Network Security SpecialistSnare Agent for WindowsThe Snare for Window Agent enables organizations to selectonly the Event IDs that are critical to their securityrequirement. While some security gurus recommend theorganizations collect all events that are generated, theWindows OS generates a huge volume of data, some ofwhich may not be relevant. It interfaces into the WindowsEventLog/ Windows auditing subsystems. Once configuredthe agent will copy and forward in real time to the collectorany event match. The agent will work on 32 bit or 64 bit.Event logs from the Security, Application and System logs , as well as the new DNS, FileReplication Service, and Active Directory logs are supported. The Enterprise version of theagent also accommodates custom Windows event logs. Log data is converted to text format,and delivered to a remote Snare Server, or to a remote Syslog server with configurable anddynamic facility and priority settings.In addition the Enterprise Snare Agent provides for the ability to send via TCP with Caching, aswell as to multiple destination servers. As well if managing a large number of Agents, whenused with the Snare Server, the ability to review agent configuration and push out configurationto the agents for consistency or for changes in your security requirements.Snare ServerThe Snare Server provides a dashboard view of all pertinent information from a corporation’sheterogeneous network. It collects log files from a variety of operating systems, applicati onsand appliances, as well as the Snare Agents. These include, but are not limited to: Windows ,Solaris, AIX, Irix, Linux, Tru64, ACF2, CISCO Routers, CISCO PIX Firewall, CyberGuard Firewall,Checkpoint Firewall1, Netgear Firewall, IPTables Firewall, Microsoft ISA Server, Microsoft IISServer, Lotus Notes, Microsoft Proxy Server, Apache, Squid, Snort Network Intrusion DetectionSensors, IBM SOCKS Server, and Generic Syslog Data of any variety. As well as text based logfiles and MS SQL.
The benefits of the Snare system are: Ability to collect any arbitrary log event Ability to collect large numbers of events – over 30,000 events per minute on a low-end Intel-based workstation Automatic archiving of events to compressed text, allowing optimization of data base functionality Unique methods for administrators to ‘fine-tune’ reporting criteria Ability to create dynamic reports allowing reporting against any collection profile. Ability to use and filter event log collection methods with or without Snare Agents Annual maintenance includes access to all future Snare System upgrades and new versions Development of the Snare System is guided by its users – they use it daily and know what they need – and we can develop it for you and give you the skills to support all enhancements Unique and powerful forensic analysis tools used worldwide The only system that provides support to ‘Snare Agents’ anywhere in the world Pricing options that are more than competitive against the competition Experienced support team who have been working with ‘Event Log Management’ concepts longer than anyone else and whose tools are more widely used than any other Event Log Management tool worldwideThe Snare System’s return on investment includes: Lower cost of labor through automation of reporting and critical event identification Less traffic on IT networks and systems – less overhead on your operating systems and less strain on your networks, reducing cost on maintenance, monitoring and support Capture event log data from any system using our own resources – not 3rd party – thus reducing cost Automation of audit and compliance functionality, using less resources Effective business continuity by providing a means to manage and lessen risk across the enterprise Instant methods of monitoring user activity and identifying suspect trends and events Effective utilization of your enterprise by allowing users to manage and monitor specific events for systems instead of investigating on a system to system basisThe product is provided as an ISO image, and the base model allows for collection of up to 250devices/nodes (defined as either remote syslog or the open sourced agents). The base modelcan be upgraded to allow for additional collection nodes or you can purchase the EnterpriseSnare Agents.
The product is subject to a maintenance/support subscription, and enhanced support is alsoavailable. License is available as perpetual, term or subscription based.Snare Enterprise AgentsThe Snare Enterprise Agents build upon the hugely popular open source Snare Agents byproviding extensions specifically designed to greatly enhance the 3 pillars of informationsecurity: Confidentiality, Integrity and Availability of critical log data.Enterprise Agents are available for Windows (for use up to and including Windows 2012), Linux,Solaris, AIX, Irix, Epilog Agents for Windows and Unix, and MS SQL. Plus three new Agents, onefor the MAC OSX, and two browser agents – Firefox and Chrome. The Agents can be used tocollect the event logs and send to either the Snare Server or other SIEM products.The benefits of using the Enterprise Agents are numerous, and include: Access to the official support mechanism for Snare agents. The ability to quickly and easily gather the necessary information to comply with NISPOM, PCI, SOX or other regulatory requirements. Access to all future Snare Enterprise Agent versions and upgrades (included as part of the annual maintenance fee). For more information please visit http://symtrex.com/ security -solutions/snare-syste m/snare-server/
Search
Read the Text Version
- 1 - 3
Pages:
