ABC Monitoring Solution
|
|
- Jonathan Caldwell
- 5 years ago
- Views:
Transcription
1 ABC Monitoring Solution FRAFOS GmbH FRAFOS GmbH Bismarckstr Berlin Germany This document is copyright of FRAFOS GmbH. Duplication or propagation or extracts of the tenor is subjected to formal agreement of FRAFOS GmbH
2 1. Introduction The ABC Monitor provides administrators with an aggregated view of user activity based on usage reporting data collected from the ABC SBC/WebRTC gateways. This highly interactive, near real- time view can be used for trending, analysis of both short- term and long- term use patterns, troubleshooting, auditing server policies and identifying misconducting users. The reporting data comes from inside of the ABCs. This insider view allows the Monitor administrators to inspect SIP traffic encrypted on the way from and to the ABCs, correlate calls separated by topology hiding, and report internal ABC context such as traffic shaping decisions. 2. Network and Software Architecture The ABC Monitor is a centralized system for processing, analyzing and displaying SIP usage information. The central nature of the system offers consistent visibility to user behaviour regardless of network topology and to which of the monitored ABCs SIP users connect. That s particularly practical when the ABCs scale up and down in cloud deployments and change their roles in redundant active/standby systems, Loss= 13% ABC SBC ABC SBC ABC WebRTC ABC WebRTC Figure 1: ABC Monitor deployment scenario All ABC SBC/WebRTC instances deployed by a FRAFOS customer report multiple types of events to the ABC Monitor. The events describe in detail what is happening to particular formal agreement of FRAFOS GmbH 2
3 users. The events report on call setup and termination, QoS, authentication failures, completion of call recording, SIP registration, or even some custom- defined conditions. The Monitor collects these events and represents them graphically in several interactive dashboards. The dashboards display the history of events over time, summaries, and details of the respective events. Administrators typically analyze information presented in the dashboards by adding various event filters consecutively until they narrow done the events to those they are interested in. The ABC Monitor is based on the open source ELK solution consisting of: Logstash: Collect and process the log and event information received from the ABC SBC/WebRTC instances Elasticsearch: Enable near real- time search of the collected log and event information Kibana: Display the processed information and provide the user with various data search and processing options. 3. ABC Monitor Feature Description The ABC Monitor offers the administrator several dashboards that provide summaries for different aspects of SIP service operation. Administrators inspect these summaries and narrow down the observed events by adding new event filters. For example, they limit the events to a window of time with over- average traffic, then filter out events with IP address of the most intensive sender, and eventually inspect the sender s call- flows in detail. This usage pattern is shown in the following screenshots. In the first screenshot administrator inspects the Security Dashboard, finds out a time window in which remarkably many SIP messages are dropped, and zooms in his view to this period of time. Figure 2 Screenshot: Narrowing the Time Axis formal agreement of FRAFOS GmbH 3
4 In the next steps he finds out that a significant part of the offending traffic is coming from a single IP address and narrows down the filter to events reporting on that IP address. Figure 3: Screenshot: Adding Filters for the Most Often Recurring IP Address Eventually the administrator inspects the related traffic details in Call Flows. The following sub- sections describe specific features of the respective dashboards. 3.1 ABC Monitor Dashboards All of the dashboards have a similar structure like shown in Figure 4. The top part shows occurrence of different event types along time axis and filters that are currently being used. The mid- part shows comprehensible summaries: number of filtered events, break- down by event type, and type- specific summaries. The bottom part includes individual clickable events. Each of the dashboards is specialized on certain types of events. Overview Dashboard displays all events that have been collected by the ABC Monitor. In this dashboard as well as in all others, it is possible to filter the events by type, time and value of their respective fields. The remaining dashboards are specific for certain types of events and provide specific statistic information related to these. Calls Dashboard: Information about the call duration, number of call attempts, successful call establishments and call terminations. The call termination events include information about call- length, type of termination and QoS. A related Top Lists Dashboard provides a list of the most intense sources of both incomplete call attempts and completed calls. formal agreement of FRAFOS GmbH 4
5 Figure 4: Screenshot: Calls Dashboard Registrations Dashboard displays events related to registrations. Geographic information is associated with the events so that administrators can obtain insight into whereabouts of their SIP services users. Figure 5 Registration Dashboard Diagnostics Dashboard provides administrators with a troubleshooting vehicle that gathers formal agreement of FRAFOS GmbH 5
6 detailed information about the SIP traffic processed by the ABCs. That may particularly include captured SIP messages, audio call recordings, and custom alerts. The custom alerts are of great diagnostic value as they allow administrators to observe some specific traffic patterns they find suspicious in detail. For example they can choose to see reports on all calls from SIP users who are not registered. The calls meeting this conditions are then reported in the diagnostics dashboard, the administrator analyzes them and may decide if these are legitimate calls between legitimate peering non- registering PSTN gateways or some non- authenticated SIP service abuse. Security Dashboard analyzes situations when the some ABC instance identifies offending traffic, and chooses to repel it by shaping or entirely dropping it. Which packets to ignore and how the traffic limits are set are defined in the ABC rules. There are two types of events that are displayed in the dashboard when these conditions are reached: the limit event reports on traffic limit violations the drop event reports on SIP requests the ABC chose to ignore. A related Blacklisting Dashboard identifies often- repeating security events so that recidivist offenders may be found more easily. 3.2 Events Details and Filters The events in the bottom part of the dashboards show details of what is happening to a user at an instance of time. Each event includes a timestamp, specification of the event type, and identification of the sender that caused the event to be reported by both IP address and SIP URI. Each event type includes additional specific information: call- stop event bears a QoS report, a recording- completed event includes a reference to an audio WAV file, a message- log event comes with a link to a rendered call- flow. The call- end event example shown in Figure 6 describes who called whom, who terminated the call, length and JSON- formatted quality report for the call. An interesting fact about this example is it refers to details a WebRTC call. Such a call was encrypted using state- of- the art 256- bit- key cipher and its details are normally invisible for anyone snooping on the network. formal agreement of FRAFOS GmbH 6
7 While the events represent only essential changes in status of a SIP service user, they still come in quantity that makes finding a specific piece of information challenging. Therefore Monitor administrators can apply certain filters to narrow down the volume of traffic they study. These filters can refer to values of any fields present in the events. The event in the example was filtered out using criteria shown in Figure 7. Only events of call- end type within past six hours are shown, if the originator has the IP address and URI Organizer@conf.frafos.com. Figure 6 Call- end Event Type Example Figure 7Example of an Event Filter 3.3 ABC Monitor Call Sequences To provide the administrator with more detailed diagnostic options, the ABC solutions generate events of the type Message log. Any time a SIP dialog encounters the Log formal agreement of FRAFOS GmbH 7
8 received traffic action in the ABC- SBC rule- base, the dialog traffic begins to be captured, stored in a PCAP file and uploaded to the Monitor eventually. The PCAP file is rendered using a ladder chart which can be accessed through a link in message log events. An example of such a chart is shown in Figure 8. Figure 8 Example of a Call- Flow Ladder Chart formal agreement of FRAFOS GmbH 8
9 4. ABC Monitor Roadmap In order to further expand the capabilities of the ABC Monitor and provide faster efficient anomaly detection FRAFOS is working on the following features: Self- managing capabilities to the Console in order to identify unusual traffic patterns and such as o Traffic flooding (DoS?) o High- cost or lengthy calls (fraud?) o Multiple failed authentication attempts (dictionary attacks?) o Multiple failed transaction completion attempts (scanning?) o Aae bounced by administrator s policies (admin- defined threats) Additional alarming methods (SMS, Mail) Integration with central cluster management Auto- enforcement (alarm/blacklist) when suspicious sources (by IP/URI) exceed certain pre- defined limits. The next monitoring release version is expected Q2 16. formal agreement of FRAFOS GmbH 9
ABC SBC: Secure Peering. FRAFOS GmbH
ABC SBC: Secure Peering FRAFOS GmbH Introduction While an increasing number of operators have already replaced their SS7 based telecommunication core network with a SIP based solution, the interconnection
More informationABC SBC: Securing the Enterprise. FRAFOS GmbH. Bismarckstr CHIC offices Berlin. Germany.
ABC SBC: Securing the Enterprise FRAFOS GmbH Bismarckstr 10-12 CHIC offices 10625 Berlin Germany www.frafos.com Introduction A widely reported fraud scenarios is the case of a malicious user detecting
More informationPALLADION Feature Set
PALLADION Feature Set FEATURE SET Introduction: PALLADION makes the job of running SIP based network infrastructure much more straightforward, resulting in much more reliable and predictable SIP based
More informationFRAFOS ABC-SBC Generic SIP Trunk Integration Guide for ShoreTel 14.2
FRAFOS ABC-SBC Generic SIP Trunk Integration Guide for ShoreTel 14.2 FRAFOS GmbH FRAFOS GmbH Windscheidstr. 18 10627 Berlin Germany Email: info@frafos.com WWW: www.frafos.com 11.05.2015 IN # 15023 Table
More informationA10 HARMONY CONTROLLER
DATA SHEET A10 HARMONY CONTROLLER AGILE MANAGEMENT, AUTOMATION, ANALYTICS FOR MULTI-CLOUD ENVIRONMENTS PLATFORMS A10 Harmony Controller provides centralized agile management, automation and analytics for
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationHOW TO ANALYZE AND UNDERSTAND YOUR NETWORK
Handbook HOW TO ANALYZE AND UNDERSTAND YOUR NETWORK Part 3: Network Traffic Monitoring or Packet Analysis? by Pavel Minarik, Chief Technology Officer at Flowmon Networks www.flowmon.com In previous two
More informationInformation Security Policy
Information Security Policy Information Security is a top priority for Ardoq, and we also rely on the security policies and follow the best practices set forth by AWS. Procedures will continuously be updated
More informationPRODUCT BRIEF Cubro Vitrum Management Suite PRODUCT BRIEF. 1
PRODUCT BRIEF www.cubro.com 1 Introduction Cubro Vitrum is a server-based network management software. The visualisation of the software platform gives a better overview of the network and its traffic.the
More informationDigital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model
Digital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model 1. Description of Services. 1.1 SIP SBC with Field Trial Endpoint Deployment Verizon will assist
More informationThe Vectra App for Splunk. Table of Contents. Overview... 2 Getting started Setup... 4 Using the Vectra App for Splunk... 4
Table of Contents Overview... 2 Getting started... 3 Installation... 3 Setup... 4 Using the Vectra App for Splunk... 4 The Vectra Dashboard... 5 Hosts... 7 Detections... 8 Correlations... 9 Technical support...
More informationForeScout Extended Module for Carbon Black
ForeScout Extended Module for Carbon Black Version 1.0 Table of Contents About the Carbon Black Integration... 4 Advanced Threat Detection with the IOC Scanner Plugin... 4 Use Cases... 5 Carbon Black Agent
More informationTrisul Network Analytics - Traffic Analyzer
Trisul Network Analytics - Traffic Analyzer Using this information the Trisul Network Analytics Netfllow for ISP solution provides information to assist the following operation groups: Network Operations
More informationThe 11-point checklist for SMB Microsoft Azure Cloud users
The 11-point checklist for SMB Microsoft Azure Cloud users ONTENTS Back-up and Recovery Encryptions Auto-Scaling Syncing data Security and Compliance Cloud Inventory & Cost Tracking Scheduling Policies
More informationComodo cwatch Network Software Version 2.23
rat Comodo cwatch Network Software Version 2.23 Quick Start Guide Guide Version 2.23.021419 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 cwatch Network Quick Start Guide cwatch Network
More informationApplication Performance Troubleshooting
KNOW YOUR NETWORK DATA SHEET Application Performance Troubleshooting From Flows to Conversations Overview In order to guarantee the performance of business applications, enterprise IT organizations need
More informationRSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief
RSA Solution Brief The RSA Solution for VMware View: Managing Securing the the Lifecycle Virtual of Desktop Encryption Environment Keys with RSA Key Manager RSA Solution Brief 1 According to the Open Security
More informationBrochure. Dialogic BorderNet Session Border Controller Solutions
Dialogic BorderNet Session Border Controller Solutions Dialogic BorderNet Solutions Supercharge Connections between Networks, Services and Subscribers with Ease and Scale The BorderNet family of session
More informationMcAfee Web Gateway Administration
McAfee Web Gateway Administration Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction to the tasks crucial
More informationMcAfee Web Gateway Administration Intel Security Education Services Administration Course Training
McAfee Web Gateway Administration Intel Security Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction
More informationAccessEnforcer Version 4.0 Features List
AccessEnforcer Version 4.0 Features List AccessEnforcer UTM Firewall is the simple way to secure and manage your small business network. You can choose from six hardware models, each designed to protect
More informationDevice Management Basics
The following topics describe how to manage devices in the Firepower System: The Device Management Page, on page 1 Remote Management Configuration, on page 2 Adding Devices to the Firepower Management
More informationOverview of Cisco Prime Collaboration Assurance
Overview of Cisco Prime Collaboration Assurance Cisco Prime Collaboration is a comprehensive video and voice service assurance and management system with a set of monitoring, troubleshooting, and reporting
More informationA Real-world Demonstration of NetSocket Cloud Experience Manager for Microsoft Lync
A Real-world Demonstration of NetSocket Cloud Experience Manager for Microsoft Lync Introduction Microsoft Lync connects people everywhere as part of their everyday productivity experience. When issues
More informationDevice Management Basics
The following topics describe how to manage devices in the Firepower System: The Device Management Page, on page 1 Remote Management Configuration, on page 2 Add Devices to the Firepower Management Center,
More informationNetwork Performance Analysis System. White Paper
Network Performance Analysis System White Paper Copyright Copyright 2018 Colasoft. All rights reserved. Information in this document is subject to change without notice. No part of this document may be
More informationVirtualized Network Services SDN solution for enterprises
Virtualized Network Services SDN solution for enterprises Nuage Networks Virtualized Network Services (VNS) is a fresh approach to business networking that seamlessly links your enterprise s locations
More informationORACLE ENTERPRISE COMMUNICATIONS BROKER
ORACLE ENTERPRISE COMMUNICATIONS BROKER A CORE COMMUNICATIONS CONTROLLER KEY FEATURES Centralized dial plan management Centralized session routing and forking Multivendor UC protocol normalization SIP
More informationAdministrator Guide. Find out how to set up and use MyKerio to centralize and unify your Kerio software administration.
Administrator Guide Find out how to set up and use MyKerio to centralize and unify your Kerio software administration. The information and content in this document is provided for informational purposes
More informationrat Comodo EDR Software Version 1.7 Administrator Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013
rat Comodo EDR Software Version 1.7 Administrator Guide Guide Version 1.1.120318 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to Comodo EDR...3 1.1 Purchase
More informationNetwrix Auditor for SQL Server
Netwrix Auditor for SQL Server Quick-Start Guide Version: 9.5 10/25/2017 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment from
More information10 Ways. Cisco Meraki Switches Make Life Easier
10 Ways Cisco Meraki Switches Make Life Easier 10 Ways Cisco Meraki Switches Make Life Easier 1. Preconfigure switches for zero-touch deployment 2. Manage all switch ports from a single pane of glass 3.
More informationRequest for Proposal (RFP) for Supply and Implementation of Firewall for Internet Access (RFP Ref )
Appendix 1 1st Tier Firewall The Solution shall be rack-mountable into standard 19-inch (482.6-mm) EIA rack. The firewall shall minimally support the following technologies and features: (a) Stateful inspection;
More informationHardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012
Hardening the Education IT Environment with NGFW Narongveth Yutithammanurak Business Development Manager 23 Feb 2012 Technology Trends Security Performance Bandwidth Efficiency Manageability Page 2 What
More informationSecurity for SIP-based VoIP Communications Solutions
Tomorrow Starts Today Security for SIP-based VoIP Communications Solutions Enterprises and small to medium-sized businesses (SMBs) are exposed to potentially debilitating cyber attacks and exploitation
More informationOracle Adaptive Risk Manager Online Dashboard and Reporting Guide
Oracle Adaptive Risk Manager Online Dashboard and Reporting Guide 10g Release (10.1.4.2.0) September 2007 Oracle Adaptive Risk Manager Online Dashboard and Reporting Guide, 10g Release (10.1.4.2.0) Copyright
More informationHuawei Agile Controller. Agile Controller 1
Huawei Agile Controller Agile Controller 1 Agile Controller 1 Product Overview Agile Controller is the latest user- and application-based network resource auto control system offered by Huawei. Following
More informationsipmon DATASHEET sipmon datasheet contains comprehensive list of features and their detailed description.
sipmon DATASHEET sipmon datasheet contains comprehensive list of features and their detailed description. PRICELESS VISIBILITY OF CLIENTS` NETWORK Warning you before your customers do. sipmon sipmon is
More informationConnection Logging. Introduction to Connection Logging
The following topics describe how to configure the Firepower System to log connections made by hosts on your monitored network: Introduction to, page 1 Strategies, page 2 Logging Decryptable Connections
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, on page 1 Service Subscriptions for Firepower Features, on page 2 Smart Licensing for the Firepower System,
More informationADVANCED, UNKNOWN MALWARE IN THE HEART OF EUROPE
ADVANCED, UNKNOWN MALWARE IN THE HEART OF EUROPE AGENDA Network Traffic Analysis: What, Why, Results Malware in the Heart of Europe Bonus Round 2 WHAT: NETWORK TRAFFIC ANALYSIS = Statistical analysis,
More informationConnection Logging. About Connection Logging
The following topics describe how to configure the Firepower System to log connections made by hosts on your monitored network: About, page 1 Strategies, page 2 Logging Decryptable Connections with SSL
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationXG Firewall. What s New in v17. Setup, Control Center and Navigation. Initial Setup Wizard. Synchronized App Control Widget.
XG Firewall What s New in v17 Setup, Control Center and Navigation Initial Setup Wizard Introduced in a Maintenance Release, a new initial setup wizard enables quick and easy out-of-the-box setup. In addition
More informationData Privacy and Protection GDPR Compliance for Databases
Data Privacy and Protection GDPR Compliance for Databases Walo Weber, Senior Sales Engineer September, 2016 Agenda GDPR: who, what, why, when Requirements for databases Discovery Classification Masking
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationHPE Intelligent Management Center
HPE Intelligent Management Center EAD Security Policy Administrator Guide Abstract This guide contains comprehensive information for network administrators, engineers, and operators working with the TAM
More informationCloud Edge 3.8 Deployment Guide
Cloud Edge 3.8 Deployment Guide Trend Micro Incorporated reserves the right to make changes to this document and to the product described herein without notice. Before installing and using the product,
More informationCisco Webex Cloud Connected Audio
White Paper Cisco Webex Cloud Connected Audio Take full advantage of your existing IP telephony infrastructure to help enable a Webex integrated conferencing experience Introduction Cisco Webex Cloud Connected
More informationVirtualized Network Services SDN solution for service providers
Virtualized Network Services SDN solution for service providers Nuage Networks Virtualized Network Services (VNS) is a fresh approach to business networking that seamlessly links your enterprise customers
More informationAbstract. Avaya Solution & Interoperability Test Lab
Avaya Solution & Interoperability Test Lab Application Notes for Configuring Sipera Systems UC-Sec Secure Access Proxy with Avaya Aura Session Manager and Avaya Aura Communication Manager to Support Core
More informationSeqrite Unified Threat Management
Seqrite Unified Threat Management 2.1 Release Notes July 2, 2018 Seqrite Unified Threat Management www.seqrite.com Copyright Information Copyright 2018 Quick Heal Technologies Ltd. All Rights Reserved.
More informationContainers Infrastructure for Advanced Management. Federico Simoncelli Associate Manager, Red Hat October 2016
Containers Infrastructure for Advanced Management Federico Simoncelli Associate Manager, Red Hat October 2016 About Me Kubernetes Decoupling problems to hand out to different teams Layer of abstraction
More informationIngate Firewall & SIParator Product Training. SIP Trunking Focused
Ingate Firewall & SIParator Product Training SIP Trunking Focused Common SIP Applications SIP Trunking Remote Desktop Ingate Product Training Common SIP Applications SIP Trunking A SIP Trunk is a concurrent
More informationComodo Dome Shield - Admin Guide
rat Comodo Dome Shield Software Version 1.16 Administrator Guide Guide Version 1.16.062718 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to Comodo Dome
More informationMcAfee Advanced Threat Defense
Advanced Threat Defense Detect advanced malware Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike
More informationSIP and VoIP What is SIP? What s a Control Channel? History of Signaling Channels
Network Security - ISA 656 Voice Over IP (VoIP) Security Simple SIP ing Alice s Bob Session Initiation Protocol Control channel for Voice over IP (Other control channel protocols exist, notably H.323 and
More informationPass4sure q. Cisco Securing Cisco Networks with Sourcefire IPS
Pass4sure.500-285.42q Number: 500-285 Passing Score: 800 Time Limit: 120 min File Version: 6.1 Cisco 500-285 Securing Cisco Networks with Sourcefire IPS I'm quite happy to announce that I passed 500-285
More informationOracle Communications Operations Monitor
Oracle Communications Operations Monitor Monitor and Troubleshoot Your IP Communications Network O R A C L E S O L U T I O N B R I E F M A Y 2 0 1 7 Introduction Oracle Communications Operations Monitor
More informationOracle Database Firewall
Oracle Database Firewall Security Management Guide Release 5.0 E18696-06 September 2011 Oracle Database Firewall Security Management Guide, Release 5.0 E18696-06 Copyright 2003, 2011, Oracle and/or its
More informationBasic Concepts in Intrusion Detection
Technology Technical Information Services Security Engineering Roma, L Università Roma Tor Vergata, 23 Aprile 2007 Basic Concepts in Intrusion Detection JOVAN GOLIĆ Outline 2 Introduction Classification
More informationTechnology Overview. Overview CHAPTER
CHAPTER 2 Revised: July 29, 2013, This overview of AVC technology includes the following topics: Overview, page 2-1 AVC Features and Capabilities, page 2-2 AVC Architecture, page 2-4 Interoperability of
More informationCampus Network Design. 2003, Cisco Systems, Inc. All rights reserved. 2-1
Campus Network Design 2003, Cisco Systems, Inc. All rights reserved. 2-1 Design Objective Business Requirement Why do you want to build a network? Too often people build networks based on technological,
More informationIntegrate Fortinet Firewall. EventTracker v8.x and above
EventTracker v8.x and above Publication Date: October 31, 2017 Abstract This guide provides instructions to configure Fortinet Firewall to send crucial events to EventTracker Enterprise by means of syslog.
More informationRunning Reports CHAPTER
CHAPTER 14 WCS reporting is necessary to monitor the system and network health as well as troubleshoot problems. A number of reports can be generated to run on an immediate and scheduled basis. Each report
More informationNEMO 3.0 Product Description NetAxis Solutions
NEMO 3.0 Product Description NetAxis Solutions Page i of 18 NEMO 3.0 Product Description NetAxis Solutions Release Version 3.0 Copyright 2017-2018 NetAxis Solutions Page ii of 18 NEMO 3.0 Product Description
More informationOverview SENTINET 3.1
Overview SENTINET 3.1 Overview 1 Contents Introduction... 2 Customer Benefits... 3 Development and Test... 3 Production and Operations... 4 Architecture... 5 Technology Stack... 7 Features Summary... 7
More informationProduct Guide Revision B. McAfee Cloud Workload Security 5.0.0
Product Guide Revision B McAfee Cloud Workload Security 5.0.0 COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator, McAfee
More informationMcAfee Security Management Center
Data Sheet McAfee Security Management Center Unified management for next-generation devices Key advantages: Single pane of glass across the management lifecycle for McAfee next generation devices. Scalability
More informationCampus Network Design
Modular Network Design Campus Network Design Modules are analogous to building blocks of different shapes and sizes; when creating a building, each block has different functions Designing one of these
More informationMonitoring and Troubleshooting
CHAPTER 22 The Monitor tab on the Cisco Identity Services Engine (ISE) home page, also known as the dashboard, provides integrated monitoring, reporting, alerting, and troubleshooting, all from one centralized
More informationGDPR Draft: Data Access Control and Password Policy
wea.org.uk GDPR Draft: Data Access Control and Password Policy Version Number Date of Issue Department Owner 1.2 21/01/2018 ICT Mark Latham-Hall Version 1.2 last updated 27/04/2018 Page 1 Contents GDPR
More informationTrend Micro Incorporated reserves the right to make changes to this document and to the product described herein without notice. Before installing and using the product, review the readme files, release
More informationMcAfee Network Security Platform Administration Course
McAfee Network Security Platform Administration Course Education Services administration course The McAfee Network Security Platform Administration course from McAfee Education Services is an essential
More informationComodo cwatch Network Software Version 2.23
rat Comodo cwatch Network Software Version 2.23 Administrator Guide Guide Version 2.23.060618 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to Comodo cwatch
More informationThis course incorporates a variety of hands-on lab exercises allowing participants to put the lesson content into action.
Trend Micro Trend Micro Deep Discovery Training for Certified Professionals Course ID: TMCPDD Course Overview Course Duration: 3 Days Trend Micro Deep Discovery Training for Certified Professionals is
More informationForeScout Extended Module for MobileIron
Version 1.8 Table of Contents About MobileIron Integration... 4 Additional MobileIron Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationConfiguring and Managing WAAS Legacy Print Services
13 CHAPTER Configuring and Managing WAAS Legacy Print Services This chapter describes how to configure and manage the WAAS legacy print services feature that allows WAEs to function as print servers in
More informationFIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?
WHAT IS FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT? While firewalls started life simply protecting networks from outside hacks and attacks, the role of the firewall has greatly evolved to take
More informationIndustrial network management suite for installation, operation, maintenance, and diagnostics. MXview Industrial Network Management Software
MXstudio Industrial network management suite for installation, operation, maintenance, and diagnostics An all-in-one toolset for installation, operation, maintenance, and diagnostics stages of the network
More informationRiverbed Xirrus Cloud Processes and Data Privacy June 19, 2018
Riverbed Xirrus Cloud Processes and Data Privacy June 19, 2018 PURPOSE OF THIS DOCUMENT... 2 DATA CENTER PROCESSES... 2 Physical and Environmental Security... 2 Resiliency and Redundancy... 2 Network Security...
More informationSecurity Assessment Checklist
Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment
More informationReporting User's Guide
Reporting User's Guide Reporting User's Guide The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Documentation
More informationDevice Management Basics
The following topics describe how to manage devices in the Firepower System: The Device Management Page, page 1 Remote Management Configuration, page 2 Adding Devices to the Firepower Management Center,
More informationFlowmon Application for QRadar User Guide
Flowmon Application for QRadar User Guide Version 01.00.00 Flowmon Application for QRadar is an extension connecting IBM QRadar with events from Flowmon ADS Solution. Flowmon Application was build with
More informationEFFECTIVE INTRUSION DETECTION AND REDUCING SECURITY RISKS IN VIRTUAL NETWORKS (EDSV)
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 8, August 2014,
More informationIdentity-Based Cyber Defense. March 2017
Identity-Based Cyber Defense March 2017 Attackers Continue to Have Success Current security products are necessary but not sufficient Assumption is you are or will be breached Focus on monitoring, detecting
More informationClientVantage Agentless What s New in Release 11.1
ClientVantage Agentless What s New in Release 11.1 Release goals: Extend Vantage support for application and network monitoring. Content: Cisco NAM as the measurement data source for VAS... 1 End-User
More informationCCNP Switch Questions/Answers Securing Campus Infrastructure
What statement is true about a local SPAN configuration? A. A port can act as the destination port for all SPAN sessions configured on the switch. B. A port can be configured to act as a source and destination
More informationProCurve Network Immunity
ProCurve Network Immunity Hans-Jörg Elias Key Account Manager hans-joerg.elias@hp.com 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
More informationDetecting Specific Threats
The following topics explain how to use preprocessors in a network analysis policy to detect specific threats: Introduction to Specific Threat Detection, page 1 Back Orifice Detection, page 1 Portscan
More informationNetwork Performance Analysis System. User Guide
Network Performance Analysis System User Guide Copyrig ht Copyright 2018 Colasoft. All rights reserved. Information in this document is subject to change without notice. No part of this document may be
More informationVMware AirWatch Google Sync Integration Guide Securing Your Infrastructure
VMware AirWatch Google Sync Integration Guide Securing Your Email Infrastructure AirWatch v9.2 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.
More informationWHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief
WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION A Novetta Cyber Analytics Brief Why SIEMs with advanced network-traffic analytics is a powerful combination. INTRODUCTION Novetta
More informationViewing Capture ATP Status
Capture ATP Viewing Capture ATP Status Configuring Capture ATP Viewing Capture ATP Status Capture ATP > Status About the Chart About the Log Table Uploading a File for Analysis Viewing Threat Reports Capture
More informationForescout. eyeextend for Carbon Black. Configuration Guide. Version 1.1
Forescout Version 1.1 Contact Information Forescout Technologies, Inc. 190 West Tasman Drive San Jose, CA 95134 USA https://www.forescout.com/support/ Toll-Free (US): 1.866.377.8771 Tel (Intl): 1.408.213.3191
More informationBIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0
BIG-IP Access Policy Manager : Secure Web Gateway Version 13.0 Table of Contents Table of Contents BIG-IP APM Secure Web Gateway Overview...9 About APM Secure Web Gateway... 9 About APM benefits for web
More informationBusiness Decision Series
Business Decision Series Cisco Catalyst 2960X, 2960XR, 3650 & 3850 Test Results and s September 2018 2018 Miercom and/or its affiliates. All rights reserved. Making Business Dollars and Sense It s the
More informationApplication Note 3Com VCX Connect with SIP Trunking - Configuration Guide
Application Note 3Com VCX Connect with SIP Trunking - Configuration Guide 28 May 2009 3Com VCX Connect Solution SIP Trunking Table of Contents 1 3COM VCX CONNECT AND INGATE... 1 1.1 SIP TRUNKING SUPPORT...
More informationComprehensive Citrix HDX visibility powered by NetScaler Management and Analytics System
Solution Brief HDX Insight powered by Citrix Comprehensive Citrix HDX visibility powered by NetScaler Management and Analytics System HDX Insight is the only tool in the market that provides endto-end
More information