Login
You are here » Software Products » GFi EventsManager Register
  
GFi EventsManager (http://www.gfi.com/eventsmanager/) collects data from all devices that use Windows event logs, W3C, and Syslog and applies the best rules and filtering in the industry to identify key data. This allows you to track when staff swipe their job , pick the phone to call home, turn on their PC, what they do on their PC and which files they access during their work day. GFi EventsManager also provides you with real-time alerting when critical events arise and suggests remedial action.
Centralized event log management, security and monitoring

Why use GFI EventsManager?

  • Centralizes Syslog, W3C and Windows events generated by firewalls, servers, routers, switches, phone systems, PCs and more
  • Wizard assisted configuration simplifies end-user operation and maintenance
  • Unrivaled event scanning performance scalable to over 6 million events per hour
  • Preconfigured event processing rules for effective out-of-the-box event classification and management
  • Automated 24/7 event activity monitoring and alerting
  • Powerful reporting for effective network activity monitoring and immediate ROI

Network-wide analysis of event logs made easy
  • “Translates” the often cryptic event descriptions to clear, concise explanations and suggestions for action
  • Removes “noise” events that make up a large ratio of all security events
  • Solves the problem of security log files being tampered with
  • Provides real time monitoring and notification
  • Solves fragmented audit trails by consolidating all security events into a single database.

    Monitor IIS, Exchange, ISA & SQL Server
    Using GFI LANguard S.E.L.M., you can proactively monitor your mission-critical servers. Monitor events generated by Microsoft ISA Server, Exchange Server, SQL Server and IIS and prevent network disasters from occurring. For example, you can monitor email queues, SMTP gateways, MAPI availability, bad hard disk blocks, disk space, and more.

    View reports on key security information happening on your network
    GFI LANguard S.E.L.M.’s reporter enables you to identify security trends. Use its standard reports – which you can customize – or create custom reports from scratch. The standard reports include:

  • All failed logons
  • Users who failed to logon due to an invalid username or an incorrect password
  • All account lockouts for a time period
  • Initial daily logon time for each user over a time period
  • Which computers users log into
  • Possible security log tampering for a time period
  • Failed object access events (e.g., to secured files)
  • High security events of the past day, week or month.

    Real time alerts
    GFI LANguard S.E.L.M. can send you alerts when key events or intrusions are detected. You can alert one or more people by email, and send SMS or pager alerts via an email-to-SMS gateway or service. Critical events are also shown in the intrusion monitor.

    Advanced filtering of events using the GFI LANguard S.E.L.M. Event Viewer
    The Windows standard event viewer has limited features, and can only view one computer at a time. GFI LANguard’s Event Viewer provides a single view of all events on all your machines, and also offers advanced filtering capabilities. For example, you can filter based on user, computer, PC security level, and contents of the event description/property. It also includes a condition builder to enable you to make advanced filters on a combination of these variables. View screenshot

    Detect intruders and security breaches: Intrusion detection the right way!
    GFI LANguard S.E.L.M. acts as a host-based intrusion detection system by analyzing security events in real time. This way you can detect intruders and security breaches without having to install a network-based intrusion detection system (IDS). Network-based IDS products are expensive and difficult to deploy.

    Scalable to support WANs and LANs
    GFI LANguard S.E.L.M. has a very efficient event log collector agent, allowing real time collection of security events without impacting network performance. For very large networks or WANS, scanning of events can be distributed over multiple GFI LANguard S.E.L.M. installations, which can be connected via the WAN connector. In this way, each GFI LANguard S.E.L.M. installation will monitor a specific part of the LAN or WAN and retrieve critical/important events for this "section". The connector then forwards these critical events to a central GFI LANguard S.E.L.M. database. This reduces network traffic, bandwidth and storage use, but still allows you to monitor tens of thousands of workstations and servers, even across WAN links.

    Rules-based event log management
    GFI LANguard S.E.L.M. includes a powerful rules interface, which allows you to easily set up event rules based on the ID, condition and content of an event property. For example, be notified immediately if a particular user tries to log in more than x number of times, or attempts to access a particular file. You can also use the rules wizard to monitor custom or third party applications.

    Monitor access to important files
    By auditing failed access to important files you can check who is attempting to access those files. This enables you to preempt more extensive network “attacks” or hacking attempts based on social engineering. GFI LANguard also allows you to audit successful access to files, meaning you can record who accessed the files and when. You can also monitor for certain processes being launched.

    Other features:

  • Intrusion and event collection status monitor
  • Supports Access, SQL Server and MSDE as backend
  • Real time and scheduled monitoring
  • Detect web server intrusions
  • Detect changes to important files on workstations and servers

    System Requirements
  • Microsoft .NET Framework 2.0
  • Microsoft Data Access Components (MDAC) 2.6 or later
  • Access to MSDE/SQL Server 2000 or later
    •       

    Copyright 2006 by Keysys Inc   Terms Of Use  Privacy Statement