This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

Transition from Envision to Security Analytics.

Anonymous
Not applicable

‎2013-06-27 10:41 AM

We have RSA Envision with 500+ device integrated.And palnning to move to security Analytics.so do we need to integrate all device again .What is best practise.Any one has done this.Any Documnet and video of migration.

 

Thanks and regards

Ganesh

0 Likes
3 REPLIES 3

Anonymous
Not applicable

‎2013-07-01 04:54 PM

Hi Ganesh,

 

We have created enVision Transition Tools for Security Analytics.  While the primary audience for the tool is Professional Services it will be available to customers shortly as well.

 

The tool will take device configurations from enVision and format them into CSVs which are directly importable into the Security Analytics Log Collector.

 

It will examine your enVision reports and display in a way where it will be easy to create the report in SA.

 

It will also take your device groups and list based content and convert it to SA Feeds to add context to the logs when ingested into SA.

 

Thanks,

Guy

Anonymous
Not applicable
In response to Anonymous

‎2013-07-02 02:29 AM

Hi Guy...

 

Thanks for the information .

 

Any idea by when it will be available to customer as well do you have any plan or checklist which has to be follow while migration from the Envision to SA.

 

Thanks and Regards

Ganesh.

0 Likes

Anonymous
Not applicable
In response to Anonymous

‎2013-07-02 01:40 PM

Hi Ganesh,

 

I don’t have an exact date but it will be within a few weeks.

 

There is no specific checklist as each customer is different.

 

The typical transition we see is this.

Stand up SA for Log Collection.

Enable Z-Connector on enVision to send all logs to SA. They will still be kept in enVision as well.

Transition device groups and list based content.

Transition reports and alerts to SA.

Confirm all requirements are met.

Transition device log collection to SA. This can be done over time.

Once all collection is on SA you can decommission the enVision appliances, keeping

the NAS up for reporting against the IPDB via SA.

 

Thanks,

Guy

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.