Audit

Collect Audit Information From Various Event Logs

As corporate computer networks expand to include more machines and applications, managing security-related events becomes an increasingly complex task. While native operating systems provide auditing tools, they often are not adequately designed to provide needed event handling capabilities due to lack of intuitive user interfaces, limited functionality, hard to decipher event messages, and weak common messaging format. Organizations need a solution that clearly communicates relevant data to security and systems managers, enabling rapid assessment and response. Audit Central provides the needed functionality and connectivity among different systems and enables administrators to perform their work more efficiently at lower cost.

A Clear, Concise View Of Security Related Data

Audit Central gives security and systems management teams the unique ability to collect information from various event data sources into a single database. It eliminates unnecessary guesswork by translating all collected information to a common, intuitive format . regardless of the event's source.

With Policy Manager, Audit Central performs centralized security policy management functions, defines the organization security policy, and performs remote distribution of host-based Intrusion Detection rules to the client, enabling administrators to identify and be alerted to suspicious events through a user-friendly management program.

Innovative Design

Audit Central installs a Recording and Routing Agent on each targeted system or application host, as well as a Server Collector at the point where consolidation is desired. These components work in concert to redirect and collect all audited events throughout the environment. These components can reside on the same system. All collected data are translated into an easy-to-understand format for viewing and reporting.

Host-Based Intrusion Detection

Audit Central has the capability to assign patterns to events so that actions can be automatically triggered based on the matched events. This gives administrators a first line of intrusion detection defense and the ability to control damages that might be inflicted by unauthorized user accesses. Audit Central also ships with pre-defined rules so that the deployment of patterns can be performed swiftly and customization can be done easily.

Scalability And Cross-Platform Performance

Audit Central's store-and-forward architecture allows it to scale to suit your environment . from a few machines to several thousand. And, like other products in CA.s eTrust security suite, Audit Central hurdles the operating system and application server administration barrier to deliver a true cross-platform and cross-layer security event management solution.

Open Design With SNMP Traps And Submit API Function Calls

To support rapidly evolving technology, Audit Central has an open design that can accept event data submitted by other applications that are not natively supported by Audit Central. Applications can send standardized SNMP trap information to the Audit Central Router for future filtering and handling. Another option is the more powerful Submit API function calls, which transmit more detailed and customized information from the application to Audit Central. Audit Central can easily adapt to your organizational needs for event management and alert handling.

Audit Central has been renamed eTrust Audit and is now considered to be part of the eTrust suite of eBusiness security products. To learn more about eTrust Audit and its components and features, please visit our web site dedicated to eTrust by clicking on the button below.