ManageEngine announced the general availability of new features to its enterprise security log analytics portfolio. EventLog Analyzer, the security information and event management (SIEM) software, now offers complete user audit trails as well as the real-time event correlation and ISO 27001 reporting previously available in beta.
Firewall Analyzer, the firewall security management software, now provides PCI DSS, NERC-CIP, NIST, ISO 27001 and SANS compliance reports out of the box. ManageEngine will release the new versions of EventLog Analyzer and Firewall Analyzer at Infosecurity Europe 2014.
ManageEngine delivers the following SIEM functionalities:
- Real-time alerting based on event correlation – EventLog Analyzer not only collects log data from thousands of servers, it also applies rules to secure the servers by correlating the log data in real time and helps notify you when it spots something suspicious. The product comes bundled with 50 correlation rules that cover user logins, file integrity, user creation, group policies, and unintended software installation. The real-time alerting feature works with Windows and Linux servers and select networking devices.
- User session tracking – If a hacker does make it to one of your machines, the user audit trail feature provides a complete audit of what the hacker did — from login to logout. This new feature gives a complete, stroke-by-stroke trail of everything the hacker did. The coverage includes any activity that leaves a trace in the log such as opening a browser, deleting a file or running a script.
- ISO 27001:2013 compliance reporting – Out-of-the-box compliance reports help companies get certified with the latest ISO 27001:2013 ISMS standards. Compliance reports are systematically prepared and formatted and can be generated in minutes to meet the requirements of the ISO 27001:2013 standards.
- Remote desktop connection reports – Enterprises using the Microsoft Terminal Server Gateway to provide VPN-like remote desktop access to their employees can now collect logs and report on security events over the remote desktop connection.
EventLog Analyzer 9.0 and Firewall Analyzer 8.1 are available immediately. EventLog Analyzer prices start at $795, and a fully functional, 30-day trial version is available for download. Firewall Analyzer prices start at $395, and a fully functional, 30-day trial version is also available for download.