ManageEngine announces new Analyser features
Company announces availability of real-time event correlation, compliance reporting
Real-time IT management company ManageEngine, today announced the availability of new features to its enterprise security log analytics portfolio.
The new version of EventLog Analyser offers complete user audit trails, real-time event correlation and ISO 27001 reporting, while Firewall Analyser now provides PCI DSS, NERC-CIP, NIST, ISO 27001 and SANS compliance reports out of the box. Both updated products will be released at Infosecurity Europe, which takes place from 29 April to 1 May, in London, UK.
"A typical large enterprise today generates 10 to 100bn events every day that amount to several terabytes of security relevant data," said Chenthil Kumaran, development manager, SIEM Solutions, ManageEngine.
"Without an automated solution, making sense out of all those events in real time is impossible. That's why we have built the correlation rules. Now, you can get notified on your mobile device when multiple users try to hack into your most valued server, when a single user tries to login to several servers at once, when a key file gets modified and a host of other scenarios. The software comes bundled with 50 such rules that can be customised further."
EventLog Analyser collects log data from thousands of servers and applies rules to secure the servers by correlating the log data in real time and helps notify users when it spots something suspicious. The product comes bundled with 50 correlation rules that cover user logins, file integrity, user creation, group policies, and unintended software installation. The real-time alerting feature works with Windows and Linux servers and select networking devices.
The user audit trail feature provides a complete audit of what a hacker has done, from login to logout, if a machine is hacked. It gives a complete, stroke-by-stroke trail of everything and includes any activity that leaves a trace in the log, such as opening a browser, deleting a file or running a script.
Also featured is ISO 27001:2013 compliance reporting and remote desktop connection reports.
"ISO 27001:2013 is gaining adoption in Europe, in particular, and we are happy to release EventLog Analyser and Firewall Analyser with support for this standard at Infosecurity in London," said Joel Fernandes, senior product marketing analyst, SIEM Solutions, ManageEngine. "In addition to ISO 27001:2013, we also support PCI DSS, NERC-CIP, NIST and SANS."