|
Enterprise SysLog Manager (ESM)
ESM is a managed network security appliance (scalable HP server) with database for the collection, management and reporting of syslog messages, from critical hosts and network devices. This includes critical alerts involving security, performance, availability and compliance (access and change) reporting. xDefenders provides valuable design, deploy, management, monitoring and maintenance services.
Major Functions:
*Store and Record Syslog Events in a Central Database.
*Manage and save syslogs from multiple devices at a single location.
*Generate syslog event report Meet Regulatory Requirements and produce Compliance Reports.
*Monitor Activity Correlation engine running every 5 minutes for threshold assessment.
*Performance monitoring of equipment to study resource utilization.
*Generate real-time alerts based on activity and user defined thresholds, system failures, possible attacks and vulnerabilities.
*Comprehensive Search feature, Easy-to-use forensic syslog search for suspicious or unusual activity
Five Compliance Reports are available:
-User Logon Report
-User Logoff Report
-Failed User Logons
-Object Access Report
-IPS Summary Report (Cisco ASA required)
|
