HOME | COMPANY | SUPPORT | HOW TO BUY | SITE MAP TriGeoSphere Blog TriGeo Tweets Facebook RSS Feed

Active Response

Learn more about SIEM

FACT: The last major worm outbreak covered the entire internet in less than 10 minutes.

REALITY: Analyzing threats and responding in real time is not a luxury - it's critical!




Activate Your Network's Own Defenses with TriGeo SIM – The Only SIEM Solution with Proactive Network Defense

In a perfect world, all of your systems would be patched, there would be no such thing as a zero-day attack, worms couldn't traverse the internet in minutes, employees wouldn't click on links or abuse their privileges and you'd actually get to take vacations.

The reality is that you face a sophisticated and highly motivated enemy that will stop at nothing to exploit any weakness. You're constantly under attack, so it's not a question of if a breach will occur but when and how fast can you detect and respond.

TriGeo's Active Response capabilities close the network defense gap and provide continuous, real-time, coverage.

Detect & Respond Immediately

TriGeo is the only SIEM designed and built to proactively defend the network. The key is real-time event analysis, combined with our patented, in-memory, correlation. When seconds count, you need accurate, actionable information.

TriGeo's enterprise-wide view of the network, from perimeter to endpoint, feeds hundreds of correlations rules that can detect suspicious or malicious behavior, and dozens of active responses are available to provide a virtual defensive shield around your network and its critical data.

We made a decision for our future IT purchases. No more forensic tools. Unless the product also performs "blocking" of hostile behavior, we will not be interested.

  • Midwestern Financial Institution

TriGeo's continually expanding list of active responses include the ability to quarantine, block, route and control services, processes, accounts and privileges.

♦ Block an IP Address - Kill suspicious traffic
♦ Disable Networking - Quarantine infected machine
♦ Disable User Account - Revoke access
♦ Kill Process - Terminate unauthorized application
♦ Detach USB Device - Disable unauthorized device
♦ Restart Service - Enable failed service

TriGeo's active responses can be linked to highly granular policies and rules which identify critical assets, incorporate time of day and day of week variations, and provide critical oversight of admin user activity.

Point and Click Response also empowers the IT team to use the TriGeo console interactively for common tasks, like account lockouts, or to respond instantly to suspicious activity or a policy violation.

I'm interested in avoidance, not just notification. We are an action-oriented organization so I think TriGeo's active response is great.

  • Mike Carpenter, VP Information Technology for National Research Corporation.

Search TriGeo

TriGeo SIEM customers Live Webcast Demo - Learn More
© 2001-2009 TriGeo Network Security, Inc. All Rights Reserved.
Privacy | Contact Us | SITE MAP

Questions or comments about this site? Contact