ManageEngine has announced the general availability of new features to its enterprise security log analytics portfolio. EventLog Analyzer, the security information and event management (SIEM) software, now offers complete user audit trails as well as the real-time event correlation and ISO 27001 reporting previously available in beta. Firewall Analyzer, the firewall security management software, now provides PCI DSS, NERC-CIP, NIST, ISO 27001 and SANS compliance reports out of the box.
ManageEngine will release the new versions of EventLog Analyzer and Firewall Analyzer at Infosecurity Europe, being held April 29–May 1, 2014, at Earl’s Court, London. ManageEngine will be in stand E91.
"A typical large enterprise today generates 10 to 100 billion events every day that amount to several terabytes of security relevant data,” said I. Chenthil, development manager at ManageEngine SIEM solutions. “Without an automated solution, making sense out of all those events in real time is impossible. That's why we have built the correlation rules. Now, you can get notified on your mobile device when multiple users try to hack into your most valued server, when a single user tries to login to several servers at once, when a key file gets modified, and a host of other scenarios. The software comes bundled with 50 such rules that can be customized further for your needs.”
With the general availability of EventLog Analyzer 9, ManageEngine delivers advanced SIEM functionality that facilitates effective IT security threat management with features such as:
Real-time alerting based on event correlation - EventLog Analyzer not only collects log data from thousands of servers, it also applies rules to secure the servers by correlating the log data in real time and helps notify you when it spots something suspicious. The product comes bundled with 50 correlation rules that cover user logins, file integrity, user creation, group policies, and unintended software installation. The real-time alerting feature works with Windows and Linux servers and select networking devices.
User Session Tracking - If a hacker does make it to one of your machines, the user audit trail feature provides a complete audit of what the hacker did, from login to logout. This new feature gives a complete, stroke-by-stroke of everything the hacker did. The coverage includes any activity that leaves a trace in the log such as opening a browser, deleting a file, or running a script.
ISO 27001:2013 compliance reporting – Out-of-the-box compliance reports help companies get certified with the latest ISO 27001:2013 ISMS standards. Compliance reports are systematically prepared and formatted and can be generated in minutes to meet the requirements of the ISO 27001:2013 standards.
Remote Desktop Connection Reports - Enterprises using the Microsoft Terminal Server Gateway to provide VPN-like remote desktop access to their employees can now collect logs and report on security events over the remote desktop connection.
”ISO 27001:2013 is gaining adoption in Europe in particular and we are happy to release EventLog Analyzer and Firewall Analyzer with support for this standard at Infosec London,” said Joel Fernandes, Sr. Product Marketing Analyst, SIEM Solutions, ManageEngine. “In addition to ISO 27001:2013 we also support PCI DSS, NERC-CIP, NIST, and SANS.”