|NOTE: This product is no longer being sold and might not be supported. View the End-of-Life Notice to learn:
An important element of the Cisco® Self-Defending Network, the CiscoWorks Security Information Management Solution (SIMS) integrates, correlates, and analyzes security event data from the enterprise network to improve visibility and provide actionable intelligence for strengthening an organization’s security.
With a high incidence of severe threats and attacks on information assets, IT security has become a priority at organizations’ highest levels. In addition to mitigating threats to mission-critical network systems, enterprises must also comply with a wide range of federal and industry regulations that require them to implement—and verify the effectiveness of—security information management controls. The Cisco Self-Defending Network integrates security and Security Information Management (SIM) solutions throughout the network for a globally distributed threats defense. CiscoWorks SIMS plays an important role by integrating with a heterogeneous array of network devices and security products, allowing network managers to centrally monitor, analyze, act upon security cases based on well-defined security incident handling workflow, and manage enterprise-wide network security.
CiscoWorks SIMS is a critical element of a Cisco Systems® threat defense system—a collaboration of security solutions and intelligent networking technologies that identify and mitigate threats from inside and outside your organization. As part of a threat defense system, CiscoWorks SIMS provides comprehensive coverage throughout the network—from the network data center to branch offices, to network endpoints. It helps security organizations create an auditable security infrastructure for demonstrating regulatory compliance, prevent catastrophic loss, and conduct historical or forensic analysis if an attack occurs.
The comprehensive capabilities of CiscoWorks SIMS include:
- Real-time event monitoring
- Multiple event correlation methods to detect both known and unknown threats while reducing the number of false positives
- Dynamic visualization for fast and intuitive threat identification, tracking, and analysis
- Integrated risk assessment to understand the overall vulnerability of any particular asset within the enterprise
- Comprehensive reporting and forensics for all levels of security operations
- Robust incident-management system that organizes security event data and enforces security response workflow
- Network Admission Control (NAC) event monitoring, reporting, and case management
- Complete event monitoring for all multivendor security environments