It has been interesting to watch the evolution of this product. The NitroView SIEM consists of three possible pieces. The first is the ESM.This is where the brains of the appliance live. It provides the analysis,reporting and dashboards, as well as configuration and feeder device selections. The Receiver appliance is a collector that gathers the information used by the ESM, crunches it and forwards a specialized metadata stream to the ESM. Finally, there is a virtual receiver that serves the same purpose as the Receiver appliance. The system is designed to reside in a distributed environment.
展开▼
