商品明細

SolarWinds Security Event Manager 事件管理

商品簡述

Security Event Manager使用安全信息和事件管理解決方案改善您的安全狀況並快速證明合規性

立即詢價

商品介紹

本產品出貨為最新版本。

如需購買或了解內容請來電(2749-1909)或來信(sales@ahasoft.com.tw)業務部

___________________________________________________________________

目前Apache Log4j事件CVE-2021-44228 ，SolarWinds Orion受影響的模組為SAM與DPA。
UPDATE December 13, 2021: NOTE: This security vulnerability only affects Server & Application Monitor (SAM) and Database Performance Analyzer (DPA) and does not affect any other SolarWinds or N-able (formerly SolarWinds MSP) products.

有關Apache Log4j事件，詳見https://www.ahasoft.com.tw/page/news/show.aspx?num=1063&page=1&kind=8&lang=TW

Security Event Manager

Improve your security posture and quickly demonstrate compliance with a lightweight, ready-to-use, and affordable security information and event management solution.

Centralized log collection and normalization
Automated threat detection and response
Integrated compliance reporting tools
Intuitive dashboard and user interface
Built-in file integrity monitoring
Simple and affordable licensing

Advanced pfSense Firewall Log Analyzer
Help improve security, monitoring, and troubleshooting with insightful pfSense reporting and analysis.

APT Security Software for Advanced Persistent Threat Defense
Easy-to-use APT software detects threats across environments for defense-in-depth security.

Audit Logon Events
Keep track of logon and logoff events with a centralized logon audit events monitor.

Automate Compliance Risk Management
Get improved compliance risk management with active compliance verification and continuous risk monitoring.

Automate SIEM Log Aggregation, Analysis, and Reporting
Get real-time actionable insights from unified and correlated SIEM logs to detect and handle security risks.

Azure AD Log Analytics and Monitoring
Audit logs on Azure AD to optimize security efforts.

Botnet Detection Tool Designed to Help Monitor for Bot Attacks and Threats
Strengthen real-time situational awareness and advanced botnet detection capabilities.

Centralized Log Management
Choose centralized log management to achieve streamlined, in-depth control.

Compliance Management Software Helps Demonstrate IT Compliance
Help simplify IT compliance management with automated monitoring and reporting of compliance policy violations.

SEM VM hardware requirements

See Allocate CPU and memory resources to the SEM VM in the SEM Administrator Guide for information about how to manage LEM system resources.

Hardware on the VM host	Small	Medium	Large
CPU	2 – 4 core processors at 2.0 GHz	6 – 10 core processors at 2.0 GHz	10 – 16 core processors at 2.0 GHz
CPU	If you will be storing original log messages in addition to normalized log messages, increase the CPU and memory resource requirements by 50%.
Memory	8 GB RAM	16 GB – 48 GB RAM	48 GB – 256 GB RAM
Hard drive storage	250GB, 15k hard drives (RAID 1/mirrored settings)	500GB, 15K hard drives (RAID 1/mirrored settings)	1TB, 15k hard drives (RAID 1/mirrored settings)
Hard drive storage	Installing SEM in a SAN is preferred. High-speed hard drives (such as SSD drives) are required for high-end deployments. Large deployments may require 1 to 2TB of storage, which you can reserve on VMware ESX(i) 5+ (and later) and Microsoft Hyper-V 2012 R2 or 2016.
Input/output operations per second (IOPS)	40 – 200 IOPS	200 – 400 IOPS	400 or more IOPS
NIC	1 GBE NIC	1 GBE NIC	1 GBE NIC

SEM software requirements

Learn about Microsoft Azure requirements here, and Amazon Web Services requirements here.

Software

Requirements

Hypervisor (required on the VM host)

One of the following:

VMware vSphere ESX 5.0 or ESXi 5.0 and later
Microsoft Hyper-V Server 2016 or 2012 R2

Web browser (required on a remote computer to run the web console)

Current and later versions of the following:

Google^® Chrome™ 71.0.3578
Microsoft Edge 44
Mozilla Firefox^® 64

Adobe Flash (browser plug-in required on a remote computer to run the web console)

Adobe Flash Player 15

SEM agent hardware and software requirements

Hardware and Software	Requirements
Operation System (OS)	The SEM agent is compatible with the following operating systems: HPUX on Itanium IBM AIX 7.1 TL3, 7.2 TL1 and later Linux macOS Mojave, Sierra, High Sierra Oracle^® Solaris 10 and later Windows (10, 8, 7, Vista) Windows Server (2019, 2016, 2012, 2008)
The requirements specified below are minimum requirements. Depending on your deployment, you may need additional resources to support increased log-traffic volume and data retention.
Memory	512 MB RAM
Hard Drive Space	1 GB
Other requirements	Administrative access to the device hosting the SEM Agent. The SEM agent for Mac OS X requires Java Runtime Environment (JRE) 8 or later.

SEM reports application hardware and software requirements

Hardware and Software

Requirements

Operation System (OS)

The SEM reports application is Windows only. The following Windows versions are supported:

Windows 10 and later
Windows Server 2016 and 2012

Memory

512 MB RAM minimum.

SolarWinds recommends using a computer with 1 GB of RAM or more for optimal reports performance.

Other requirements

Install the SEM reports application on a system that runs overnight. This is important because the daily and weekly start time for these reports is 1:00 AM and 3:00 AM, respectively.

Ensure the Reports Console version matches your version of the SEM appliance. Incompatible versions may result in installation or login failures.

See the following articles in the Customer Success Center for troubleshooting tips:

Troubleshoot the SEM reports application
LEM 6.4 reports won't install correctly
Error with Sophos Enterprise Console

SolarWinds Security Event Manager Overview

Creating Correlation Rules with Security Event Manager