©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone SmartEvent (Intro) Антон Разумов Консультант по безопасности.

Slides:



Advertisements
Similar presentations
This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
Advertisements

ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Building on the Foundation of Windows Vista: Introduction to Windows 7: Security and Management Dan Stolts IT Pro Evangelist Microsoft
Optimizing Windows Vista Performance Lesson 10. Skills Matrix Technology SkillObjective DomainObjective # Introducing ReadyBoostTroubleshoot performance.
Advanced Workgroup System. Printer Admin Utility Monitors printers over IP networks Views Sharp and non-Sharp SNMP Devices Provided Standard with Sharp.
IT:Network:Applications VIRTUAL DESKTOP INFRASTRUCTURE.
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
Lesson 19: Configuring Windows Firewall
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Maintaining and Updating Windows Server 2008
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.
MiVoice Office v MiVoice Office v6.0 is mainly a service enhancement release, rather than a user feature rich enhancement release.
IT:Network:Microsoft Applications
HiVision SNMP Software.
Module 16: Software Maintenance Using Windows Server Update Services.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.
1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Norman SecureSurf Protect your users when surfing the Internet.
Presented By: Product Activation Group Syndication.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Что нового появилось после выхода R70 Антон Разумов
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Visibility & Control – Identity, Application & Content Awareness.
1 GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui.
Bulk facility SAG INFOTECH PVT. LTD. Service begins here…
Module 8: Managing Client Configuration and Connectivity.
systemhound © Raxco Software Belgium systemhound PC inventory software.
Conditions and Terms of Use
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
Module 13: Maintaining Software by Using Windows Server Update Services.
CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.
0Gold 11 0Gold 11 LapLink Gold 11 Firewall Service How Connections are Created A Detailed Overview for the IT Manager.
Vantage Report 3.0 Product Sales Guide
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
Windows Small Business Server 2003 Setting up and Connecting David Overton Partner Technical Specialist.
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
BZUPAGES.COM. What is a VPN VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection "tunnel" path from a user's.
1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.
Avira Endpoint Security. Introduction of Avira Management Center (AMC)
© Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Centralized Security Management with Cyberoam Central.
A powerful network monitoring system
1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.
1 © Copyright 11/5/2015 BMC Software, Inc Click-through Demonstration BMC + McAfee = Automated Policy Compliance.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
Microsoft Management Seminar Series SMS 2003 Change Management.
By Bear Mountain Software, Inc.. How Reliable Are ? ? ? ? Your NT Server Networks Messaging Systems IP-based Services ?
Retina Network Security Scanner
1 Microsoft Windows 2000 Network Infrastructure Administration Chapter 4 Monitoring Network Activity.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
Optimizing Windows Vista Performance Lesson 10. Skills Matrix Technology SkillObjective DomainObjective # Introducing ReadyBoostTroubleshoot performance.
IS493 INFORMATION SECURITY TUTORIAL # 1 (S ) ASHRAF YOUSSEF.
Operating System Hardening. Vulnerabilities Unique vulnerabilities for: – Different operating systems – Different vendors – Client and server systems.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security VPN R75 (SecureClient Next Generation)
GFI LANguard Matt Norris Dave Hone Chris Gould. GFI LANguard: Description Through the performances of the three (3) cornerstones of vulnerability management:
Unit 9 ITT TECHNICAL INSTITUTE NT1330 Client-Server Networking II Date: 2/17/2016 Instructor: Williams Obinkyereh.
Maintaining and Updating Windows Server 2008 Lesson 8.
Welcome to Xandros Desktop Version 2.0. What is Xandros? The New Standard – Xandros is the award winning new standard for Desktop Operating System software.
With Folder HelpDesk for Outlook, support centres and other helpdesks can work efficiently with support cases inside Microsoft Outlook. The support tickets.
Self-service enrollment for Windows desktops
Optimizing Efficiency + Funding
Unit 9 NT1330 Client-Server Networking II Date: 8/9/2016
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
5/12/2019 2:57 PM © Microsoft Corporation. All rights reserved.
Presentation transcript:

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone SmartEvent (Intro) Антон Разумов Консультант по безопасности Check Point Software Technologies

2 2©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Agenda 1 Eventia vs SmartEvent 2 SmartEvent look and feel 3 Packaging

3 3©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | SmartEvent vs Eventia SmartEvent blade is based on Eventia Analyzer technology, designed and tuned for event management leveraging Eventia’s sophisticated engines and displays SmartEvent Intro is tuned for a specific product (like IPS or DLP in R71).

4 4©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | SmartEvent Intro vs. SmartEvent Full SmartEvent Intro SmartEvent Full Timeline visibility Single productFull Geo-location view Single productFull Graphical views Single productFull Automatic Actions Single productFull Events Forensics and Analysis Single productFull Reports Basic – Fixed reportsAdvanced – supports full reporting blade capabilities Support 3 rd Party Devices NoYes Custom events NoYes

5 5©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | SmartEvent deployment Corporate Network Branch Offices Internet Extranet Partners Remote Users SmartEvent Server + Correlation Unit + Log server Additional SmartEvent Correlation Unit + Log Server NOC + SOC SmartEvent GUI Security Management + Log Server Adding an additional SmartEvent (Full) Correlation Unit + Log Server SmartEvent Intro has a default correlation unit on every Log Server In addition SmartEvent Into Package does not require any policy configuration or policy install

6 6©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Agenda 1 Eventia vs SmartEvent 2 SmartEvent look and feel 3 Packaging

7 7©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | SmartEvent Intro features Timelines – See real time information, trends, and anomalies at a glance. Charts – View event statistics in bar charts or pie graphs. Maps – Locate source or destination IP on a world map. Forensics – Drill down by double clicking on Timelines, Charts or Maps. Group By – Group events based on severity, source, destination or other fields. Ticketing – Assign events to administrators for analysis User Identification – Every log can be associated with Active Directory user names. ClientInfo – Right click IP address to see processes, hotfixes, and vulnerabilities

8 8©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Monitor Only what is Important! Timeline view  Number and severity of attacks over time  Simple mouse-click drill down to forensic analysis  Customizable – allows user to define his own timelines Recent critical events  At-a-glance view of recent critical events  Simple mouse-click drill down to forensic analysis Timeline view Recent critical events Monitor what is Important

9 9©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Search in any field Timeline view  Number and severity of attacks over time  Simple mouse-click drill down to forensic analysis  Customizable – allows user to define his own timelines Recent critical events  At-a-glance view of recent critical events  Simple mouse-click drill down to forensic analysis Search in any field or combination of fields

10 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Easy Analysis Top views simplify analysis and allow easy drill-down

11 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Group Events for Better Understanding Data can be grouped by any field or combination of fields

12 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Assign a Ticket Attacks must be investigated Jim is assigned to investigate Hacker Land

13 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | User and Machine Names within Eventia Jim looks up the User Name and Machine Info Jim can also see the client and server types

14 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | View Client Information Jim wants more information about the client machine

15 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Client Information ClientInfo provides full details about the client machine: software and security patches installed, processes and services running and more using WMI (Windows Management Instrumentation) By Comparing this info ClientInfo can also state whether the client machine is vulnerable to specific Microsoft issues ClientInfo investigates a specific attack that exploits a vulnerability based on Microsoft Security Bulletin ClientInfo requires credentials with administrator-level privileges on the target computer.

16 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Sending an event Jim can decide to send the event by mail to Mark his colleague for further investigation Hacker Land Jim can decide to report the event to Check Point with or without packet capture The information is analyzed to better understand customer environments and potential false positives

17 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | IPS Events Packet capture – retrieves the data packet that caused the attack if it is still stored on the gateway Add exception, go to protection launches SmartDashboard Advisory, Protection Description attack description as in SmartDashboard CVEs – hyperlink to Mitre and other standard sources Follow-up for new events Report to Check Point ( Note: we don’t give the user any status update)

18 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Agenda 1 Eventia vs SmartEvent 2 SmartEvent look and feel 3 Packaging

19 ©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Pricing & Packaging Available packages: Pre-defined Systems Intro package included in SM2506 and SMU007 pre- defined systems Package NameDescriptionPrice SmartEvent Intro Package Intro Package: event analysis for one single product - IPS, DLP, etc… $4000 SmartEvent Full Package Full Event Analysis capabilities: Full Check Point products support 3 rd party products support Custom Events definitions Reporting $8000 / $16,000 / $32,000 (Based on container size)

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Антон Разумов Консультант по безопасности Check Point Software Technologies

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.