GFI EventsManager
Download
Report
Transcript GFI EventsManager
1
2
Presentation outline
» IT pain points
» The product
» Testimonials
» Kudos
» Conclusion
3
IT PAIN POINTS
4
IT pain points (1/2)
» Protecting business entails prompt detection of the security incidents
» This requires event log analysis – a very tedious process if
performed manually
» Almost 50% of organizations have experienced a security breach
– CSI Computer Crime and Security Survey 2010
» More than 83% of the UK companies experienced a security breach in
2009, with each security incident costing up to £690,000
– Information Security Breaches Survey 2010
5
IT pain points (2/2)
» Meeting regulatory compliance requirements is almost
impossible without an automated log management solution
» Businesses can also suffer from system downtimes and other IT incidents;
it is critical that these are detected and solved quickly to minimize
business loss
» Forensic investigation of IT incidents can be very costly unless event log
data is centralized in a database and proper analysis tools are available
» IT systems usually generate large volumes of event log data which cannot
be reviewed in an efficient manner without a log management tool
6
THE PRODUCT
7
Event monitoring, management and archiving made easy!
» Award-winning events monitoring, management and archiving solution
» Supports a wide range of log types such as Windows, SQL Server Audit,
W3C, Syslog and SNMP traps generated by devices such as firewalls,
routers and sensors
» Monitors an extended range of hardware products, reports on the health
and operational status of each one and collects data for analysis
» Powerful built-in intelligence which helps users to easily identify and
analyze the most important events occurring on their systems
» Large number of predefined and easy-to-customize reports
8
Product snapshot (1/2)
GFI EventsManager™ Management Console
9
Product snapshot (2/2)
GFI EventsManager Quick Launch Console
10
Product benefits (1/2)
» Increase network uptime and identify problems through real-time alerting
» Obtain a detailed view of what is happening across various environments,
thanks to the variety of log types which are supported
» Track and report on SQL server activity such as alteration of DB tables,
attempts to access data without necessary privileges
» Track employee activity on the network such as changes made to their
PCs, files accessed during the day and much more
11
Product benefits (2/2)
» Helps ensure regulatory compliance with PCI DSS, SOX, HIPAA,
Code of Connection and many more
» Provide reliable data sources and a powerful analysis for
forensic investigations
» Process and integrate results from GFI LanGuard™ and
GFI EndPointSecurity™ to get a more compelling picture on the
security status of your network and consolidate your compliance reports
» Excellent pricing!
12
Top features (1/2)
» Fast and cost-effective monitoring and management of the entire network
» SQL Server Auditing for SQL Server 2000, 2005, 2008 and also MSDE
and SQL Express
» Collect events data from GFI EventsManager installations on multiple
sites and locations across your network to a central database and/or files
» Support for devices from the top manufacturers as well as custom devices
» Certified for Windows Server 2008
13
Top features (2/2)
» Excellent event scanning performance and multiple alerting options
» Built-in processing rules provide for effective event classification and
management of devices from Cisco, 3Com, IBM, HP and many others
» Supports all Windows operating systems and their variants starting from
Windows XP
□ Windows XP, Windows Server 2003, Windows Vista,
Windows Server 2008, Windows 7
14
What’s new in GFI EventsManager 2011? (1/2)
File-based storage engine
» The new version of GFI EventsManager uses a file-based storage
engine, which has been developed by GFI to store and work with a
large number of events. This new engine performs solidly even when
working with hundreds of millions of events in the same database.
New reporting engine
» A new reporting engine is integrated into the main interface of the
product. It allows administrators to create reports with custom layouts
and either view them directly in a browser or export them to HTML or
PDF format.
15
What’s new in GFI EventsManager 2011? (2/2)
Drill-down browsing and global search
» Ships with a single browser which is capable of showing all events
from all sources, irrespective of the log type, with views that can be
customized. The browsing experience is also easier to use thanks to
its new drill-down feature and because you can now perform searches
across all the events.
Database encryption and compression
» The product’s new storage engine provides the option to encrypt the
log data that is written into the database; this is based on a password
supplied by the administrator. As the new storage engine is file-based,
the user can also opt to save space by enabling Windows
compression for the folder that hosts the database files.
16
TESTIMONIALS
17
Product testimonials
“We have been using GFI EventsManager for six months now and from a
compliance perspective – particularly with regard to PCI DSS – we are
currently getting closer to compliancy with the help of GFI’s team.
From a technology perspective, we are satisfied with the product.”
– Mark-Oliver Horst, Chief Technical Officer, Quipu Gmbh, Frankfurt, Germany
Click here for more testimonials!
18
Product kudos
» Thousands of customers worldwide use GFI EventsManager
» Validated for the HP Converged Infrastructure
» Numerous product awards, a few listed below:
19
GFI product complements
Best incorporated with GFI’s on-premise network security suite of products:
» GFI LanGuard
for security scanning, vulnerability management and patch management
» GFI EndPointSecurity
for network-wide control of portable storage
media and consumer electronic devices
» GFI Network Server Monitor™
which automatically sends alerts and
corrects network and server issues
20
Conclusion (1/2)
» Fast and cost-effective monitoring and management of the entire network
» Invaluable regulatory compliance companion through built-in dedicated
reports, alerts and views
» Increase network uptime and identify network health and security
problems through real-time alerting
» Centralize, review and analyze Windows, Syslog, W3C, SQL Server and
Oracle audit events and SNMP traps generated by firewalls, servers,
routers, sensors, switches, phone systems, PCs and more
» Built-in intelligence to automatically detect, alert and report on the
most important events generated by various systems and devices in
the network
21
Conclusion (2/2)
» Flexible, secure and efficient data maintenance and replication
» Flexible views with powerful filtering capabilities for quick review and
analysis of the most important events
» Large number of predefined and easy-to-customize reports
» Extended reporting capabilities through fully customizable HTML
and PDF files
» Works with third-party tools to scan specific logs like SharePoint or
IBM iSeries (former AS400) logs
» Excellent pricing
22
Corporate overview
» Offices located around the globe: USA (North Carolina, California and
Florida), UK (London and Dundee), Australia, Austria, Romania,
and Malta
» Hundreds of thousands of installations worldwide
» Trusted by thousands of companies around the world
» GFI products are sold by a global network of thousands of partners
All product and company names herein may be trademarks of their respective owners.
23
More info and downloads
» Click here to learn more about the product
» Check out our competitive pricing
» Download your FREE trial of GFI EventsManager
» Email: [email protected]
» Visit: www.gfi.com/eventsmanager