Prism Microsystems Solutions - increase security.

SOLUTIONS

Security

Related Resources

	Webinar: Maximize Your Log Data
	Webinar: Real-Time Event Correlation
	Whitepaper: Fifity Critical Alerts for Monitoring Windows Servers
	Webinar: Managing Security Logs in Windows Vista

EventTracker provides complete event log monitoring, reporting, and analysis

Through centralized event log monitoring, security event correlation, host based intrusion detection and security beyond the firewall, Prism solutions enable you to monitor your mission critical servers and workstations from risks posed by hackers.

Comprehensive Event Management
Event logs from firewalls, routers, systems and applications provide valuable clues about the state of a company’s overall security posture. The really important clues, however, are often very hard to detect and sometimes can only be extracted after viewing series of events on multiple systems in context. Implementing an event management solution like EventTracker improves security and reduces demands on IT resources by solving the following challenges:

Multiple, dispersed logs across local systems, domain controllers, and servers. EventTracker automates the collection of all these logs to a single point for analysis.
Managing the large quantity of data, often with inconsistent formats. EventTracker provides powerful event filtering, consolidation, and correlation.
Obscure event entries requiring expert knowledge to determine the significance of a particular event and connect it with seemingly unrelated events. EventTracker enables automated built-in knowledge so that important events get acted upon.
Having to manually look across multiple systems for signs of security problems.
EventTracker correlation enables triggers to be set on complex series of events occurring on multiple systems that together indicate that a security issue is occurring.

Host-based Intrusion Detection

The security mission is to protect corporate data and business intelligence. In order to do this it is critical to protect the server where the data resides, not just around the perimeter.

Enforce perimeter security with real-time alerts.
Consolidate event logs from multiple sources into a single database for effective and rapid cause/effect investigation.
Correlate events over the enterprise from systems and applications, not just network infrastructure, to identify patterns and preserve security knowledge.
Detect and alert on network connections on any port from unidentified or blacklisted sources with Network Connection Monitoring.

Incident Response and Forensic Analysis

Today, it is no longer a matter of if an attack will occur, but when, and often how many times. Critical to ongoing security efforts is how quickly and effectively a company can respond, both while an attack is in progress, as well as after the fact to help prevent future attacks.

With event correlation, you will be able to pinpoint exact problems and detect intrusions in real-time before it is too late:

Events from multiple servers and domains can be correlated to provide for faster decision making and greater security.
Define the pattern of events, rules and corresponding actions which can simplify and tighten monitoring of windows and Network events.
Create customized correlation rules to detect common and critical security conditions in real-time.

Once an attack has occurred, EventTracker provides a secure event warehouse and powerful reporting engine for security and forensic analysis. The report engine can run a search based on simple rules or generate a report based on complex search patterns.

Research the sequence of events that led to the incident
Test your security improvements by playing back a saved event sequence

8815 Centre Park Dr. • Columbia MD 21045 • 877.333.1433