|
| |
Cell CMC
is a Centralized security Management Centre (CMC), a world-class
scaleable centralized security management solution for telecom service
providers and enterprises. It can provide a real-time monitoring and
response to the security threats throughout the IP networks. CMC
Platform can monitor, manage and provide response to the security
devices such as Firewalls, IDS or IPS more effectively and efficiently.
The CMC Platform has a scalable and flexible 3-tiered architectural
design, which allows our customer to deploy the CMC into their network
infrastructure easily. A CMC Commander can be used to manage several CMC
Managers- each of which is actually managing several security devices.
In such architecture, a single CMC console can be the centralized event
management console to manage all security devices, such as alerts
provisioning, monitoring, classification and prioritization across
organizations and geographies.
Furthermore, Cell CMC is suitable
for the deployment as a business security solution such as Security
Operation Centre (SOC), which serves as the focal point for a Managed
Security Provider (MSSP) to provide Managed Security Monitoring and
Managed Security Incident Response Service. |
| Key Features: |
 |
 |
Optimized Open-Source Database
Architecture |
|
Real-Time Monitoring and Response |
|
Intelligent Filtering to Reduce False
Positive |
|
Security Knowledge Base(KB) and tracking
response system |
|
Scalable and Flexible Deployment
Architecture |
|
Streamlined OAM&P functions for NOC
and SOC |
|
Centralized Logs Management with Multiple
Sites and Multiple Sensors Configuration |
|
Language supported by Traditional
Chinese, Simplified Chinese, Japanese and English |
|
Third party of firewall and IDS/IPS
security devices supported such as Check Point, NetScreen, Cisco PIX,
3COM, Watchguard, Fortigate, SonicWall, Snort IDS, ISS RealSecure and
Cell IDS and IPS series. |
| CMC Manager |
| Cell CMC manager is an all in one system
providing a real-time monitoring and response to the security threats
throughout the networks. A single CMC Manager can monitor, manage and
provide response to the security devices such as firewalls, IDS or IPS
more effectively and efficiently. |
 |
| Architecture |
While the advanced functionality and
usability of a Security Information Management (SIM) Solution can
transform the way of security operation in organization works;
unfortunately, however, most solutions focus on large scale deployment
in N-tier architecture design but failure in simple deployment and setup
of the system, Cell CMC is built on flexible architecture in combination
of simple deployment and fault tolerance in load sharing when scale-up
in multi-tier architecture for customers to realize its full value.
Because security threats and attacks span the entire network, Cell CMC
is specifically designed with the reliability, performance and
flexibility to deploy across the enterprise in a simple integrated
system for full features of SIM Solution, including event data
collation, stateful correlation analysis, as well as incident
identification to escalation procedures.
In addition, distributed deployment of multiple CMC managers can support
N-tier architecture for fault tolerance in load sharing, which can be
controlled by one centralized Security Threat Centre or Security
Operation Centre. |
Security
Information Management (SIM) Architecture  |
| Security Operationg Knowledge Base |
|
Security Knowledge Base (KB) is a reference database with
most updated information to various significant security bodies for
security operations, it offers of vendor-specific device information as
well as a database of security best practices from such sources as CERT,
CVE and Security Focus.
With an in-depth warehouse of security information at their fingertips,
operators and analysts command powerful decision support capabilities
that, in turn, make incident handling a much easier and more streamlined
process. In order to keep our security windows always in open, Cell CMC
offers Automatic online-update in Security Knowledge Base. |
 |
| Escalation Manager |
|
Escalation Manager offers a well-defined incident response
workflow that dramatically reduces the time required to investigate and
resolve problems. It adapts the SANS Institute Six-Step Incident
Response process and maintains the lifecycle of each security incident.
By utilizing this flexible, comprehensive, and customizable workflow,
users are assured that each security incident is handled with a
rigorous, defined, documented, and complete process that is targeted
specifically at security incidents. In such case management, it enables
in housing of complete set of incident information in a single view that
can be referred and updated by any authorized staff or senior
management. |
 |
| Incident Manager |
|
| Incident Manager determines severity levels for each
security incident with business impact in fuzzy prioritization; and
presents in a single simple console; this allows security operator to
focus resources on solving the most high-risk security threats in
visualization of intrusion scenario cases with more efficiently and
effectively. |
 |
| Stateful Correlation Engine |
|
Cell CMC is built on "Parallel Stateful
Correlation" technology that is designed to give the consistent
high-speed performance, throughput and scalability that global
enterprises and telecommunication industry require. The platform
utilizes parallelism of stateful correlation analysis to mitigate risk
by flagging threats before they compromise key business processes in the
organization.
In Additional, Security Threat Centre or Security Operation Centre can
offer the pre-configured stateful correlation templates which simplify
the configuration and system fine-tuning process. This allows
organizations to tailor the out-of-the-box correlation to address the
unique network environment. |
 |
| Security Event Collection Manager |
|
| Because few standards exist today in the world of
information security, security devices themselves do not adhere to
common criteria when producing security event information. So, while
multi-vendor firewalls, IDS and IPS may perform a similar function,
their event information looks very different. Security Event Collection
Manager helps in normalization and handles cross-product security alarms
and event logs into single normalized dataset for correlation analysis
and visualize in a single Cell CMC management console. |
 |
| Report
Generator |
| Cell CMC generates different kinds of
management or technical reports with whole security pictures for your
network environment, instead of pieces information from individual
security devices; and also, it allows for scheduling of report
generation and welcome for customization of client's own report types
and report formats. |
 |
For Sales enquiry, please send email to sales@sstl.com.hk,
or call us at +852 2152 8966.
|
