SlideShare une entreprise Scribd logo

IT Security: Eliminating threats with effective network & log analysis

Télécharger en tant que PPTX, PDF
ManageEngine, Zoho Corporation
ManageEngine, Zoho Corporation

IT Security

Technologie
1  sur  24
IT Security: Eliminating threats with effective network & log analysis
About ManageEngine IT Security Management Network Performance Management Server Performance Management Application Performance Management Desktop Management Active Directory Management IT Helpdesk • Owned by Zoho Corporation • 90,000+ customers worldwide • 25+ IT management products
What is IT Security? • Deploying firewall & IDS • Adhering to compliance • Or more?
Various types of an attack DDoS Password DoS cracking IP Spoofing Sniffers Privilege misuse Man-in-the-middle Attacks
Why do security threats happen in-spite of deploying firewall & IDS?
Firewall & IDS provide basic security What they miss is to find out advanced attacks such as DDoS, zero-day intrusions, etc. Network Security System Input data Methodology Firewall Packet header • Access policy enforcement • Simple interaction patterns IDS Packet header & payload • Detailed signature matching • Simple interaction patterns
Large enterprises & data centers need EXTRA SECURITY to prevent advanced attacks
Hackers exploit vulnerable networks • BYOD & cloud computing make networks MORE VULNERABLE • PC world: 70% of attacks happen due to internal vulnerabilities
DDoS – Distributed Denial of Service • Flooding junk traffic • Coordinated stream of requests • Slows down network or app
DDoS – Distributed Denial of Service 77% targeted bandwidth & routing infrastructure 23% were application attacks
Misuse of privileges • Accessing critical resources • Should be identified in real-time
Highly impossible to identify such attacks with manual process • Attacks usually follow patterns • Starts as breach/intrusion • Develops into an attack • Breach/intrusion should be found in real-time
What is the need of the hour?
Advanced security protection Advanced Level Basic Level
Advanced security protection Network Security System Input data Methodology Firewall Packet header • Access policy enforcement • Simple interaction patterns IDS Packet header & payload • Detailed signature matching • Simple interaction patterns Log Monitoring System and application log files • Actions done on the device, file, and application Flow Monitoring Flow from network devices • Advanced interaction patterns & sessionization • Statistical analysis • Access & traffic policy monitoring
Automated tools come handy • Analyses flows from a security perspective • Monitor logs for suspicious activities
Monitoring flows provides visibility into the network • Flows provide information on traffic • Easy to identify unnecessary or suspicious traffic
Monitoring packet flows • Analyze packets exported • Identify anonymous IP sending requests • Identify scan/probe, DDoS, bad source • Change network configuration to block anonymous traffic
Logs help finding suspicious behavior • Logs record all activities done on devices (server) • Patterns can be identified from logs • Action can be taken
System & Application Log Monitoring • All applications & systems generate logs • Monitor such logs for suspicious print, error codes, etc.
Instant alerting • Advanced tools out-of-the-box check for patterns • Raise alert instantly • Customizable to every business needs
Security reports • Forensic analysis • Trend analysis • Compliance
Summary • Advanced Security Analysis is needed • Difficult with manual process • Need tools with automation
Thank you bharanikumar@manageengine.com

Recommandé

Largest Mobile Operator from Russia uses opmanager to manage 5000 devices
Largest Mobile Operator from Russia uses opmanager to manage 5000 devicesLargest Mobile Operator from Russia uses opmanager to manage 5000 devices
Largest Mobile Operator from Russia uses opmanager to manage 5000 devices
ManageEngine, Zoho Corporation
 
Gulf Chemicals & Metallurgy manages 1700 interfaces with OpManager
Gulf Chemicals & Metallurgy manages 1700 interfaces with OpManagerGulf Chemicals & Metallurgy manages 1700 interfaces with OpManager
Gulf Chemicals & Metallurgy manages 1700 interfaces with OpManager
ManageEngine, Zoho Corporation
 
US-based Paint Company uses OpManager to manage 1500 devices
US-based Paint Company uses OpManager to manage 1500 devicesUS-based Paint Company uses OpManager to manage 1500 devices
US-based Paint Company uses OpManager to manage 1500 devices
ManageEngine, Zoho Corporation
 
Case study: Leading legal services firm deploys Applications Manager across m...
Case study: Leading legal services firm deploys Applications Manager across m...Case study: Leading legal services firm deploys Applications Manager across m...
Case study: Leading legal services firm deploys Applications Manager across m...
ManageEngine, Zoho Corporation
 
Simplifying IT operations manament with OpManager
Simplifying IT operations manament with OpManagerSimplifying IT operations manament with OpManager
Simplifying IT operations manament with OpManager
ManageEngine, Zoho Corporation
 
Telecom provider germany ncm casestudy
Telecom provider germany ncm casestudyTelecom provider germany ncm casestudy
Telecom provider germany ncm casestudy
ManageEngine, Zoho Corporation
 
Global Airline giant's application performance monitoring solution!
Global Airline giant's application performance monitoring solution!Global Airline giant's application performance monitoring solution!
Global Airline giant's application performance monitoring solution!
ManageEngine, Zoho Corporation
 
5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...
ManageEngine, Zoho Corporation
 

Recommandé

Largest Mobile Operator from Russia uses opmanager to manage 5000 devices
Largest Mobile Operator from Russia uses opmanager to manage 5000 devicesLargest Mobile Operator from Russia uses opmanager to manage 5000 devices
Largest Mobile Operator from Russia uses opmanager to manage 5000 devices
ManageEngine, Zoho Corporation
 
Gulf Chemicals & Metallurgy manages 1700 interfaces with OpManager
Gulf Chemicals & Metallurgy manages 1700 interfaces with OpManagerGulf Chemicals & Metallurgy manages 1700 interfaces with OpManager
Gulf Chemicals & Metallurgy manages 1700 interfaces with OpManager
ManageEngine, Zoho Corporation
 
US-based Paint Company uses OpManager to manage 1500 devices
US-based Paint Company uses OpManager to manage 1500 devicesUS-based Paint Company uses OpManager to manage 1500 devices
US-based Paint Company uses OpManager to manage 1500 devices
ManageEngine, Zoho Corporation
 
Case study: Leading legal services firm deploys Applications Manager across m...
Case study: Leading legal services firm deploys Applications Manager across m...Case study: Leading legal services firm deploys Applications Manager across m...
Case study: Leading legal services firm deploys Applications Manager across m...
ManageEngine, Zoho Corporation
 
Simplifying IT operations manament with OpManager
Simplifying IT operations manament with OpManagerSimplifying IT operations manament with OpManager
Simplifying IT operations manament with OpManager
ManageEngine, Zoho Corporation
 
Telecom provider germany ncm casestudy
Telecom provider germany ncm casestudyTelecom provider germany ncm casestudy
Telecom provider germany ncm casestudy
ManageEngine, Zoho Corporation
 
Global Airline giant's application performance monitoring solution!
Global Airline giant's application performance monitoring solution!Global Airline giant's application performance monitoring solution!
Global Airline giant's application performance monitoring solution!
ManageEngine, Zoho Corporation
 
5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...
ManageEngine, Zoho Corporation
 
Retail conglomerate in Latin America monitors 8000+ app components with Appli...
Retail conglomerate in Latin America monitors 8000+ app components with Appli...Retail conglomerate in Latin America monitors 8000+ app components with Appli...
Retail conglomerate in Latin America monitors 8000+ app components with Appli...
ManageEngine, Zoho Corporation
 
Leading Indian IT Services Company uses OpManager
Leading Indian IT Services Company uses OpManagerLeading Indian IT Services Company uses OpManager
Leading Indian IT Services Company uses OpManager
ManageEngine, Zoho Corporation
 
Leading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerLeading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManager
ManageEngine, Zoho Corporation
 
Ease out the GDPR adoption with ManageEngine
Ease out the GDPR adoption with ManageEngineEase out the GDPR adoption with ManageEngine
Ease out the GDPR adoption with ManageEngine
ManageEngine
 
Why Configuration Management Matters
Why Configuration Management MattersWhy Configuration Management Matters
Why Configuration Management Matters
ManageEngine, Zoho Corporation
 
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow AnalyzerIT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
ManageEngine, Zoho Corporation
 
5 benefits of OpManager
5 benefits of OpManager5 benefits of OpManager
5 benefits of OpManager
ManageEngine, Zoho Corporation
 
Application-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerApplication-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManager
ManageEngine, Zoho Corporation
 
5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A Disaster5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A Disaster
ManageEngine, Zoho Corporation
 
Leading Telecom Service Provider in Australia Trusts OpManager
Leading Telecom Service Provider in Australia Trusts OpManagerLeading Telecom Service Provider in Australia Trusts OpManager
Leading Telecom Service Provider in Australia Trusts OpManager
ManageEngine, Zoho Corporation
 
World's Largest Space Research Organization Implements OpManager Plus
World's Largest Space Research Organization Implements OpManager PlusWorld's Largest Space Research Organization Implements OpManager Plus
World's Largest Space Research Organization Implements OpManager Plus
ManageEngine, Zoho Corporation
 
Network Traffic Analysis at a financial institution with 788 branches for 350...
Network Traffic Analysis at a financial institution with 788 branches for 350...Network Traffic Analysis at a financial institution with 788 branches for 350...
Network Traffic Analysis at a financial institution with 788 branches for 350...
ManageEngine, Zoho Corporation
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
ManageEngine, Zoho Corporation
 
IT Operations Management with OpManager
IT Operations Management with OpManagerIT Operations Management with OpManager
IT Operations Management with OpManager
ManageEngine, Zoho Corporation
 
Case study: Leading bank uses NetFlow Analyzer to solve mysteries on their ne...
Case study: Leading bank uses NetFlow Analyzer to solve mysteries on their ne...Case study: Leading bank uses NetFlow Analyzer to solve mysteries on their ne...
Case study: Leading bank uses NetFlow Analyzer to solve mysteries on their ne...
ManageEngine, Zoho Corporation
 
When Your App Hits The Highway - NetFlow Analyzer V10 Overview
When Your App Hits The Highway - NetFlow Analyzer V10 OverviewWhen Your App Hits The Highway - NetFlow Analyzer V10 Overview
When Your App Hits The Highway - NetFlow Analyzer V10 Overview
ManageEngine, Zoho Corporation
 
10 Tips to Guard Your Network during March Madness
10 Tips to Guard Your Network during March Madness10 Tips to Guard Your Network during March Madness
10 Tips to Guard Your Network during March Madness
ManageEngine, Zoho Corporation
 
5 ways you can benefit from OpManager Plus
5 ways you can benefit from OpManager Plus5 ways you can benefit from OpManager Plus
5 ways you can benefit from OpManager Plus
ManageEngine, Zoho Corporation
 
Top 5 IT challenges for 2017
Top 5 IT challenges for 2017Top 5 IT challenges for 2017
Top 5 IT challenges for 2017
ManageEngine, Zoho Corporation
 
OpStor - A multi vendor storage resource management and capacity forecasting ...
OpStor - A multi vendor storage resource management and capacity forecasting ...OpStor - A multi vendor storage resource management and capacity forecasting ...
OpStor - A multi vendor storage resource management and capacity forecasting ...
ME_OpStor
 
What's new in NetFlow Analyzer 12.2
What's new in NetFlow Analyzer 12.2What's new in NetFlow Analyzer 12.2
What's new in NetFlow Analyzer 12.2
ManageEngine, Zoho Corporation
 
NetFlow Analyzer
NetFlow AnalyzerNetFlow Analyzer
NetFlow Analyzer
ManageEngine, Zoho Corporation
 

Contenu connexe

Tendances

Tendances (20)

Retail conglomerate in Latin America monitors 8000+ app components with Appli...
Retail conglomerate in Latin America monitors 8000+ app components with Appli...Retail conglomerate in Latin America monitors 8000+ app components with Appli...
Retail conglomerate in Latin America monitors 8000+ app components with Appli...
 
Leading Indian IT Services Company uses OpManager
Leading Indian IT Services Company uses OpManagerLeading Indian IT Services Company uses OpManager
Leading Indian IT Services Company uses OpManager
 
Leading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerLeading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManager
 
Ease out the GDPR adoption with ManageEngine
Ease out the GDPR adoption with ManageEngineEase out the GDPR adoption with ManageEngine
Ease out the GDPR adoption with ManageEngine
 
Why Configuration Management Matters
Why Configuration Management MattersWhy Configuration Management Matters
Why Configuration Management Matters
 
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow AnalyzerIT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
 
5 benefits of OpManager
5 benefits of OpManager5 benefits of OpManager
5 benefits of OpManager
 
Application-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerApplication-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManager
 
5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A Disaster5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A Disaster
 
Leading Telecom Service Provider in Australia Trusts OpManager
Leading Telecom Service Provider in Australia Trusts OpManagerLeading Telecom Service Provider in Australia Trusts OpManager
Leading Telecom Service Provider in Australia Trusts OpManager
 
World's Largest Space Research Organization Implements OpManager Plus
World's Largest Space Research Organization Implements OpManager PlusWorld's Largest Space Research Organization Implements OpManager Plus
World's Largest Space Research Organization Implements OpManager Plus
 
Network Traffic Analysis at a financial institution with 788 branches for 350...
Network Traffic Analysis at a financial institution with 788 branches for 350...Network Traffic Analysis at a financial institution with 788 branches for 350...
Network Traffic Analysis at a financial institution with 788 branches for 350...
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
 
IT Operations Management with OpManager
IT Operations Management with OpManagerIT Operations Management with OpManager
IT Operations Management with OpManager
 
Case study: Leading bank uses NetFlow Analyzer to solve mysteries on their ne...
Case study: Leading bank uses NetFlow Analyzer to solve mysteries on their ne...Case study: Leading bank uses NetFlow Analyzer to solve mysteries on their ne...
Case study: Leading bank uses NetFlow Analyzer to solve mysteries on their ne...
 
When Your App Hits The Highway - NetFlow Analyzer V10 Overview
When Your App Hits The Highway - NetFlow Analyzer V10 OverviewWhen Your App Hits The Highway - NetFlow Analyzer V10 Overview
When Your App Hits The Highway - NetFlow Analyzer V10 Overview
 
10 Tips to Guard Your Network during March Madness
10 Tips to Guard Your Network during March Madness10 Tips to Guard Your Network during March Madness
10 Tips to Guard Your Network during March Madness
 
5 ways you can benefit from OpManager Plus
5 ways you can benefit from OpManager Plus5 ways you can benefit from OpManager Plus
5 ways you can benefit from OpManager Plus
 
Top 5 IT challenges for 2017
Top 5 IT challenges for 2017Top 5 IT challenges for 2017
Top 5 IT challenges for 2017
 
OpStor - A multi vendor storage resource management and capacity forecasting ...
OpStor - A multi vendor storage resource management and capacity forecasting ...OpStor - A multi vendor storage resource management and capacity forecasting ...
OpStor - A multi vendor storage resource management and capacity forecasting ...
 

En vedette

En vedette (11)

What's new in NetFlow Analyzer 12.2
What's new in NetFlow Analyzer 12.2What's new in NetFlow Analyzer 12.2
What's new in NetFlow Analyzer 12.2
 
NetFlow Analyzer
NetFlow AnalyzerNetFlow Analyzer
NetFlow Analyzer
 
Leading oil company in China manages 1500 devices with OpManager
Leading oil company in China manages 1500 devices with OpManagerLeading oil company in China manages 1500 devices with OpManager
Leading oil company in China manages 1500 devices with OpManager
 
US based Educational Institution manages 1500 devices using opmanager
US based Educational Institution manages 1500 devices using opmanagerUS based Educational Institution manages 1500 devices using opmanager
US based Educational Institution manages 1500 devices using opmanager
 
Firewall Analyzer v12 - OpManager Integration
Firewall Analyzer v12 - OpManager IntegrationFirewall Analyzer v12 - OpManager Integration
Firewall Analyzer v12 - OpManager Integration
 
Casino Entertainment Company from USA manages 3000 devices using OpManager
Casino Entertainment Company from USA manages 3000 devices using OpManagerCasino Entertainment Company from USA manages 3000 devices using OpManager
Casino Entertainment Company from USA manages 3000 devices using OpManager
 
Leading Healthcare in New Jersey trusts OpManager LEE
Leading Healthcare in New Jersey trusts OpManager LEELeading Healthcare in New Jersey trusts OpManager LEE
Leading Healthcare in New Jersey trusts OpManager LEE
 
US City Police Department replaces SCOM and Solarwinds with OpManager
US City Police Department replaces SCOM and Solarwinds with OpManagerUS City Police Department replaces SCOM and Solarwinds with OpManager
US City Police Department replaces SCOM and Solarwinds with OpManager
 
Virtual Firewall Management
Virtual Firewall ManagementVirtual Firewall Management
Virtual Firewall Management
 
Insurance Company in Michigan replaces Solarwinds Orion with ManageEngine OpM...
Insurance Company in Michigan replaces Solarwinds Orion with ManageEngine OpM...Insurance Company in Michigan replaces Solarwinds Orion with ManageEngine OpM...
Insurance Company in Michigan replaces Solarwinds Orion with ManageEngine OpM...
 
VMware monitoring must haves
VMware monitoring must havesVMware monitoring must haves
VMware monitoring must haves
 

Similaire à IT Security: Eliminating threats with effective network & log analysis

IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
Precisely
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
Rasmi Swain
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Schneider Electric
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
Desmond Devendran
 
Information Security
Information SecurityInformation Security
Information Security
Mohit8780
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Network Performance Channel GmbH
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to Know
Precisely
 

Similaire à IT Security: Eliminating threats with effective network & log analysis (20)

Subscribed 2015: Architecture, Security, Scalability
Subscribed 2015: Architecture, Security, ScalabilitySubscribed 2015: Architecture, Security, Scalability
Subscribed 2015: Architecture, Security, Scalability
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
 
Security and Control.ppt
Security and Control.pptSecurity and Control.ppt
Security and Control.ppt
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)
 
XG Firewall
XG FirewallXG Firewall
XG Firewall
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best Practices
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
 
Information Security
Information SecurityInformation Security
Information Security
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
 
Power Grid Communications & Control Systems
Power Grid Communications & Control SystemsPower Grid Communications & Control Systems
Power Grid Communications & Control Systems
 
ch03.pptx
ch03.pptxch03.pptx
ch03.pptx
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to Know
 

Plus de ManageEngine, Zoho Corporation

Plus de ManageEngine, Zoho Corporation (20)

Create seamless customer experiences
Create seamless customer experiencesCreate seamless customer experiences
Create seamless customer experiences
 
From web interface to database: Monitor what matters
From web interface to database: Monitor what mattersFrom web interface to database: Monitor what matters
From web interface to database: Monitor what matters
 
NetFlow Analyzer Free Training Series Part I - May 2020
NetFlow Analyzer Free Training Series Part I - May 2020NetFlow Analyzer Free Training Series Part I - May 2020
NetFlow Analyzer Free Training Series Part I - May 2020
 
Overcome real-time server and VM monitoring challenges
Overcome real-time server and VM monitoring challengesOvercome real-time server and VM monitoring challenges
Overcome real-time server and VM monitoring challenges
 
Modernizing Cloud and Hyperconverged Infrastructure monitoring
Modernizing Cloud and Hyperconverged Infrastructure monitoringModernizing Cloud and Hyperconverged Infrastructure monitoring
Modernizing Cloud and Hyperconverged Infrastructure monitoring
 
Deliver seamless digital experience
Deliver seamless digital experienceDeliver seamless digital experience
Deliver seamless digital experience
 
Free NetFlow Analyzer training Season 1 Part 2 - Feb 2020
Free NetFlow Analyzer training Season 1 Part 2 - Feb 2020Free NetFlow Analyzer training Season 1 Part 2 - Feb 2020
Free NetFlow Analyzer training Season 1 Part 2 - Feb 2020
 
From web interface to the database:Monitor all that matters
From web interface to the database:Monitor all that mattersFrom web interface to the database:Monitor all that matters
From web interface to the database:Monitor all that matters
 
NetFlow Analyzer Training Season 1 Part 1 - Feb 2020 - EST
NetFlow Analyzer Training Season 1 Part 1 - Feb 2020 - ESTNetFlow Analyzer Training Season 1 Part 1 - Feb 2020 - EST
NetFlow Analyzer Training Season 1 Part 1 - Feb 2020 - EST
 
NetFlow Analyzer Training Season 1 Part 1 - Feb 2020 - GMT
NetFlow Analyzer Training Season 1 Part 1 - Feb 2020 - GMTNetFlow Analyzer Training Season 1 Part 1 - Feb 2020 - GMT
NetFlow Analyzer Training Season 1 Part 1 - Feb 2020 - GMT
 
NetFlow Analyzer Product Overview
NetFlow Analyzer Product OverviewNetFlow Analyzer Product Overview
NetFlow Analyzer Product Overview
 
Monitoring cloud applications and hyperconverged infrastructure
Monitoring cloud applications and hyperconverged infrastructureMonitoring cloud applications and hyperconverged infrastructure
Monitoring cloud applications and hyperconverged infrastructure
 
Building the right website monitoring strategy
Building the right website monitoring strategyBuilding the right website monitoring strategy
Building the right website monitoring strategy
 
Unlock the value of your big data infrastructure
Unlock the value of your big data infrastructureUnlock the value of your big data infrastructure
Unlock the value of your big data infrastructure
 
Key to optimal end user experience
Key to optimal end user experienceKey to optimal end user experience
Key to optimal end user experience
 
Monitoring cloud applications and containers
Monitoring cloud applications and containersMonitoring cloud applications and containers
Monitoring cloud applications and containers
 
implementing the right website monitoring strategy
implementing the right website monitoring strategy implementing the right website monitoring strategy
implementing the right website monitoring strategy
 
Big data and non relational database
Big data and non relational databaseBig data and non relational database
Big data and non relational database
 
Visibility-from web application interface to the database
Visibility-from web application interface to the databaseVisibility-from web application interface to the database
Visibility-from web application interface to the database
 
Free OpManager training Part 4 - Monitoring Network Performance and Network Maps
Free OpManager training Part 4 - Monitoring Network Performance and Network MapsFree OpManager training Part 4 - Monitoring Network Performance and Network Maps
Free OpManager training Part 4 - Monitoring Network Performance and Network Maps
 

Dernier

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 

Dernier (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

IT Security: Eliminating threats with effective network & log analysis

  • 1. IT Security: Eliminating threats with effective network & log analysis
  • 2. About ManageEngine IT Security Management Network Performance Management Server Performance Management Application Performance Management Desktop Management Active Directory Management IT Helpdesk • Owned by Zoho Corporation • 90,000+ customers worldwide • 25+ IT management products
  • 3. What is IT Security? • Deploying firewall & IDS • Adhering to compliance • Or more?
  • 4. Various types of an attack DDoS Password DoS cracking IP Spoofing Sniffers Privilege misuse Man-in-the-middle Attacks
  • 5. Why do security threats happen in-spite of deploying firewall & IDS?
  • 6. Firewall & IDS provide basic security What they miss is to find out advanced attacks such as DDoS, zero-day intrusions, etc. Network Security System Input data Methodology Firewall Packet header • Access policy enforcement • Simple interaction patterns IDS Packet header & payload • Detailed signature matching • Simple interaction patterns
  • 7. Large enterprises & data centers need EXTRA SECURITY to prevent advanced attacks
  • 8. Hackers exploit vulnerable networks • BYOD & cloud computing make networks MORE VULNERABLE • PC world: 70% of attacks happen due to internal vulnerabilities
  • 9. DDoS – Distributed Denial of Service • Flooding junk traffic • Coordinated stream of requests • Slows down network or app
  • 10. DDoS – Distributed Denial of Service 77% targeted bandwidth & routing infrastructure 23% were application attacks
  • 11. Misuse of privileges • Accessing critical resources • Should be identified in real-time
  • 12. Highly impossible to identify such attacks with manual process • Attacks usually follow patterns • Starts as breach/intrusion • Develops into an attack • Breach/intrusion should be found in real-time
  • 13. What is the need of the hour?
  • 14. Advanced security protection Advanced Level Basic Level
  • 15. Advanced security protection Network Security System Input data Methodology Firewall Packet header • Access policy enforcement • Simple interaction patterns IDS Packet header & payload • Detailed signature matching • Simple interaction patterns Log Monitoring System and application log files • Actions done on the device, file, and application Flow Monitoring Flow from network devices • Advanced interaction patterns & sessionization • Statistical analysis • Access & traffic policy monitoring
  • 16. Automated tools come handy • Analyses flows from a security perspective • Monitor logs for suspicious activities
  • 17. Monitoring flows provides visibility into the network • Flows provide information on traffic • Easy to identify unnecessary or suspicious traffic
  • 18. Monitoring packet flows • Analyze packets exported • Identify anonymous IP sending requests • Identify scan/probe, DDoS, bad source • Change network configuration to block anonymous traffic
  • 19. Logs help finding suspicious behavior • Logs record all activities done on devices (server) • Patterns can be identified from logs • Action can be taken
  • 20. System & Application Log Monitoring • All applications & systems generate logs • Monitor such logs for suspicious print, error codes, etc.
  • 21. Instant alerting • Advanced tools out-of-the-box check for patterns • Raise alert instantly • Customizable to every business needs
  • 22. Security reports • Forensic analysis • Trend analysis • Compliance
  • 23. Summary • Advanced Security Analysis is needed • Difficult with manual process • Need tools with automation