Network Security Specialist
72K - views

Network Security Specialist

NetBeat MON is a cost efficient multi-function network awareness platform. Combining commodity hardware with four preconfigured, open source applications and a custom user interface, NetBeat MON enables centralized monitoring and analysis for basic cyber hygiene at all your small to medium remote sites.

Download Pdf

Network Security Specialist

Download Pdf - The PPT/PDF document "Network Security Specialist" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.

Presentation on theme: "Network Security Specialist"— Presentation transcript:

Network Security Specialist Snare Agent for Windows The Snare for Window Agent enables organizations to select only the Event IDs that are critical to their security requirement. While some security gurus recommend the organizations collect all events that are generated, the Windows OS generates a huge volume of data, some of which may not be relevant. It interfaces into the Windows EventLog / Windows auditing subsystems. Once configured the agent will copy and forward in real time to the colle ctor any event match. The agent will work on 32 bit or 64 bit. Event logs from

the Security, Application and System logs , as well as the new DNS, File Replication Service, and Active Directory logs are supported. The Enterprise version of the agent also a ccommodates custom Windows event logs. Log data is converted to text format, and delivered to a remote Snare Server, or to a remote Syslog server with configurable and dynamic facility and priority settings. In addition the Enterprise Snare Agent provides for the ability to send via TCP with Caching, as well as to multiple destination servers. As well if managing a large number of Agents, when used with the

Snare Server, the ability to review agent configuration and push out configuration to the agents for consistency or for changes in your security requirements. Snare Server The Snare Server provides a dashboard view of all pertinent information from a corporation’s heterogeneous network. It collects log files from a variety of operating systems, applicati ons and appliances, as well as the Snare Agents. These include, but are not limited to: Windows , Solaris, AIX, Irix, Linux, Tru64, ACF2, CISCO Routers, CISCO PIX Firewall, CyberGuard Firewall, Checkpoint Firewall1, Netgear

Firewall, IPTables Firewall, Mi crosoft ISA Server, Microsoft IIS Server, Lotus Notes, Microsoft Proxy Server, Apache, Squid, Snort Network Intrusion Detection Sensors, IBM SOCKS Server, and Generic Syslog Data of any variety. As well as text based log files and MS SQL. The benefits of t he Snare system are : Ability to collect any arbitrary log event Ability to collect large numbers of events – over 30,000 events per minute on a low - end Intel - based workstation Automatic archiving of events to compressed text, allowing optimization of data base functionality

Unique methods for administrators to ‘fine - tune’ reporting criteria Ability to create dynamic reports allowing reporting against any collection profile. Ability to use and filter event log collection methods with or without Snare Agents Annual maintenance includes access to all future Snare System upgrades and new versions Development of the Snare System is guided by its users – they use it daily and know what they need – and we can develop it for you and give you the skills to support al l enhancements Unique and powerful forensic

analysis tools used worldwide The only system that provides support to ‘Snare Agents’ anywhere in the world Pricing options that are more than competitive against the competition Experienced support team who have been working with ‘Event Log Management’ concepts longer than anyone else and whose tools are more widely used than any other Event Log Management tool worldwide The Snare System’s return on investment includes: Lower cost of labor through automation of reporting and critical event identification Less traffic on IT networks

and systems – less overhead on your operating systems and less strain on your networks, reducing cost on maintenance, monitoring and support Capture event log data from any system usin g our own resources – not 3rd party – thus reducing cost Automation of audit and compliance functionality, using less resources Effective business continuity by providing a means to manage and lessen risk across the enterprise Instant methods of monitoring user activity and identifying suspect trends and events Effective utilization of your enterprise by

allowing users to manage and monitor specific events for systems instead of investigating on a system to system basis The product is provided as an ISO image, and the base model allows for collection of up to 250 devices/nodes (defined as either remote syslog or the open sourced agents). The base model can be upgraded to allow for additional collection nodes or you can p urchase the Enterprise Snare Agents. The product is subject to a maintenance/support subscription, and enhanced support is also available. License is available as perpetual, term or subscription based. Snare

Enterprise Agents The Snare Enterprise Agents b uild upon the hugely popular open source Snare Agents by providing extensions specifically designed to greatly enhance the 3 pillars of information security: Confidentiality, Integrity and Availability of critical log data. Enterprise Agents are available for Windows (for use up to and including Windows 2012), Linux, Solaris, AIX, Irix, Epilog Agents for Windows and Unix, and MS SQL. Plus three new Agents, one for the MAC OSX, and two browser agents – Firefox and Chrome. The Agents can be used to collect th e event logs and

send to either the Snare Server or other SIEM products. The benefits of using the Enterprise Agents are numerous, and include: Access to the official support mechanism for Snare agents. The ability to quickly and easily gather the necessar y information to comply with NISPOM, PCI, SOX or other regulatory requirements. Access to all future Snare Enterprise Agent versions and upgrades (included as part of the annual maintenance fee). For more information please visit - solutions/snare - system/snare - server/