|
| |
|
|
eTrust
Audit
|
Central Audit Log Data
Repository
With eTrust Audit, you have the ability to
collect enterprise-wide security events and system audit data, filter
collected information for consolidated viewing and reporting, and
automatically trigger appropriate actions upon detecting unusual or
malicious activities on the system. eTrust Audit can collect event
information from a wide spectrum of sources, including UNIX and Windows NT
servers, Web servers, eTrust products, mainframe security products, and
other application services . and stores this information in a central
database for easy access and reporting. Administrators use eTrust Audit for
monitoring, alerting, and reporting information about user activity across
platforms, while at the same time, triggering actions to be immediately
deployed once eTrust Audit detects defined activity patterns.
Enterprise-Wide Security .
The Information Gap
As corporate computer networks expand to
include more machines and applications, managing security-related events
becomes an increasingly complex task. While native operating systems provide
auditing tools, they often are not adequately designed to provide needed
event handling capabilities due to lack of intuitive user interfaces,
limited functionality, hard to decipher event messages, and weak common
messaging format. Organizations need a solution that clearly communicates
relevant data to security and systems managers, enabling rapid assessment
and response. eTrust Audit provides the needed functionality and
connectivity among different systems and enables administrators to perform
their work more efficiently at lower cost.
A Clear, Concise View Of
Security Related Data
eTrust Audit gives security and systems
management teams the unique ability to collect information form various
event data sources into a single database. It eliminates unnecessary
guesswork by translating all collected information to a common, intuitive
format . regardless of the event's source.
With Policy Manager, eTrust Audit performs
centralized security policy management functions, defines the organization
security policy, and performs remote distribution of host-based Intrusion
Detection rules to the client, enabling administrators to identify and be
alerted to suspicious events through a user-friendly management program.
Innovative Design
eTrust Audit installs a Recording and
Routing Agent on each targeted system or application host, as well as a
Server Collector at the point where consolidation is desired. These
components work in concert to redirect and collect all audited events
throughout the environment. These components can reside on the same system.
All collected data are translated into an easy-to-understand format for
viewing and reporting.
Host-Based Intrusion
Detection
eTrust Audit has the capability to assign
patterns to events so that actions can be automatically triggered based on
the matched events. This gives administrators a first line of intrusion
detection defense and the ability to control damages that might be inflicted
by unauthorized user accesses. eTrust Audit also ships with pre-defined
rules so that the deployment of patterns can be performed swiftly and
customization can be done easily.
Scalability And
Cross-Platform Performance
eTrust Audit's store-and-forward
architecture allows it to scale to suit your environment . from a few
machines to several thousand. And, like other products in CA.s eTrust
security suite, eTrust Audit hurdles the operating system and application
server administration barrier to deliver a true cross-platform and
cross-layer security event management solution.
Open Design With SNMP Traps
And Submit API Function Calls
To support rapidly evolving technology,
eTrust Audit has an open design that can accept event data submitted by
other applications that are not natively supported by eTrust Audit.
Applications can send standardized SNMP trap information to the eTrust Audit
Router for future filtering and handling. Another option is the more
powerful Submit API function calls, which transmit more detailed and
customized information from the application to eTrust Audit. eTrust Audit
can easily adapt to your organizational needs for event management and alert
handling.
|
