Enterprise SysLog Manager (System Info & Event Mgmt.)

 

Common information security wisdom calls for a central system that collects System Information and Event Management (SIEM).  Our ESM is a managed network security appliance (scalable HP server) or hosted service with database for the collection, management and reporting of syslog messages, from critical hosts and network devices.


This includes critical alerts involving security, performance, availability and compliance (access and change) reporting. xDefenders provides valuable design, deploy, management, monitoring and maintenance services.


 SIEM - ESM Features:

  • Store and Record Syslog Events in a Central Database.  Manage and save syslogs from multiple devices at a single location.
  • Generate syslog event report Meet Regulatory Requirements and produce Compliance Reports.
  • Monitor Activity Correlation engine running every 5 minutes for threshold assessment.
  • Performance monitoring of equipment to study resource utilization.
  • Generate real-time alerts based on activity and user defined thresholds, system failures, possible attacks and vulnerabilities.
  • Comprehensive Search feature, Easy-to-use forensic syslog search for suspicious or unusual activity

Compliance Reports:

  • User Logon Report

  • User Logoff Report

  • Failed User Logons

  • Object Access Report

  • IPS Summary Report (Cisco ASA required)