The CorreLog Server is a web-based solution that leverages browser technology to present an easy-to-use , multi-platform interface that stresses point-and-click simplicity for the harried network administrator. Designed fromthe outset as a product that supports regulatory compliance objectives, as well as security posturing, CorreLog Server is chock full of features and reporting capabilities.
The product can be installed under two distinct scenarios, where it operates as either as a "Small Business Server" or as an "Enterprise Server." The "Small Business Server" configuration was chosen for testing because it features the capabilities of the Enterprise Server, but without the high-end hardware and processing requirements associated with the Enterprise Server implementation.
That said, the Small Business Server configuration proves to work fine under virtualized environment, using a virtual PC as a host.
Integration and setup aside, the real meat and potatoes of CorreLog Server is the information it can provide to a network manager - which is key when it comes to a security information and event management product. Here, CorreLog Server offers several reporting capabilities and, interestingly, integration into Microsoft Excel, which gives analysts some flexibility when analyzing specific events.
In short, CorreLog server offers a lot of bang for the buck and proves easy to install and use. Excellent documentation and very good support highlight some of the advantages offered by the product , while reporting flexibility paired with Excel integration make it a valuable ally for the harried compliance officer.
◎ CorreLog 的成效
-即時事件關連
CorreLog使用線索、警報、觸發器和行動將提供大量的日誌訊息產生意義。而相關性讓您採取迅速、果斷的行動來保護您的環境。
-中文操作介面
CorreLog支援中文的訊息內容與操作介面。
-高速建立索引
進行類似 Google 的搜尋方式,產生快速,準確的查詢,而不用依賴任何資料庫。
-IT 搜尋
能夠搜索和分析由您的IT基礎設施產生的所有數據,並執行日誌資料的調查研究。
-具備檔案完整性監控
可監控檔案被更改、刪除或是在監控目錄下有新檔案產生等異動。
-提供DB monitor功能
可收集存放在資料庫上的資料表日誌,將該日誌收集到Log server中。
-IBM 大型主機代理程式
能收集發生在 IBM 大型主機和資安軟體 RACF、CA-ACF2、CA=Top Secret 的日誌事件。
-彈性產生報表
可自行定義並透過電子郵件,RSS,提供相關的細節給指定的群組或個人。
其他相關資訊
http://www.infosource.com.tw/