Solutions:

Log Management

Security Information

Compliance

 

Products:

Log Center

Security Center

Enterprise

Event Manager

SMC

IDS Policy Manager

 

Resources:

Product Flyers

Manuals/Quick Starts

Case Studies/User Stories

White Papers

Screen Shots

Video Tips

Downloads

Activeworx Enterprise offers log management and security information management in a single unified, integrated solution. Leverage the power and speed of raw, flat file collection and storage to reduce reliance on traditional relational database structure to only events of interest. Apply forensic and correlation features to historical data for compliance and management requirements.

Activeworx Log Management Features:

Raw Audit Logging

Raw Audit Logging and Log Management of all events generated by virtually any computer or device connected to your network.

Dynamic Querying

Create dynamic schemas based on customized rules to perform complex queries with functionality such as lists, groups, sorts, and "most frequent”, among others.

Speed for Any Environment

Activeworx Log Center™ has been tested and is capable of logging over 50,000 EPS sustained logging directly to flat files with full indexing and search capabilities.

Flexible Platform

Activeworx offers three flavors of appliance options, thereby enabling connectivity with every deployment configuration. Activeworx Log Center™ is based on the Activeworx™ platform and can be readily integrated with the Activeworx Enterprise, thus adding powerful forensic capabilities to an incredibly robust logging system.

Comprehensive Reporting

A built-in report center provides users with incident-based and compliance-based intelligence and reports.

Powerful Correlation

Correlation based alerting methodologies enable Activeworx Log Center™ to reach through Syslog and e-mail protocols, thus reaching the appropriate personnel to manage the potential breach(es) in a time-sensitive manner.

Detailed Alerting

Knowing when an event has occurred is imperative to security administrators. ALC provides rules-based alerting through several standardized protocols, such as e-mail and Syslog.

Intensive Visualization

Interactive graphing and diagramming demonstrate the event-to-network relationship from a historical perspective. Upon display, events may be seen in multiple formats with variable graphing and customized reporting views. Enhanced security and log management control enables users and operators to maintain a consistent, more in-depth picture of the corporate network and the events impacting it

Activeworx Security Information Management Features:

Centralize Events

ASC provides powerful rules-based collection that enables you to collect, normalize and import events into local and centralized databases. Activeworx supports both MySQL and Microsoft SQL. The collector handles events through many standardized protocols from virtually any source.

Enterprise Class Reporting

Reporting is one of the most powerful features of Activeworx. Its enterprise class reporting engine handles reporting on millions of events. ASC generates clean looking graphical reports for management and detailed reports for analysts.

Detailed Alerting

Knowing when an event has occurred is imperative to security administrators. ASC provides simple rules-based alerting and complex alerting through several standardized protocols, such as email and Syslog.

Event Relationship Diagrams

Activeworx has a powerful diagram engine that displays events and their relationships. Once these events are displayed, they can be replayed in the order in which they occurred, events can be color coded color to highlight different characteristics, can perform different types of auto layouts to change the way in which the events are being displayed, or an administrator can drill down into the events to gather more details.

Strong Forensic Tools

Activeworx enables you to easily drill down into event data providing vital details to help you investigate threats and attacks. It also provides flexible modes of viewing and displaying information to fully understand the actions the attacker took.

Flexible Dashboards

Activeworx provides a complete user customizable dashboard system to show information of interest in over 100 different dashboard panels in different visualization formats. Information can be displayed as lists, graphs, diagrams and geographical maps. Dashboard panels are fully customizable by the individual user to display exactly what is of interest.

Integration with Snort

Snort is the most widely used intrusion detection system today. Activeworx integrates tightly with the Snort Event Database to provide high valued information from your existing Snort installations.