Discover Who Caused the Problem and Who Is Affected with StealthWatch IDentity
Lancope's StealthWatch IDentity appliance provides a direct linkage between individual users and specific network events. By combining StealthWatch's flow-based security, network and application performance monitoring technology with advanced user identity tracking, the IDentity offering automatically connects any unexpected event within the enterprise with the user or users who caused the event. Administrators simply request the username(s) and IP address associated with an event from the StealthWatch Management Console and the system returns the appropriate real-time information.
Read the StealthWatch IDentity datasheet and find out What's New in StealthWatch 6.1.
StealthWatch IDentity is a powerful, real-time solution that requires no agent or service running on an identity or authentication server. Administrators simply click on any IP address within the StealthWatch Management Console and specify a date range or point in time. The IDentity can even connect a username with all the IP addresses into which it is currently logged on. Multiple administrators can access this data simultaneously, making the IDentity an ideal tool for both network optimization and security across the enterprise.
Network and security administrators gain the ability to connect individual network transactions with individual users through the IDentity, which in turn means that users can be held accountable for their actions, and unexpected user needs can be better anticipated and met. This capability significantly improves audit controls for regulatory compliance, since administrators can immediately identify the party responsible for a hardware, software or security issue. The IDentity also simplifies identifying other users affected by an event, so that quarantine and corrective actions can be taken sooner.
This 24x7 monitoring of who is on the network, connected automatically with what each user is doing, overcomes the forensics challenges presented by dynamic enterprise environments. Since it is part of the StealthWatch System, the IDentity works both with StealthWatch native flow capture appliances and with traffic accounting information generated by NetFlow and sFlow-enabled routers and switches. In addition, the IDentity appliance supports a wide range virtual private networks (VPNs), DHCP IP addressing within network segments and large pools of dial-up access devices.
The StealthWatch IDentity Advantage:
- Integrates optimization of security and network operations with user identity tracking
- Automatically identifies individual users and user sessions with specific IP addresses for greater user accountability and faster, more immediate insight into unexpected network events
- Requires no agent or service, and includes built-in support for 8+ market-leading identity store technologies
- Integrates easily with traffic accounting information generated by NetFlow and sFlow-enabled routers and switches
- Cost-effectively supports enterprise infrastructures with a limited number of IDentity appliances, each independently managed by the appropriate domain administrator
| Network | 4 x 1000BaseT (Gigabit over Copper) Only 1 Port Required for Management and Data 1 x RS-232 Serial Console Port |
| Maximum Users | 10,000 |
| Maximum IP-to-ID Records |
10,000,000 |
| Second Unit HA Option | Yes |
| Hard Drive | Single, 160 Gb |
| Cooling Fan | Fixed |
| Power Supply | Single 300W 100 to 240 VAC Frequency 50-60 Hz |
| Dimensions | Height: 1.75 in. (4.4 cm) Width: 17.3 in. (43.9 cm) Depth: 16.7 in. (42.4 cm) |
| Rack Units (Mountable) | 1U |
| Weight | 17.6 lbs. (8.0 kg) |
| Temperature | 32°F to 104°F (0°C to 40°C) |
| Humidity | 5% to 95% |
| Regulatory Compliance |
|
