En
En
Products
SearchInform DLP
SearchInform Risk Monitor
SearchInform ProfileCenter
SearchInform FileAuditor
Data protection and classification
Access rights audit
User activity audit, investigation
Compliance
Use case: access control and change management
Use case: user behavior and insider detection
Use case: eDiscovery
Use case: file cleanup
SearchInform SIEM
TimeInformer
Cloud solutions
Third-party integration
Services
Services
SearchInform for MSSP
How to max out SearchInform services
Compliance
Saudi Arabian Monetary Authority
GDPR compliance with SearchInform
Personal Data Protection Bill
Resources
White Papers
Research
How to
Practices and use cases
Videos
Partners
Become a Partner
Partner login
Contact us
Products
SearchInform DLP
SearchInform Risk Monitor
SearchInform ProfileCenter
SearchInform FileAuditor
SearchInform SIEM
TimeInformer
Cloud solutions
Third-party integration
Services
Services
SearchInform for MSSP
How to max out SearchInform services
Compliance
Saudi Arabian Monetary Authority
GDPR compliance with SearchInform
Personal Data Protection Bill
Resources
White Papers
Research
How to
Practices and use cases
Videos
Partners
Become a Partner
Partner login
Contact Us
Book a return call
HomeProduct NewsNew Connectors in SearchInform Event Manager
BACK TO BLOG LIST
New Connectors in SearchInform Event Manager
05.10.2017

SearchInform Event Manager was enhanced with new sources of events and policies for connected external devices, Oracle servers, virtualization environments, Cisco network devices and FortiGate complex network security equipment.

Preset policies for connected devices include:

  • Copying to removable device
  • Operations with executables on devices
  • File execution from removable device
  • Copying too many files/much data to removable device

The Oracle connector provides for reading tables of databases and logs of Oracle server according to the following rules:

  • Failed/successful logins attempts
  • User or role creation/removal
  • User locked/unlocked
  • User password changed
  • Listener log

Preset policies for virtualization environment include:

  • VMview logon/logout events
  • VMware logon/logout events
  • Invalid passwords
  • Failed logons attempts
  • User group/role creation
  • User password changed
  • User creation/removal, etc.

A set of rules for Cisco network equipment include:

  • Console logon events
  • Built-in user account logon
  • Logon with elevated rights
  • System errors
  • Power supply errors
  • Cooling system failure
  • DHCP errors
  • Routing errors, etc.

The FortiGate connector provides for the collection of events of complex network security solutions, including events of logs Anomaly, App, AV, DLP, Email, Event and other.

The list of connectors and rules are constantly expanding. In the first half year of 2018, SearchInform Event Manager will be enhanced with new event sources, for example, Checkweighers, detectors of threats and intrusions, web servers, PUM platforms to control accounts with privileges. It is also planned to extend the list of supported firewalls, antiviruses and email servers. In the nearest future, 15 new connectors and over 100 new rules in total will be added to SIEM. They will be ready for use immediately after the system installation.

BACK TO BLOG LIST
Also read:
SearchInform Risk Monitor Updates: new User Interface and Enhanced Transparent Control Capabilities
Employee monitoring Risk management
15.04 Products News
Access Management to Files in SearchInform FileAuditor was Simplified for Rapid Incident Response
Internal audit DCAP
21.03 Products News
Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.
Products and Services
FileAuditor
DLP
Risk Monitor
ProfileCenter
SIEM
MSSP
Cloud Deployment
Company
Contact
About Our Company
Company Portfolio
Our Clients
Press About Us
Press Kit
Resources
White Papers
Third-party integration
Research
Practices and use cases
Videos
News
Company News
Product News
Events
Blog
Challenges
Compliance
Data Loss Prevention
Investigation
Data at Rest Discovery
Data Encryption
Data Visibility
Data Classification and Protection
Data at Rest Discovery
Time Tracking and Employee
Monitoring
Corporate Fraud Mitigation
Roles
C-level executive
Risk manager
Internal audit officer
Compliance manager
Information security analyst
Chief Human Resources Officer
Industries
Business Services
Education
Financial Services
Government
Insurance
Manufacturing
Healthcare
Retail
Energy
Hospitality
Construction
Partners
Become a partner
Partner login
SearchInform products are recognized by
Gartner The Radicati Group
Follow us:
© 2024 SearchInform LTD All rights reserved.
Terms of Use
Licence
Privacy&Cookies