Soluzione SIEM e di Log Management

 

EventLog Analyzer: Soluzione SIEM e

Log Management per la normativa del Garante

EventLog Analyzer è un software Web-based, per la gestione dei log, che permette di ottemperare perfettamente agli obblighi del provvedimento del Garante Privacy, sulla gestione degli Access Log degli Amministratori di Sistema. Il software raccoglie, analizza e archivia gli eventi EventLog da host Windows e SysLog da host Unix/Linux, router, switch, AS/400 e i log di applicazioni e servizi come IIS, FTP IIS, MS SQL, Oracle, DHCP e VMWare.

La vasta gamma di report a disposizione include (out-of-the-box) i report sugli accessi degli Amministratori di sistema richiesti dal Garante. EventLog Analyzer aiuta a monitorare le minacce interne per le risorse IT aziendali e a rafforzare le politiche di sicurezza. I log sono archiviati per finalità di audit e per conformarsi alle più importanti normative e regolamenti.

Dalla console web, l’amministratore è in grado di generare grafici e report che aiutano ad analizzare i problemi dei sistemi e delle applicazioni, riducendo al minimo i tempi di ripristino (MTTR). Per ciascun tipo di evento, possono essere configurati allarmi via email, o l’esecuzione automatica di azioni correttive.

La crittografia, l’hashing e la marcatura temporale dei log archiviati, garantiscono la sicurezza e la verifica d’inalterabilità degli eventi. 

 

 

Utilizza al meglio le informazioni dei tuoi log

 Correlazione Eventi in Tempo Reale
  • Over 70 out-of-the-box event correlation rules for proactive threat management
  • Pinpoints breach attempts, insider threats, policy violations, and more without any manual intervention
  • Flexible drag-n-drop correlation rule builder allows users to define attack patterns thus help in proactively reacting to security threats

 

 Compliance Reports
  • Generate pre-defined/canned compliance reports for Event logs & Syslogs, to meet Garante Privacy, HIPAA, GLBA, PCI DSS, SOX, FISMA and more
  • Provides value added new feature to create custom report for new compliance to help comply with growing new regulatory acts demanding compliance in future

 

 Universal Log Collection
  • Collects logs from heterogeneous sources (Windows systems, Unix/Linux systems, Applications, Routers, Firewalls, etc.) at a centralized location
  • Decipher any log data regardless of the source and log format
  • Agentless log collection (optional agents available)

 

 File Integrity Monitoring
  • Centrally track all changes and get real time alerts when files and folders are created, accessed, viewed, deleted, modified, renamed, etc.
  • Get a complete audit trail of all the changes that happen on files and folders. Audit trail answers the 'what, when, where and how' of all changes in real-time!

 

 Privileged User Monitoring
  • Collects and analyzes all events on privileged user activities
  • Get precise information of user access such as which user performed the action, what was the result of the action, on which server it happened and track down the user workstation from where the action was triggered

 

 Log Search
  • Search for anything, not just a handful of pre-indexed fields, and quickly detect network anomalies, user activities, system/applications errors, etc.
  • Conduct a search using Wild-cards, Phrases and Boolean operators
  • Users can also conduct Grouped searches and Range searches.

 

 Real-time Alerting
  • Get alerted in real-time via SMS and email upon the occurrence of network anomaly. You can even run a program or script to remediate the alert condition.
  • 500+ predefined alert criteria across Windows, Unix/Linux, Application and Network device infrastructure eliminates the need for setting up alert profile for routine tasks thus increasing the operational efficiency.

 

 Log Forensics
  • Drill down to raw logs events and do a root cause analysis within minutes, and drastically reduce the time-to-remediate
  • Generate network forensic reports like user activity reports, system audit reports, regulatory compliance reports, etc.

 

 Log Archive
  • Automatically archives all machine generated logs, system logs, device logs & application logs to a centralized repository
  • Encrypts the event log archive files to ensure the log data is secured for future forensic analysis, compliance and internal audits.

 

 
 
Eventlog Analyzer è disponibile in 3 versioni
Versione Gratuita
 
  • Registrati qui per richiedere la licenza Gratuita per 10 Host
Professional
 
  • Log source count from 50 to 1,000
  • Centralized log collection and archieving
  • Search-based log reports
  • Universal Log Parsing and Indexing
  • File Integrity Monitoring
  • Real-time event correlation and alerts
  • Compliance reporting
  • Log forensics
  • User Session Monitoring
Distributed
 
  • Log source count from 500 to unlimited
  • All features of Premium Edition +
  • Scalable architecture
  • Multi-geographical locations monitoring
  • Distributed central-collector architecture
  • Site specific reports
  • Re-branding and client specific views