BUSINESS USER MONITORING OBSERVEIT 5.8. Firewall IDS IAM SIEM Business Users IT Users USERS ARE GATEWAYS OF RISK Contractors Systems AppsData.

Slides:

Advertisements

Similar presentations

Heroix Longitude - multiplatform, automated application performance monitoring and management software.

Advertisements

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

ONE STOP THE TOTAL SERVICE SOLUTION FOR REMOTE DEVICE MANAGMENT.

BalaBit Shell Control Box

© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

USER ACTIVITY MONITORING: YOUR MISSING SECURITY VANTAGE POINT Presented by Matt Zanderigo.

Nastel AutoPilot M6™ for WebSphere MQ Guide MQ 25 janvier 2011 Nastel solutions ensure successful completion of over 1B transactions per day Scott Corrigan.

PCIT201. XenApp 6.5 and earlier IMA = Independent Management Architecture XenApp 7.x and XenDesktop 5+ FMA = FlexCast Management Architecture.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

WTS and PCI Nelson Lah Chief Technology Officer Workplace Technology Services May 27, 2009.

Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.

Citrix Partner Update The Citrix Delivery Centre.

Agenda The Colligo Vision Unified Solutions for & Records Management Colligo Manager Colligo Contributor Pro Colligo Briefcase Colligo Administrator.

Chris Sfanos Program Manager Forefront Client Security Microsoft Session Code: SW17.

Deliver Citrix Desktop Virtualization Confidently with Microsoft SCOM

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Designed By: Technical Training Department

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

SP2 Mikael Nystrom. Agenda Översikt Installation.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Accounts Payables Invoice Automation for SharePoint.

Winter Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.

Module 16: Software Maintenance Using Windows Server Update Services.

SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Product Demo. Terminal Services Log By Acceleratio Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in Technology.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

BMC Software confidential. BMC Performance Manager Will Brown.

Management Suite for Dell Servers The Power of Control! Kevin Winert, Dell OpenManage Product Marketing Bryan Rhodes, Dell Alliance Product Manager, Altiris.

Unify and Simplify: Security Management

Patch Management Only part of the solution….. Bob Isaak Mar 04, 2004.

©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

Introducing Office 365 for Enterprises Andy O’Donald Technical Product Manager Redmond OSP212 Ben Walters Technical Solution Specialist Melbourne.

USER ACTIVITY MONITORING: MITIGATING USER-BASED RISK Presented by XXXX.

SIAM for Device Management May

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Secure & Unified Identity for End Users & Privileged Users.

Managing the Oracle Application Server with Oracle Enterprise Manager 10g.

Future of the Server Room Tour. Ottawa Montreal Calgary Vancouver Toronto Future of Your Server Room Three Pillars of Windows Server 2008 Virtualization.

Microsoft Azure SoftUni Team Technical Trainers Software University

Q XenDesktop & Windows Server 2012 Value Add – RDS & VDI.

Novell Compliance Management Platform Update CMP & CMP Extension for SAP Environments Leo Castro Product Marketing Manager Patrick Gookin.

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

Complete Cloud Security

What’s New in Microsoft SharePoint Server Microsoft SharePoint Server 2010 includes several key enhancements and additions. The ribbon, part of.

12/23/2015Software Assist Corporation1 “Most companies have little idea how pervasive FTP activity is in their organizations because FTP is no longer just.

Product Presentation. SysKit By Acceleratio Acceleratio Ltd. is a software development company based in Zagreb, Croatia, Europe founded in Technology.

The Claromentis Digital Workplace An Introduction

©2015 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE. 1 Bomgar Privileged Access Management.

1 © Copyright 2015 EMC Corporation. All rights reserved. What’s new in RSA Via Lifecycle and Governance 7.0 RSA Customer Update – July 2015.

Citrix ShareFile. Instant file access from any device Sharing and collaboration—with anyone Easy & Familiar (love Dropbox) USERS DEMAND Security Control.

System Center 2012 Configuration Manager Service Pack 1 Overview.

SoftUpdate New features and management technique.

The Ultimate SharePoint Admin Tool

Cloud App Security vs. O365 Advanced Security Management

Get to know SQL Manager SQL Server administration done right

2016 Citrix presentation.

Michael Mast Senior Architect

Complete Cloud Security

Secure & Unified Identity

Introduction to Soonr by ….

Technical Capabilities

Red Sky Update “Watching the horizon for emerging health threats”

Day 2, Session 2 Connecting System Center to the Public Cloud

Productive + Hybrid + Intelligent + Trusted

IT Management, Simplified

Presentation transcript:

BUSINESS USER MONITORING OBSERVEIT 5.8

Firewall IDS IAM SIEM Business Users IT Users USERS ARE GATEWAYS OF RISK Contractors Systems AppsData

RISK = APPS+ USERS Systems Applications Data Maintain backend application systems, DBs, and infrastructure for business users Risks Remote Access Configuration Changes Audit & Compliance IT Users User variety of applications everyday to drive business Risks App Data Extraction Shadow IT Audit & Compliance Business Users

USER RISK LANDSCAPE Contractors Business Users IT App Admins Users ManufacturingHealthcare BankingInsurance Energy Retail Applications IAM FirewallsSIEM Infrastructure DLP Data

BUSINESS USER BUSINESS USER RISK Source: Gartner 2013 Key IT Metrics Report IT USER 5% 95% 84% of Insider based breaches involve users with no admin rights

ENTERPRISE SCALE FOR BUSINESS USER MONITORING  Scale Storage and Performance  Scale Management  Security Automation  Maintaining User Privacy

Scale STORAGE AND PERFORMANCE

IMPROVED PERFORMANCE  Over 10,000 concurrent users  1,500 screenshots per second  3,500 Unix system calls per second

Scale MANAGEMENT

ADMIN DASHBOARD Mini Dashboard – preview important stuff See what is currently deployed Recent agents installed / uninstalled Get status of critical services Application Server status Agent status: -Attempts to stop or kill -Offline, unreachable -Unregistered, uninstalled -Tampered with -Data loss

MONITORED DEVICE LIST  Show agent status  Tampering and data loss indications  Flexible filters  Drill down to specific events

EVENTS, AND NOTIFICATIONS  Large list of detailed events  Full support for Unix/Linux agent  notifications (per event, digest – similar to Alerts)  Integrate with SIEM via Monitor Log and API

SECURITY AUTOMATION User Context SIEMIAM ITSM

EVENT AND ACTIVITY API  Real-time event and activity stream via Direct DB connection  Support all user activities, alerts and system events  Fully supported and documented API  Partners and integrators can provide additional value to customers

MAINTAINING USER PRIVACY

NEW PRIVACY CONTROLS  Secure audit of critical configuration changes  Detailed auditing reports the changes  Unable to view any recorded data  Can also manage ‘Configuration Admin’ users Role for Configuration Only Configuration Change Auditing

ADDITIONAL ENHANCEMENTS

ENHANCED RECORDING  Common way to transfer data on hosted servers  SFTP application agnostic  Can search, report and alert Record SFTP  Time based recording, even without user activity  Now you also know what did the user sees  Configured via Server Policy Continuous Recording

NEW PLATFORMS  Solaris 11  RHEL/CentOS/Oracle Linux 5, 6 Support latest updates for:  SQL Server 2014  Citrix XenDesktop and Citrix XenApp 7.6  Amazon Linux  Fedora 19, 20  RHEL/CentOS/Oracle Linux 7  SLES SuSE 12, Ubuntu Post GA (5.8 SP1 and beyond)

THANK YOU