Regulatory compliance

The Sarbanes-Oxley Act of 2002 (SOX) imposes significant demands on the enterprise Network manager — specifically in the area of interior network security. Complying with Section 404 of SOX ('Annual Assessment of Internal Controls') will require a new assessment of interior network security policies. And, the potential cost of non-compliance is extremely high — especially for public companies in the US. There are other regulatory compliance measures that affect IT in a similar fashion as far as the following issues are concerned:

Just implementing a logging mechanism for firewall logs, system logs or IDP logs may not be sufficient for compliance needs, because these logs only retain a part of what is going on in the network traffic. nLive retains data on individual transactions in the network. Besides, nLive technology enhances a network manager’s ability to meet SOX, and other, compliance requirements.

The following points are noteworthy for compliance applications:

• Extensive reporting of network activity:
  nLive provides extensive logging and reporting of network traffic and archives it for many months or years. These reports can be used to identify problems, measure and verify network compliance, and should satisfy logging requirements.
• Incident logging supports forensic analyses: nLive provides extensive incident tracking logs with ability to correlate, sort and search information easily. These logs can be used to analyze security incidents and perform forensics analyses for months or years.
• Activity reports with reliable timestamps: Network managers get comprehensive reporting capabilities to document the activities of the network. These reports can be scheduled to run periodically or as necessary. Activity reports have reliable timestamps (synchronized with time servers) to meet audit requirements.nLive provides ability to automatically generate PDF reports of network traffic and anomalies to archive and to meet compliance needs.
• Logs unauthorized access attempts: nLive detects and logs all attempts to access network resources including critical applications and sensitive data. This includes sensitive financial and intellectual property databases.
• Accurate alerting: nLive determines a network-specific normal behavior envelope based on multiple dimensions. This results in highly accurate alerts and very few false alarms, and produces more meaningful reports for auditability.
• Easy drill-down, searching and forensic investigation: Network managers can drill-down into the origin of an abnormal event or just any traffic. nLive also provides very powerful searching capability with multiple fields for searching into traffic, problems and scores. These features allow for relevant investigation into root causes of network problems, security breaches, and provides more details if needed during an audit.