Latest news
GFI Launches GFI LANguard Security Event Log Monitor (S.E.L.M.) 3.0
Posted on 06 June 2002.
Enables a fast response to security breaches through centralized auditing of the Windows security event logs
London, UK, 5 June 2002 - GFI today announced the release of LANguard Security Event Log Monitor (S.E.L.M.) 3, a host-based intrusion detection system that monitors networks for security breaches. The product analyses the network security event logs and alerts administrators of key security events in real time, thereby permitting immediate action. GFI is offering a free starter pack of GFI LANguard S.E.L.M. 3 for 1 server and 5 workstations at http://www.gfi.com/lanselm.
Offers security administrators peace of mind
GFI LANguard S.E.L.M. scans the security event logs of all Windows NT/2000/XP machines on a network, consolidates them into a central log for fast analysis and provides detailed activity reports. It alerts administrators about critical security breaches in real time, enabling them to respond immediately to high security events such as network users attempting to access shares, resources and/or data they should not view.
"Firewalls and anti-virus software alone do not provide sufficient network protection because they do not detect internal security breaches and backdoors. This is why enterprises also require an effective intrusion detection system to monitor for internal security breaches," said Nick Galea, CEO of GFI. "By continually auditing all machines on the network and issuing real-time alerts on high security events, GFI LANguard S.E.L.M. offers administrators peace of mind."
Because it performs intrusion detection by scanning the event logs, GFI LANguard S.E.L.M. is not impaired by switches, IP traffic encryption or high-speed data transfer, as are traditional network-based intrusion detection products that operate by sniffing network traffic and analyzing attack patterns.
Reduces the administrative burden
With its ability to archive all security events in a centralized location, GFI LANguard S.E.LM. eliminates the need for administrators to spend hours examining individual event logs for each server or workstation. Pre-built event viewers show all events configured into security levels, categorizing events by event type (logon, policy changes, privileges, etc.), and providing filters that make it possible to drill down to specific users, computers, event types or other variables.
In addition, GFI LANguard S.E.L.M. provides extensive reporting and forensic analysis. For example, administrators can view logon and logoff times of all network users, see which machines are attacked most frequently, and identify users who are creating too many events such as failed logons or failed object access. With these reports, administrators can obtain important information about security activity on their network.
New features in GFI LANguard S.E.L.M. 3.0
The logs scanned by GFI LANguard S.E.L.M. 3 now include the application, system, DNS server, directory services and file replication services event logs, as well as the security event logs. GFI LANguard S.E.L.M. 3 also offers increased customization and flexibility, allowing administrators to choose which types of event logs are to be retrieved per machine and which event categories should be archived.
Other new features include:
* Ability to enable correct auditing policies on all target machines automatically;
* Refined event log filtering rules;
* Colour-coded records for improved filtering methods and instant recognition of which events are of critical, low, medium, high and unclassified importance;
* Support for three types of database back-ends - Microsoft Access, Microsoft MSDE, and Microsoft SQL Server.
Specifications, pricing and availability
GFI LANguard S.E.L.M. requires no agents or client software, has no impact on network traffic, and can be scaled to networks of thousands of servers and workstations. It is available from distributors around the world or online at the GFI site. Pricing starts at US$375 for a 2 server/10 workstation package. Administrators can check whether they need GFI LANguard S.E.L.M. at http://www.gfi.com/lanselm/whylanselm.htm. For more product information and to download the free starter pack, visit http://www.gfi.com/lanselm.
About GFI
GFI (www.gfi.com) is a leading provider of Windows- based security and messaging software. Key products include the GFI FAXmaker fax connector for Exchange and fax server for networks; GFI MailSecurity email content/exploit checking and anti-virus software; and the GFI LANguard family of network security products. Clients include Microsoft, Telstra, Time Warner Cable, Shell Oil Lubricants, NASA, DHL, Caterpillar, BMW, the US IRS, and the USAF. GFI has six offices in the US, UK, Germany, France, Australia and Malta, and has a worldwide network of distributors. GFI is a Microsoft Gold Certified Partner and has won the Microsoft Fusion 2000 (GEM) Packaged Application Partner of the Year award.
All product and company names herein may be trademarks of their respective owners.
London, UK, 5 June 2002 - GFI today announced the release of LANguard Security Event Log Monitor (S.E.L.M.) 3, a host-based intrusion detection system that monitors networks for security breaches. The product analyses the network security event logs and alerts administrators of key security events in real time, thereby permitting immediate action. GFI is offering a free starter pack of GFI LANguard S.E.L.M. 3 for 1 server and 5 workstations at http://www.gfi.com/lanselm.
Offers security administrators peace of mind
GFI LANguard S.E.L.M. scans the security event logs of all Windows NT/2000/XP machines on a network, consolidates them into a central log for fast analysis and provides detailed activity reports. It alerts administrators about critical security breaches in real time, enabling them to respond immediately to high security events such as network users attempting to access shares, resources and/or data they should not view.
"Firewalls and anti-virus software alone do not provide sufficient network protection because they do not detect internal security breaches and backdoors. This is why enterprises also require an effective intrusion detection system to monitor for internal security breaches," said Nick Galea, CEO of GFI. "By continually auditing all machines on the network and issuing real-time alerts on high security events, GFI LANguard S.E.L.M. offers administrators peace of mind."
Because it performs intrusion detection by scanning the event logs, GFI LANguard S.E.L.M. is not impaired by switches, IP traffic encryption or high-speed data transfer, as are traditional network-based intrusion detection products that operate by sniffing network traffic and analyzing attack patterns.
Reduces the administrative burden
With its ability to archive all security events in a centralized location, GFI LANguard S.E.LM. eliminates the need for administrators to spend hours examining individual event logs for each server or workstation. Pre-built event viewers show all events configured into security levels, categorizing events by event type (logon, policy changes, privileges, etc.), and providing filters that make it possible to drill down to specific users, computers, event types or other variables.
In addition, GFI LANguard S.E.L.M. provides extensive reporting and forensic analysis. For example, administrators can view logon and logoff times of all network users, see which machines are attacked most frequently, and identify users who are creating too many events such as failed logons or failed object access. With these reports, administrators can obtain important information about security activity on their network.
New features in GFI LANguard S.E.L.M. 3.0
The logs scanned by GFI LANguard S.E.L.M. 3 now include the application, system, DNS server, directory services and file replication services event logs, as well as the security event logs. GFI LANguard S.E.L.M. 3 also offers increased customization and flexibility, allowing administrators to choose which types of event logs are to be retrieved per machine and which event categories should be archived.
Other new features include:
* Ability to enable correct auditing policies on all target machines automatically;
* Refined event log filtering rules;
* Colour-coded records for improved filtering methods and instant recognition of which events are of critical, low, medium, high and unclassified importance;
* Support for three types of database back-ends - Microsoft Access, Microsoft MSDE, and Microsoft SQL Server.
Specifications, pricing and availability
GFI LANguard S.E.L.M. requires no agents or client software, has no impact on network traffic, and can be scaled to networks of thousands of servers and workstations. It is available from distributors around the world or online at the GFI site. Pricing starts at US$375 for a 2 server/10 workstation package. Administrators can check whether they need GFI LANguard S.E.L.M. at http://www.gfi.com/lanselm/whylanselm.htm. For more product information and to download the free starter pack, visit http://www.gfi.com/lanselm.
About GFI
GFI (www.gfi.com) is a leading provider of Windows- based security and messaging software. Key products include the GFI FAXmaker fax connector for Exchange and fax server for networks; GFI MailSecurity email content/exploit checking and anti-virus software; and the GFI LANguard family of network security products. Clients include Microsoft, Telstra, Time Warner Cable, Shell Oil Lubricants, NASA, DHL, Caterpillar, BMW, the US IRS, and the USAF. GFI has six offices in the US, UK, Germany, France, Australia and Malta, and has a worldwide network of distributors. GFI is a Microsoft Gold Certified Partner and has won the Microsoft Fusion 2000 (GEM) Packaged Application Partner of the Year award.
All product and company names herein may be trademarks of their respective owners.
Spotlight
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Hacking charge stations for electric cars
Posted on 15 May 2013. | Ofer Shezaf talks about what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
