Presentation is loading. Please wait.

Presentation is loading. Please wait.

BUSINESS USER MONITORING OBSERVEIT 5.8. Firewall IDS IAM SIEM Business Users IT Users USERS ARE GATEWAYS OF RISK Contractors Systems AppsData.

Published byLorraine Atkinson Modified over 9 years ago

Similar presentations

Presentation on theme: "BUSINESS USER MONITORING OBSERVEIT 5.8. Firewall IDS IAM SIEM Business Users IT Users USERS ARE GATEWAYS OF RISK Contractors Systems AppsData."— Presentation transcript:

1 BUSINESS USER MONITORING OBSERVEIT 5.8

2 Firewall IDS IAM SIEM Business Users IT Users USERS ARE GATEWAYS OF RISK Contractors Systems AppsData

3 RISK = APPS+ USERS Systems Applications Data Maintain backend application systems, DBs, and infrastructure for business users Risks Remote Access Configuration Changes Audit & Compliance IT Users User variety of applications everyday to drive business Risks App Data Extraction Shadow IT Audit & Compliance Business Users

4 USER RISK LANDSCAPE Contractors Business Users IT App Admins Users ManufacturingHealthcare BankingInsurance Energy Retail Applications IAM FirewallsSIEM Infrastructure DLP Data

5 BUSINESS USER BUSINESS USER RISK Source: Gartner 2013 Key IT Metrics Report IT USER 5% 95% 84% of Insider based breaches involve users with no admin rights

6 ENTERPRISE SCALE FOR BUSINESS USER MONITORING  Scale Storage and Performance  Scale Management  Security Automation  Maintaining User Privacy

7 Scale STORAGE AND PERFORMANCE

8 IMPROVED PERFORMANCE  Over 10,000 concurrent users  1,500 screenshots per second  3,500 Unix system calls per second

9 Scale MANAGEMENT

10 ADMIN DASHBOARD Mini Dashboard – preview important stuff See what is currently deployed Recent agents installed / uninstalled Get status of critical services Application Server status Agent status: -Attempts to stop or kill -Offline, unreachable -Unregistered, uninstalled -Tampered with -Data loss

11 MONITORED DEVICE LIST  Show agent status  Tampering and data loss indications  Flexible filters  Drill down to specific events

12 EVENTS, AND NOTIFICATIONS  Large list of detailed events  Full support for Unix/Linux agent  Email notifications (per event, digest – similar to Alerts)  Integrate with SIEM via Monitor Log and API

13 SECURITY AUTOMATION User Context SIEMIAM ITSM

14 EVENT AND ACTIVITY API  Real-time event and activity stream via Direct DB connection  Support all user activities, alerts and system events  Fully supported and documented API  Partners and integrators can provide additional value to customers

15 MAINTAINING USER PRIVACY

16 NEW PRIVACY CONTROLS  Secure audit of critical configuration changes  Detailed auditing reports the changes  Unable to view any recorded data  Can also manage ‘Configuration Admin’ users Role for Configuration Only Configuration Change Auditing

17 ADDITIONAL ENHANCEMENTS

18 ENHANCED RECORDING  Common way to transfer data on hosted servers  SFTP application agnostic  Can search, report and alert Record SFTP  Time based recording, even without user activity  Now you also know what did the user sees  Configured via Server Policy Continuous Recording

19 NEW PLATFORMS  Solaris 11  RHEL/CentOS/Oracle Linux 5, 6 Support latest updates for:  SQL Server 2014  Citrix XenDesktop and Citrix XenApp 7.6  Amazon Linux  Fedora 19, 20  RHEL/CentOS/Oracle Linux 7  SLES SuSE 12, Ubuntu 14.04 Post GA (5.8 SP1 and beyond)

20 THANK YOU

Download ppt "BUSINESS USER MONITORING OBSERVEIT 5.8. Firewall IDS IAM SIEM Business Users IT Users USERS ARE GATEWAYS OF RISK Contractors Systems AppsData."

Similar presentations

Heroix Longitude - multiplatform, automated application performance monitoring and management software.

Heroix Longitude - multiplatform, automated application performance monitoring and management software.
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
ONE STOP THE TOTAL SERVICE SOLUTION FOR REMOTE DEVICE MANAGMENT.

ONE STOP THE TOTAL SERVICE SOLUTION FOR REMOTE DEVICE MANAGMENT.
BalaBit Shell Control Box

BalaBit Shell Control Box
© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.

© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.
Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.
USER ACTIVITY MONITORING: YOUR MISSING SECURITY VANTAGE POINT Presented by Matt Zanderigo.

USER ACTIVITY MONITORING: YOUR MISSING SECURITY VANTAGE POINT Presented by Matt Zanderigo.
Nastel AutoPilot M6™ for WebSphere MQ Guide MQ 25 janvier 2011 Nastel solutions ensure successful completion of over 1B transactions per day Scott Corrigan.

Nastel AutoPilot M6™ for WebSphere MQ Guide MQ 25 janvier 2011 Nastel solutions ensure successful completion of over 1B transactions per day Scott Corrigan.
PCIT201. XenApp 6.5 and earlier IMA = Independent Management Architecture XenApp 7.x and XenDesktop 5+ FMA = FlexCast Management Architecture.

PCIT201. XenApp 6.5 and earlier IMA = Independent Management Architecture XenApp 7.x and XenDesktop 5+ FMA = FlexCast Management Architecture.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
WTS and PCI Nelson Lah Chief Technology Officer Workplace Technology Services May 27, 2009.

WTS and PCI Nelson Lah Chief Technology Officer Workplace Technology Services May 27, 2009.
Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.

Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.
Citrix Partner Update The Citrix Delivery Centre.

Citrix Partner Update The Citrix Delivery Centre.
Agenda The Colligo Vision Unified Solutions for Email & Records Management Colligo Email Manager Colligo Contributor Pro Colligo Briefcase Colligo Administrator.

Agenda The Colligo Vision Unified Solutions for & Records Management Colligo Manager Colligo Contributor Pro Colligo Briefcase Colligo Administrator.
Chris Sfanos Program Manager Forefront Client Security Microsoft Session Code: SW17.

Chris Sfanos Program Manager Forefront Client Security Microsoft Session Code: SW17.
Deliver Citrix Desktop Virtualization Confidently with Microsoft SCOM

Deliver Citrix Desktop Virtualization Confidently with Microsoft SCOM
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Designed By: Technical Training Department

Designed By: Technical Training Department
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Similar presentations

Ads by Google