Savvius Vigil Integrates with Cisco FirePOWER for Additional Risk Mitigation Through Direct Access to Critical Network Forensics Information
Joint solution makes network data easily available to security professionals, reducing both the likelihood and the impact of breaches by speeding up investigations into security alerts
WALNUT CREEK, Calif - July 7, 2016 – Savvius™, Inc., a leader in packet intelligence solutions for security investigations and network performance diagnostics, today announced that Savvius Vigil™, a high-performance network traffic analytics appliance that utilizes alerts from IDS/IPS/SIEM devices to automate the data collection of security incidents, now integrates more deeply with Cisco FirePOWER® NGIPS. Organizations using both products can now investigate and respond to security alerts directly from the FirePOWER user interface, immediately accessing the packet data captured by Vigil. This increases the number of alerts that can be successfully investigated, making the security team more efficient and reducing the likelihood of a security breach.
When an alert is triggered in FirePOWER, the Savvius Vigil appliance captures the specific network traffic that caused the alert. Uniquely, Vigil stores network traffic data from five minutes before through five minutes after the alert triggered. That information, critical to effective investigations, is now available directly through a link in the FirePOWER UI. Investigating the alert simply requires clicking on the link and downloading the network packet file for analysis with Savvius Omnipeek network analysis software or any other network forensics solution. Before this integration, users wanting to investigate a particular event had to leave the FirePOWER interface and manually search for the relevant packets separately in Vigil using the alert information provided by FirePOWER.
"Most enterprises are overwhelmed by security alerts, leading them to investigate and respond to fewer than five percent of them on average. This leaves a broad path for potential attackers and increases risk," said Mandana Javaheri, chief technology officer at Savvius. "Making packet data easily accessible in FirePOWER’s UI helps users rapidly identify false positives, greatly speeding up investigations while reducing the possibility of a malicious attack slipping through uninvestigated."
Savvius Vigil can capture and store the "packet environments" of hundreds, even thousands, of security alerts every day, and make them available for months or longer. If a breach is discovered at a later date, network security professionals will still have the relevant packets on hand. Savvius Vigil includes Savvius Omnipeek software, giving the appliance powerful search capabilities to filter the packets associated with specific alerts and allowing investigators to easily examine packet payloads and the details of network conversations required for security investigations. This greatly reduces the time required to find the root cause, and enhances the team’s ability to minimize Mean Time to Resolution (MTTR) of alert and breach investigations.
A demo of Savvius Vigil’s integration with Cisco FirePOWER will be on display at Cisco Live! Las Vegas, July 11-13, booth #3151. Please contact Savvius for more details.
About Savvius VigilSavvius Vigil is the security industry’s first network forensics appliance. Savvius Vigil automates the collection of network traffic needed for security investigations into both alerts, reducing the likelihood of a breach, and into breaches, minimizing their impact. Even breaches not discovered for months can be effectively investigated using Vigil. Savvius Vigil, which integrates with all leading IDS/IPS systems, includes Omnipeek, award-winning network forensics software. For more information about Vigil, visit https://www.savvius.com/products/security/savvius_vigil.
About Savvius, Inc.Savvius offers a range of powerful software and appliance products that automate the collection of critical network data for network forensics in security investigations and for network and application visibility and performance diagnostics. Savvius products are trusted by network and security professionals at over 6,000 companies in 60 countries around the world. Visit www.savvius.com for information about Savvius Omnipliance®, Savvius Omnipeek®, Savvius Vigil™, and Savvius Insight™, and to learn about Savvius technology and channel partners.
Media ContactsSavvius North America: