“A typical large enterprise today generates 10 to 100 billion events every day that amount to several terabytes of security relevant data,” said Chenthil Kumaran, Development Manager, SIEM Solutions, ManageEngine. “Without an automated solution, making sense out of all those events in real time is impossible. That’s why we have built the correlation rules. Now, you can get notified on your mobile device when multiple users try to hack into your most valued server, when a single user tries to login to several servers at once, when a key file gets modified and a host of other scenarios. The software comes bundled with 50 such rules that can be customized further for your needs.”
With the general availability of EventLog Analyzer 9, ManageEngine delivers advanced SIEM functionality that facilitates effective IT security threat management with features such as:
Real-time alerting based on event correlation– EventLog Analyzer not only collects log data from thousands of servers, it also applies rules to secure the servers by correlating the log data in real time and helps notify you when it spots something suspicious. The product comes bundled with 50 correlation rules that cover user logins, file integrity, user creation, group policies, and unintended software installation. The real-time alerting feature works with Windows and Linux servers and select networking devices. Learn more at http://www.manageengine.com/products/eventlog/event-correlation.html.
User session tracking – If a hacker does make it to one of your machines, the user audit trail feature provides a complete audit of what the hacker did — from login to logout. This new feature gives a complete, stroke-by-stroke trail of everything the hacker did. The coverage includes any activity that leaves a trace in the log such as opening a browser, deleting a file or running a script. Learn more at http://www.manageengine.com/products/eventlog/user-session-monitoring.html.
ISO 27001:2013 compliance reporting– Out-of-the-box compliance reports help companies get certified with the latest ISO 27001:2013 ISMS standards. Compliance reports are systematically prepared and formatted and can be generated in minutes to meet the requirements of the ISO 27001:2013 standards. Learn more at http://www.manageengine.com/products/eventlog/iso-27001-compliance-audit.html.
Remote desktop connection reports– Enterprises using the Microsoft Terminal Server Gateway to provide VPN-like remote desktop access to their employees can now collect logs and report on security events over the remote desktop connection. Learn more at http://www.manageengine.com/products/eventlog/microsoft-terminal-server-log-monitoring.html.
“ISO 27001:2013 is gaining adoption in Europe, in particular, and we are happy to release EventLog Analyzer and Firewall Analyzer with support for this standard at Infosecurity in London,” said Joel Fernandes, Senior Product Marketing Analyst, SIEM Solutions, ManageEngine. “In addition to ISO 27001:2013, we also support PCI DSS, NERC-CIP, NIST and SANS.”
Pricing and Availability
EventLog Analyzer 9.0 and Firewall Analyzer 8.1 are available immediately. EventLog Analyzer prices start at $795, and a fully functional, 30-day trial version is available for download at http://www.manageengine.com/products/eventlog/download.html. Firewall Analyzer prices start at $395, and a fully functional, 30-day trial version is available for download at http://www.manageengine.com/products/firewall/download.html.
