AccelOps is the industry’s first monitoring application to integrate security (SIEM), performance, and availability monitoring in a single application.
Read more
AccelOps is the industry’s first monitoring application to integrate security (SIEM), performance, and availability monitoring in a single application.
Read moreElastic Events per Second (EPS) Technology
To handle event storms, simply add virtual machines to the AccelOps cluster.
Rich Context
We automatically enrich events with context, such as user, network, server and application. One-click access to diverse information vastly reduces incident resolution time.
Log Management
We use a single software-based log management solution to collect logs from diverse environments.
Threat Management and Compliance
We support cross-domain patterns, nested patterns and time-based operators to codify and detect sophisticated threats. When combined with performance and configuration metrics from AccelOps Performance and Availability Monitoring, you can detect Advanced Persistent Threats and mitigate risks from a single platform.
We have a knowledgebase of more than 1,700 reports, including automated compliance reports covering HIPAA, PCI DSS, SOX and other compliance standards.
Continuous Learning
You can continually enrich the product with new knowledge and patterns through a simple GUI suited for operators and business users. As threats become more sophisticated so does your ability to handle them.
With an integrated and cross-correlated view into your network, devices, apps and user logs, AccelOps simplifies the collection of information that impacts your business.
With a powerful analytics engine, automated CMDB and event consolidation, smart anomaly detection, identity and location binding, and flexible data management, we redefine the next generation of SIEM.
Log Matters
Event log management / security information and event management (SIEM) is considered an IT best practice, and for regulated industries, an audit compliance requisite.
The challenge is how to consistently aggregate, decipher and normalize non-standard log formats; manage massive volumes of event log data for real-time and historic analysis; correlate and consolidate complex event log data to yield actionable intelligence; and maximize event log value to support IT service reliability.
Some equate log management to log aggregation, display, and storage – a simple approach that fails to address these complex challenges. Most SIEM products offer basic event consolidation, simple correlation rules, limited real-time analysis, poor reporting and investigation flexibility, and no identity or infrastructure context. Many still require special collectors, add-on modules, additional systems and significant expertise.
AccelOps’ founders and core team developed one of the industry’s most successful security event management solutions. We have changed the playing field with our all-in-one, scalable data center and IT service management solution. AccelOps leverages network performance, applications, change management, identity, location, virtualization, and other intelligence to take SIEM to the next level.
AccelOps delivers a robust, scalable log management solution offering:
Collect, Parse, Correlate from Anywhere
Supporting multi-vendor device sources and advanced parsing technology, AccelOps can collect, parse, correlate and store logs from virtually all IT infrastructure sources. The solution automatically interprets the device type and how to process the event logs as they are received.
The parser intelligently categorizes the source of the log into different device groups such as firewalls, routers/ switches, wireless LAN controllers, printers, etc. It also groups into various server categories such as Windows, Unix, VMware, and storage devices.
AccelOps automatically discovers your network infrastructure and its resources using intelligent scanning methods. It supports a smart scan method, which iteratively learns only about the live devices in your network. Since only live devices are traversed, it is much faster than other traditional methods of network discovery.
It also supports a range scan method, where each machine in the range is first pinged and then an attempt is made to do full discovery using the given credentials. Once the capabilities of the devices are determined, the web application performance metrics can be fetched from those devices.
Multi-Faceted Data Collection
AccelOps supports virtually all agent-less and agent-based data collection methods to collect logs from a variety of devices and applications including:
Powerful Analytics for Real-time Correlation and Alerting
AccelOps can detect network services and profile network traffic from network flows and firewall logs. An advanced analytics engine detects patterns in data over a rolling time window taking into account very complex patterns. This includes combined patterns of network, system, application and user activity. The built-in analytics engine can be easily extended using XML-based definitions.
AccelOps contains a knowledge base of more than 300 built-in rule classes, covering scenarios such as:
The analytics engine patterns are comprehensive and allow for complete Boolean operators and nested sub-pattern rules:
The built-in summary dashboards provide a consolidated overview of performance, availability, and security status for all devices and applications that belong to a specific functional group or business service.
Using a fast update mechanism and leveraging the Adobe Flex interface, AccelOps screens are refreshed quickly and automatically to provide quick insight into the current health of network devices, servers, applications, and services. Health is presented in three simple grades: normal, warning, and critical. You can conveniently drill down and obtain the details for each metric along with trends, to proactively manage issues and respond to problems or threats before they become critical. You can further tune the performance of health parameters according to the criticality of the device.
AccelOps also features fully customizable dashboards across availability, performance, change and security dimensions including information on various metrics along with the system itself.
The solution includes customizable widgets that can be drag-and-dropped into any dashboard. Each widget can be further customized to provide aggregate, trending, or tabular views. You can adjust the layout by easily selecting from several options and choose from charting displays such as time series trending, pie, column, or spark line charts.
The fast auto-refresh mechanism allows the near real-time update of the dashboard data to provide a current view into infrastructure issues and threats as they occur. You can quickly obtain additional context within dashboard object health status by instantly running a query or drilling down into specific incidents.
One-click, recursive drill-down can be performed on any column to make refining search criteria a breeze and to expedite root-cause analysis that is less error-prone. The quick information will provide detailed information about IP address, MAC address or user. In addition to the inventory data, it shows the health summary of the server without leaving the context.
You can select to view multiple rows of interesting information within the same trend view using checkbox selections to help pinpoint anomalies in the network behavior in a matter of seconds.
Ready to try AccelOps for yourself? Download our virtual appliance now for a free 30-day trial.
Our software-only solution features an automated discovery driven approach that shortens your path to comprehensive monitoring and prevents future security blind spots.
