Escolar Documentos
Profissional Documentos
Cultura Documentos
Secospace eLog
Secospace eLog
Product Overview
With the development of networks, security events continually Based on current ICT trends, customer surveys, and problem
occur on hosts, databases, and Web servers. These range collection and analysis, Huawei Symantec Technologies Co.,
from Trojans, worms, and SQL injections, to Web page or data Ltd. (hereinafter referred to as Huawei Symantec) has launched
tampering by staff. How can we detect these events? How can its high performance security auditing system.
we investigate them and collect evidence? The Secospace eLog is an intelligent log management and
The information age has arrived. As the information technology security auditing system providing excellent performance,
strengthens, application systems (service systems, operating reliability, security, and scalability. Its functions include: log
systems, databases, and Web servers), security devices (firewalls, collection, analysis, association, auditing, alarms, storage,
UTM, IPS, IDS, VPN, DPI, and AV), and network devices (routers, queries, and reports. It is applicable to the security devices,
switches, and access devices) expand. A comprehensive and network devices, operating systems, databases, and Web
unified log management system is essential to manage the servers of Huawei, Huawei Symantec and other major vendors,
logs of all devices ranging across the network, system, and including Cisco, Juniper, and Checkpoint.
application layers.
Product Features
Unified log management for various devices Effective user behavior monitoring, which
•• Huawei & Huawei Symantec security devices (firewalls, helps identify intranet user behaviors and
UTM, IPS, IDS, VPN, and DPI), BRAS devices, routers, and intrusions and attacks by extranet users
switches Through off-line deployment for monitoring devices, the
•• Security devices, routers, and switches of major vendors, Secospace eLog restores and audits for HTTP, FTP, Telnet,
for example, Cisco, Juniper, and Checkpoint and database operations in real time. By interworking with
•• Operating systems (Windows, Linux, and Unix), databases Huawei Symantec UTM devices, the Secospace eLog monitors
(SQL Server, Oracle, DB2, Sybase, and Informix), and Web applications such as AV software, blocking services, URL audits,
servers (IIS and Apache) email audits, instant messages, stocks, games, and P2P. It
effectively tracks the behaviors of network users, and monitors
auditing departments. generates alarm events. The administrator can monitor and
query alarms online and precisely identify threats.
Massive log storage capability, which meets Flexible deployment, which does not affect
log storage requirements the existing network
The Secospace eLog can connect to external disk arrays or The Secospace eLog provides centralized and distributed
cascading disk arrays to support massive log storage through deployment and supports flexible deployment based on
mature storage solutions. network architecture and customer requirements.
Product Specifications
The Secospace eLog consists of log servers, log collectors, consoles, and probes.
Firewall
UTM
IDS
IPS
VPN
Log Server
Router/BRAS
Log Collector
Switch
Operating console
Systems Web server
Databases
Log Collector
FTP/Telnet/HTTP
probe
Component Description
Audits event management, alarm management, report management, user management, and system
Log server management. Supported operating systems include Windows Server 2003 R2 Standard Edition SP2 and Windows
XP Professional SP2.
Performs log collection, classification, filtering, merging, alarms, and flow statistics. Supported operating systems
Log collector
include Windows Server 2003 R2 Standard Edition SP2 and Windows XP Professional SP2.
Through network flow mirroring, the probe restores HTTP, FTP, and Telnet operations, and restores, monitors, and
Probe
audits Oracle, Sybase, MS SQL Server, DB2, and Informix databases operations based on HTTP, FTP, and Telnet.
The console accesses the Secospace eLog through Microsoft Internet Explorer (6.x or above). The supported
Console
operating system is Windows XP Professional SP2.
Secospace eLog
Typical Deployment
The Secospace eLog is designed with distributed architecture and supports centralized and distributed deployment. Through
flexible deployment, the Secospace eLog meets customers' deployment requirements in different network environments.
Probe
Data Center
Log Collector
Data Center
Log Collector
Console
Log Server probe
Console
Probe Log Server
Log Collector
Secospace eLog
The information contained in this document is for reference purpose only, do not constitute the warranty of any kind, experss or implied. It is
subject to change or withdrawal according to specific customer requirements and conditions.
All the trademarks, pictures, and brands mentioned in this document are the property of Huawei Symantec Technologies Co., Ltd or their
respective holders.
Copyright ©2010 Huawei Symantec Technologies Co., Ltd. All rights reserved.