  • Prevent or minimize the impact of today’s complex and serious security attack

Extreme Security Information and Event Management (SIEM)

Technical Specification for SIEM All-in-One
 ALL-IN-ONE VIRTUAL ALL-IN-ONE STANDARD ALL-IN-ONE ENTERPRISE ALL-IN-ONE ENTERPRISEPLUS
Description Extreme Networks SIEM G2 ALL-IN-ONE Virtual Extreme Networks SIEM G2 ALL-IN-ONE Standard Appliance Extreme Networks SIEM G2 ALL-IN-ONE Enterprise Appliance Extreme Networks SIEM ALL-IN-ONE EnterprisePlus Appliance
Form Factor 1 RU Appliance 2 RU Appliance 2 RU Appliance
Processor 4 vCPU minimum required* Intel Xeon E5-2630 V2, 2.6GHz, 6 Core, 15MB Cache (x1) Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2) Intel Xeon E5-2680 V2, 2.8GHz, 10 Core, 25MB Cache (x2)
Memory 24 GB minimum required* 32GB 64GB 128GB
Hard Drive 1 TB minimum required* 1.5TB usable 6.2TB usable 40TB usable
Base Events Per Second (EPS) 100 EPS 1000 EPS 1,000 EPS 1,000 EPS
Max Events Per Second (EPS) 5,000 EPS 1,000 EPS 5,000 EPS 15,000 EPS
Base Flows Per Minute (FPM) 15,000 FPM 25,000 FPM 25,000 FPM 25,000 FPM
Max Flows Per Minute (FPM) 200,000 FPM 50,000 FPM 200,000 FPM 300,000 FPM
Upgrade Options None None Can be upgraded to distributed model (Console Manager) Can be upgraded to distributed model (Console Manager)
Technical Specification for SIEM Console Manager
 CONSOLE VIRTUAL CONSOLE ENTERPRISE CONSOLE ENTERPRISEPLUS
Description Extreme Networks SIEM G2 CONSOLE Virtual Extreme Networks SIEM G2 CONSOLE Enterprise Appliance Extreme Networks SIEM G2 CONSOLE EnterprisePlus Appliance
Form Factor 2 RU Appliance 2 RU Appliance
Processor 4 vCPU minimum required* Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2) Intel Xeon E5-2680 V2, 2.8GHz, 10 Core, 25MB Cache (x2)
Memory 24 GB minimum required* 64GB 128GB
Hard Drive 1 TB minimum required* 6.2TB usable 40TB usable
Events Per Second (EPS) N/A N/A (External Event Processor) N/A (External Event Processor)
Flows Per Minute (FPM) N/A N/A (External Flow Processor) N/A (External Flow Processor)
Technical specification for SIEM Event & Flow Processor
 FLP VIRTUAL FLP ENTERPRISE FLP ENTERPRISEPLUS EVP VIRTUAL EVP ENTERPRISE EVP ENTERPRISEPLUS
Description Extreme Networks SIEM G2 Flow Processor (FLP) Virtual Extreme Networks SIEM G2 Flow Processor (FLP) Enterprise Appliance Extreme Networks SIEM G2 Flow Processor (FLP) EnterprisePlus Appliance Extreme Networks SIEM G2 Event Processor (EVP) Virtual Extreme Networks SIEM G2 Event Processor (EVP) Enterprise Appliance Extreme Networks SIEM G2 Event Processor (EVP) EnterprisePlus Appliance
Form Factor 2 RU Appliance 2 RU Appliance 2 RU Appliance 2 RU Appliance
Processor 4 vCPU minimum required* Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2) Intel Xeon E5-2680 V2, 2.8GHz, 10 Core, 25MB Cache (x2) 4 vCPU minimum required* Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2) Intel Xeon E5-2680 V2, 2.8GHz, 10 Core, 25MB Cache (x2)
Memory 12GB minimum required* 64GB 128GB 12GB minimum required* 64GB 128GB
Hard Drive 6.2TB usable 40TB usable 6.2TB usable 40TB usable
Base Events Per Second (EPS) N/A N/A N/A 100 EPS 2,500 EPS 2,500 EPS
Max Events Per Second (EPS) N/A N/A N/A 20,000 EPS 20,000 EPS 40,000 EPS
Base Flows Per Minute (FPM) 15,000 FPM 100,000 FPM 100,000 FPM N/A N/A N/A
Base Flows Per Minute (FPM) 600,000 FPM 600,000 FPM 1,200,000 FPM N/A N/A N/A
Technical Specification for SIEM Combined Event & Flow Processor
 COMBINED EVP-FLP ENTERPRISE COMBINED EVP-FLP ENTERPRISEPLUS
Description Extreme Networks SIEM G2 Combined Event & Flow Processor Enterprise Appliance Extreme Networks SIEM G2 Combined Event & Flow Processor EnterprisePlus Appliance
Form Factor 2 RU Appliance 2 RU Appliance
Processor Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2) Intel Xeon E5-2680 V2, 2.8GHz, 10 Core, 25MB Cache (x2)
Memory 64GB 128GB
Hard Drive 6.2TB usable 40TB usable
Base Events Per Second (EPS) 1,000 EPS 1,000 EPS
Max Events Per Second (EPS) 5,000 EPS 15,000 EPS
Base Flows Per Minute (FPM) 25,000 FPM 25,000 FPM
Base Flows Per Minute (FPM) 200,000 FPM 300,000 FPM
Technical Specification for SIEM Data Node
 DN VIRTUAL DN ENTERPRISE DN ENTERPRISEPLUS
Description Extreme Networks SIEM G2 Data Node Virtual Extreme Networks SIEM G2 Data Node Enterprise Appliance Extreme Networks SIEM G2 Data Node EnterprisePlus Appliance
Form Factor 2 RU Appliance 2 RU Appliance
Processor 4 vCPU minimum required* Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2) Intel Xeon E5-2680 V2, 2.8GHz, 10 Core, 25MB Cache (x2)
Memory 24 GB minimum required* 64GB 128GB
Hard Drive 6.2TB usable 40TB usable
Events Per Second (EPS) N/A N/A (External Event Processor) N/A (External Event Processor)
Flows Per Minute (FPM) N/A N/A (External Flow Processor) N/A (External Flow Processor)
Technical Specification for Event Collector
 EVENT COLLECTOR
Description Extreme Networks SIEM G2 Event Collector Appliance
Form Factor 1 RU Appliance
Processor Intel Xeon E5-2630 V2, 2.6GHz, 6 Core, 15MB Cache (x1)
Memory 16 GB
Hard Drive 600 GB usable
Base Events Per Second (EPS) 1,000 EPS
Max Events Per Second (EPS) 5,000 EPS
Base Flows Per Minute (FPM) 25,000 FPM
Base Flows Per Minute (FPM) 200,000 FPM
Technical Specification for SIEM Flow Collector
 VIRTUAL FLOW COLLECTOR FLOW COLLECTOR APPLIANCE 1G TX FLOW COLLECTOR APPLIANCE MG TX FLOW COLLECTOR APPLIANCE MG SX FLOW COLLECTOR APPLIANCE MG FIBER SR/LR
Description Extreme Networks SIEM G2 Virtual Flow Collector Extreme Networks SIEM G2 Flow Collector Appliance 1Gbps TX Extreme Networks
SIEM G2 Flow Collector Appliance Multi-Gbps TX
Extreme Networks
SIEM G2 Flow Collector Appliance Multi-Gbps SX
Extreme Networks SIEM G2 Flow Collector Appliance Multi-Gbps Fiber SR/Lr
Form Factor 1 RU Appliance 1 RU Appliance 1 RU Appliance 1 RU Appliance 1 RU Appliance
Processor 4 vCPU minimum required* Intel Xeon E5-2630 V2, 2.6GHz, 6 Core, 15MB Cache Intel Xeon E5-2630 V2, 2.6GHz, 6 Core, 15MB Cache Intel Xeon E5-2630 V2, 2.6GHz, 6 Core, 15MB Cache Intel Xeon E5-2630 V2, 2.6GHz, 6 Core, 15MB Cache
Memory 12GB minimum required* 16 GB 16 GB 16 GB 16 GB
Hard Drive 500 GB minimum required* 600 GB usable 600 GB usable 600 GB usable 600 GB usable
Network Ports 5x 10/100/1000 Base-T 4x 1Gbps SFP+ Copper 4x 1Gbps SFP+ Optical 2x 10Gbps SR/ LR
1x 2 port 10Gbps Intel X520 SFP+ Embedded Adapter 1x 2 port 10Gbps Intel X520 SFP+ Embedded Adapter 1x 2 port 10Gbps Intel X520 SFP+ Embedded Adapter 1x 2 port 10Gbps Intel X520 SFP+ Embedded Adapter

Extreme Risk Manager

Technical Specification for Extreme Networks Security Risk Manager
MODEL VIRTUAL APPLIANCE
Description Extreme Networks Security Risk Manager G2 VM Extreme Networks Security Risk Manager G2 Appliance
Form Factor 2 RU Appliance
Processor 8 vCPU minimum required Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2)
Memory 48 GB minimum required 64 GB

Extreme Vulnerability Manager

Technical Specification for Extreme Networks Security Vulnerability Manager
MODEL VIRTUAL APPLIANCE
Description Extreme Networks Security Vulnerability Manager G2 VM Extreme Networks Security Vulnerability Manager G2 Appliance
Form Factor 2 RU Appliance
Processor 2 vCPU minimum required Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2)
Memory 16 GB minimum required 64 GB
Hard Disk 500 GB minimum required 6.2 TB usable

Extreme Log Manager

Technical specification for Log Management All-in-One Deployment
 ALL-IN-ONE VIRTUAL ALL-IN-ONE STANDARD ALL-IN-ONE ENTERPRISE ALL-IN-ONE ENTERPRISEPLUS
Description Extreme Networks Log Management G2 ALL-IN-ONE Virtual Extreme Networks Log Management G2 ALL-IN-ONE Standard Appliance Extreme Networks Log Management G2 ALL-IN-ONE Enterprise Appliance Extreme Networks Log Management G2 ALL-IN-ONE EnterprisePlus Appliance
Form Factor 1 RU Appliance 2 RU Appliance 2 RU Appliance
Processor 4 vCPU minimum required* Intel Xeon E5-2630 V2, 2.6GHz, 6 Core, 15MB Cache (x1) Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2) Intel Xeon E5-2680 V2, 2.8GHz, 10 Core, 25MB Cache (x2)
Memory 24 GB minimum required* 32GB 64GB 128GB
Hard Drive 1 TB minimum required* 1.5TB usable 6.2TB usable 40TB usable
Base Events Per Second (EPS) 100 EPS 500 EPS 1,000 EPS 1,000 EPS
Max Events Per Second (EPS) 5,000 EPS 1,000 EPS 5,000 EPS 15,000 EPS
Upgrade Options None Can be Upgraded to SIEM Can be upgraded to distributed model (Console Manager) or SIEM Can be upgraded to distributed model (Console Manager) or SIEM
Technical specification for Log Management Distributed Deployment
 CONSOLE VIRTUAL CONSOLE ENTERPRISE CONSOLE ENTERPRISEPLUS EVP VIRTUAL EVP ENTERPRISE EVP ENTERPRISEPLUS
Description Extreme Networks Log Management G2 CONSOLE Virtual Extreme Networks Log Management G2 CONSOLE Enterprise Appliance Extreme Networks Log Management G2 CONSOLE EnterprisePlus Appliance Extreme Networks Log Management G2 Event Processor (EVP) Virtual Extreme Networks Log Management G2 Event Processor (EVP) Enterprise Appliance Extreme Networks Log Management
G2 Event Processor (EVP) EnterprisePlus Appliance
Form Factor - 2 RU Appliance 2 RU Appliance 2 RU Appliance 2 RU Appliance
Processor 4 vCPU minimum required* Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2) Intel Xeon E5-2680 V2, 2.8GHz, 10 Core, 25MB Cache (x2) 4 vCPU minimum required Intel Xeon E5-2620 V2, 2.6GHz, 6 Core, 15MB Cache (x2) Intel Xeon E5-2680 V2, 2.8GHz, 10 Core, 25MB Cache (x2)
Memory 24 GB minimum required* 64GB 128GB 12GB minimum required 64GB 128GB
Hard Drive - 6.2TB usable 40TB usable - 6.2TB usable 40TB usable
Base Events Per Second (EPS) N/A N/A N/A 100 EPS 2,500 EPS 2,500 EPS
Max Events Per Second (EPS) N/A N/A N/A 20,000 EPS 20,000 EPS 40,000 EPS
Upgrade Options None Can be Upgraded to SIEM Can be upgraded to SIEM None Can be Upgraded to SIEM Can be upgraded to SIEM